This would provide the same externalization benefit for @RolesAllowed as @Secured. It would also simplify configuring a RoleHierarchy for @RolesAllowed.
@PermitAll and @DenyAll will require different treatment since they do not imply any individual authorities and would thus not invoke AuthoritiesAuthorizationManager.
Comment From: kandaguru17
Can I work on this one? @jzheaux I may have a PR for this one