I config Spring Security in my web application by this example: http://www.baeldung.com/role-and-privilege-for-spring-security-registration and this http://www.baeldung.com/spring-security-create-new-custom-security-expression!
I have some questions:
What aproach to use: "User > Group > Roles > Permissions" || "User > Roles > Permissions"?
What is the best practices rules for implements RBAC in Spring Security?
