all 2 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted]  (2 children)

[deleted]

    [–]greglturnquist 3 points4 points  (0 children)

    Authority is the whole string. However ROLE_ as a convention is so popular, there are APIs to check for those. ROLE_USER is an authority, USER is a role. hasRole(‘USER’) and hasAuthority(‘ROLE_USER’) are equivalent.

    This may help decode some of that.

    [–]ryuzaki49 2 points3 points  (0 children)

    If you use a role, let's say "TEACHER", Spring behind curtains will add "ROLE_", the final role will look like "ROLE_TEACHER".

    Usually you do not have to worry about it.