Spring Security Framework

Interface EffectiveAclsResolver

All Known Implementing Classes:

Deprecated. Use new spring-security-acl module instead

public interface EffectiveAclsResolver

Determines the ACLs that are effective for a given Authentication object.

Implementations will vary depending on their ability to interpret the "recipient" object types contained in BasicAclEntry instances, and how those recipient object types correspond to Authentication-presented principals and granted authorities.

Implementations should not filter the resulting ACL list from lower-order permissions. So if a resulting ACL list grants a "read" permission, an "unlimited" permission and a "zero" permission (due to the effective ACLs for different granted authorities held by the Authentication object), all three permissions would be returned as distinct BasicAclEntry instances. It is the responsibility of the relying classes (voters and business methods) to ignore or handle lower-order permissions in a business logic dependent manner.

Ben Alex

Method Summary
 AclEntry[] resolveEffectiveAcls(AclEntry[] allAcls, Authentication filteredBy)
          Deprecated. Determines the ACLs that apply to the presented Authentication object.

Method Detail


AclEntry[] resolveEffectiveAcls(AclEntry[] allAcls,
                                Authentication filteredBy)
Determines the ACLs that apply to the presented Authentication object.

allAcls - every ACL assigned to a domain object instance
filteredBy - the principal (populated with GrantedAuthoritys along with any other members that relate to role or group membership) that effective ACLs should be returned for
the ACLs that apply to the presented principal, or null if there are none after filtering

Spring Security Framework

Copyright © 2004-2010 SpringSource, Inc. All Rights Reserved.