Securing controller method with @RolesAllowed and @PreAuthorize

Question

I\'ve been banging my head over this one for a while now. I\'ve done everything I could in order to find an appropriate solution and followed a lot of Stackoverflow examples

Answer 1

Two things I noticed (as mentioned on this thread):

1. prePostEnabled in the annotation to enable Pre/Post annotations
2. use of CGLib proxies (Serge mentioned this too)

Does your @EnableGlobalMethodSecurity have those two attributes?

@EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true)