also, single method can be secured by adding and in source code: public interface AdminService { @Secured("ROLE_ADMIN") public Account editAccount(Account account); } for more complex cases: to check hashed passwords: