Spring MVC Role and Permission to Admin

Question

I am new in spring mvc , In my existing project , there is one admin and they have rights to update data , but now i need to create 2 new admin , admin1 and admin2 that can

Answer 1

You need of course two roles. - Then you can either - check for Role Admin1 or Admin2 or Admin1 every where. - But a better approach is already mentioned by you: seperate roles and Privileges: Assign roles to users and privileges to roles, so a User gets its privileges via his roles. Now you just need to check the privleges to allow access to an function.

Spring has already an build in 14.4 Hierarchical Roles concept, but I feel that it is clumsy because it requires that every Voter needs to understand it. So I implemented my own solution, that is very simple and is based only on Spring-Security-Roles. So one need only to change the Role Provider but nothing more.