public class MethodInvocationPrivilegeEvaluator extends Object implements InitializingBean
Of course, if an
AfterInvocationManager is used to
authorize the result of a method invocation, this class cannot assist
determine whether or not the AfterInvocationManager will enable access.
Instead this class aims to allow applications to determine whether or not the current
principal would be allowed to at least attempt to invoke the method, irrespective of
the "after" invocation handling.
| Modifier and Type | Field and Description |
|---|---|
protected static org.apache.commons.logging.Log |
logger |
| Constructor and Description |
|---|
MethodInvocationPrivilegeEvaluator() |
| Modifier and Type | Method and Description |
|---|---|
void |
afterPropertiesSet() |
boolean |
isAllowed(org.aopalliance.intercept.MethodInvocation mi,
Authentication authentication) |
void |
setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor) |
public void afterPropertiesSet()
throws Exception
afterPropertiesSet in interface InitializingBeanExceptionpublic boolean isAllowed(org.aopalliance.intercept.MethodInvocation mi,
Authentication authentication)
public void setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor)