I am securing my REST API using spring security where I am trying to secure a Controller using method level annotations. I am using @PreAuthorize("isAuthenticated()") to make sure that the user is Authenticated to access that particular Controller method.
But this is not working, even I am having prePostEnabled = true configuration. I am getting 200 response status, even though I am not providing the auth details.
Earling I was using URL level authorisation, and everything was working fine.