The method annotated by the @Secured annotation signifies that only the users and roles specified by the annotation can invoke the method; otherwise, AccessDeniedException will be thrown. Observe the defined method which enables the invocation of the method with the credentials of role as Admin and User:
@Secured({"ROLE_ADMIN","ROLE_USER"}) public String message() { //code goes here }
The @Secured annotation doesn't support Spring EL expressions.