This class defines a role hierarchy for use with the UserDetailsServiceWrapper.
Here is an example configuration of a role hierarchy (hint: read the ">" sign as
ROLE_A > ROLE_B
ROLE_B > ROLE_AUTHENTICATED
ROLE_AUTHENTICATED > ROLE_UNAUTHENTICATED
Explanation of the above:
In effect every user with ROLE_A also has ROLE_B, ROLE_AUTHENTICATED and
every user with ROLE_B also has ROLE_AUTHENTICATED and ROLE_UNAUTHENTICATED;
every user with ROLE_AUTHENTICATED also has ROLE_UNAUTHENTICATED.
Hierarchical Roles will dramatically shorten your access rules (and also make the
access rules much more elegant).
Consider this access rule for Spring Security's RoleVoter (background: every user that
is authenticated should be able to log out):
With hierarchical roles this can now be shortened to:
In addition to shorter rules this will also make your access rules more readable and
your intentions clearer.