I'm certain that your "insufficient privileges" example can be done with Spring AOP, because that's how Spring Security works. You can do some very sophisticated things with around advice and AspectJ.
You can look at using AspectJ for doing this, as it will match on annotations. You can then use an around aspect to decide if the user meets the requirements to use this method.
Spring allows you to use AspectJ, and I would suggest that if possible you not do this at run-time, but at compile-time, as there is no reason to pay the price for using this aspect whenever you start the application. But, if you must do it at run-time then that is doable, to me I try to use compile-time as much as possible.
You may want to look at AspectJ In Action (http://www.manning.com/laddad2/) but here is an example from there: Signature pattern:
* *(@RequestParam
(@Sensitive *))
Description
*Any method with one parameter marked with the @RequestParam annotations and the parameter’s type is marked with the @Sensitive annotation.*
Example
void create(@RequestParam
MedicalRecord mr), assuming
MedicalRecord carries the
@Sensitive annotation.