I'm trying to implement a check of User's role in the controller, so when User is calling a particular web adress he gets access to the page (or not).
So I put @PreAuthorize("hasPermission...) in one of my controller's (URL GET) method and created my custom *PermissionEvaluator*.
It takes a two strings as a parameters (entity name -
String, permission name - String), which I'll later take from User's role object.
For the
testing purposes now it always returns "true".
The problem: I always get a NullPointerException when placing @PreAuthorize. The text inside CustomPermissionEvaluator is not even called.
Could you please explain what am I doing wrong?
Controller
Permission evaluator
GlobalMethodSecurityConfiguration
Error stack