Implementations comparison for the authorization checks:
| Implementation | The roles can be checked at a method level |
|---|---|
| spring-webmvc-pac4j |  using the @RequireAnyRole and @RequireAllRoles annotations |
| spring-webflux-pac4j |  |
| jee-pac4j | |
| buji-pac4j | when using Spring and the @RequiresRoles annotation |
| spring-security-pac4j | using the @Secure and @PreAuthorize annotations |
| play-pac4j | using the @Secure annotation or the Security trait |
| vertx-pac4j | |
| spark-pac4j | |
| javalin-pac4j | |
| ratpack-pac4j | |
| pippo-pac4j | |
| undertow-pac4j | |
| CAS | |
| jax-rs-pac4j | using SecurityContext.isUserInRole() method |
| dropwizard-pac4j | using SecurityContext.isUserInRole() method |
| lagom-pac4j | using authorize() service composition methods |
| http4s-pac4j | |
| Knox | No method-level authorization (via j2e-pac4j) |
| jooby-pac4j2 | using Pac4jAuthorizer filter |