Authentication and Authorization is an integral part of any Java enterprise or web application. Since most of the company uses LDAP Active directory for authentication, authorization, and Role-based access control (RBAC), it's good to know How to implement Role-based access control using Spring MVC and Spring Security. This is the second part of my articles on using Spring Security for authentication and authorization in Spring MVC based Java application. In the last part, we have learned about doing LDAP authentication against Windows active directory, and in this Spring Security tutorial, we will learn How to map LDAP groups to authorities for implementing Role-based access control or authorization.