Annotated Support for Securing Return Values

[rwinch]

It would be nice if we provided annotated support for securing returned values. For example:

@Service
class FooService {
  @AuthorizeReturnObject // @ApplyMethodSecurity (does not mention return value)
  public Foo foo() {
    return new Foo(); // we use new and we are using proxy based AOP but this is still secured!
  }
}

class Foo {
  @DenyAll
  String bar() {
    return "bar";
  }
}

@Autowired FooService fooService;
fooService.foo().bar(); // denied!