What are roles and why do we need them?

What are roles and why do we need them?

When an application is created, it has multiple parts, and all the users cannot be allowed to access the entire application. Thus, the requirement arises to provide restricted access to different users on different parts of the application. In other words, we need rules custom-made for various users. This use case is solved using “user roles and privileges.”

For example:

  • A user with the “admin role” has full permission to perform any action.
  • A user with permission to read can only view information and won’t see any other option.
  • Users with permission to edit/write can only see options to update/ create products.

Spring Security roles and permissions

Spring security makes it easier to build these rules using its roles and privileges feature. The role represents a high-level role in the system (e.g., ADMIN, MANAGER, etc.). Each position can have low-level privileges. And, the privileges define the low-level authority for a Role (e.g., ADMIN can read/write/delete, but MANAGER can only read/edit). During registration or creation of the account, these roles and privileges can be assigned to the users.

Spring Security free online courses

There are multiple ways to design the spring security roles and permissions, and you can learn them online, at your own pace and comfort, without even spending money. Check out the courses on knowledge2life right now!