Class OAuth2MethodSecurityExpressionHandler

  extended by<org.aopalliance.intercept.MethodInvocation>
      extended by
          extended by
All Implemented Interfaces:
AopInfrastructureBean, Aware, ApplicationContextAware,,<org.aopalliance.intercept.MethodInvocation>

public class OAuth2MethodSecurityExpressionHandler

A security expression handler that can handle default method security expressions plus the set provided by OAuth2SecurityExpressionMethods using the variable oauth2 to access the methods. For example, the expression #oauth2.clientHasRole('ROLE_ADMIN') would invoke OAuth2SecurityExpressionMethods.clientHasRole(java.lang.String)

Dave Syer, Rob Winch

Field Summary
Fields inherited from class
Constructor Summary
Method Summary createEvaluationContextInternal( authentication, org.aopalliance.intercept.MethodInvocation mi)
 void setThrowExceptionOnInvalidScope(boolean throwException)
          Flag to determine the behaviour on access denied if the reason is .
Methods inherited from class
createSecurityExpressionRoot, filter, setParameterNameDiscoverer, setPermissionCacheOptimizer, setReturnObject
Methods inherited from class
createEvaluationContext, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface
createEvaluationContext, getExpressionParser

Constructor Detail


public OAuth2MethodSecurityExpressionHandler()
Method Detail


public void setThrowExceptionOnInvalidScope(boolean throwException)
Flag to determine the behaviour on access denied if the reason is . If set then we throw an InvalidScopeException instead of returning true. This is unconventional for an access decision because it vetos the other voters in the chain, but it enables us to pass a message to the caller with information about the required scope.

throwException - the flag to set (default true)


public createEvaluationContextInternal( authentication,
                                                                                                             org.aopalliance.intercept.MethodInvocation mi)
createEvaluationContextInternal in class

Copyright © 2012. All Rights Reserved.