Spring security annotations with EL -- requires debug information compiled in?

Posted by HDave on Stack Overflow See other posts from Stack Overflow or by HDave
Published on 2010-05-25T14:37:32Z Indexed on 2010/05/25 14:41 UTC
Read the original article Hit count: 486

Filed under:
|
|
|

I am considering using Spring Security annotations for my application, with the EL (expression language) feature. For example:

@PreAuthorize("hasPermission(#contact, 'admin')")
public void deletePermission(Contact contact, Sid recipient, Permission permission);

I need the EL capability because I have built my own ACL implementation. However, to use this capability with the "#contact" type arguments, the Spring documentation says this:

You can access any of the method arguments by name as expression variables, provided your code has debug information compiled in.

This begs two questions:

  1. It is acceptable to have a production application commercially distributed with debug info in it?
  2. If not, is there any way around this?

Thanks for any guidance on this!

© Stack Overflow or respective owner

Related posts about security

Related posts about spring