org.springframework.security.oauth2.provider.expression

Class OAuth2MethodSecurityExpressionHandler

java.lang.Object

org.springframework.security.access.expression.AbstractSecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>

org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler

org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler

All Implemented Interfaces:

AopInfrastructureBean, Aware, ApplicationContextAware, org.springframework.security.access.expression.method.MethodSecurityExpressionHandler, org.springframework.security.access.expression.SecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>

public class OAuth2MethodSecurityExpressionHandler
extends org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler

A security expression handler that can handle default method security expressions plus the set provided by OAuth2SecurityExpressionMethods using the variable oauth2 to access the methods. For example, the expression #oauth2.clientHasRole('ROLE_ADMIN') would invoke OAuth2SecurityExpressionMethods.clientHasRole(java.lang.String)

By default the OAuth2ExpressionParser is used. If this is undesirable one can inject their own ExpressionParser using AbstractSecurityExpressionHandler.setExpressionParser(ExpressionParser).

Author:

Dave Syer, Rob Winch

See Also:

OAuth2ExpressionParser

Field Summary

Fields inherited from class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler

logger

Constructor Summary

Constructors

Constructor and Description
OAuth2MethodSecurityExpressionHandler()

Method Summary

Methods

Modifier and Type	Method and Description
org.springframework.expression.spel.support.StandardEvaluationContext	createEvaluationContextInternal(org.springframework.security.core.Authentication authentication, org.aopalliance.intercept.MethodInvocation mi)

Methods inherited from class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler

createSecurityExpressionRoot, filter, getDefaultRolePrefix, getParameterNameDiscoverer, getTrustResolver, setDefaultRolePrefix, setParameterNameDiscoverer, setPermissionCacheOptimizer, setReturnObject, setTrustResolver

Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler

createEvaluationContext, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler

createEvaluationContext, getExpressionParser

Constructor Detail

OAuth2MethodSecurityExpressionHandler

public OAuth2MethodSecurityExpressionHandler()

Method Detail

createEvaluationContextInternal

public org.springframework.expression.spel.support.StandardEvaluationContext createEvaluationContextInternal(org.springframework.security.core.Authentication authentication,
                                                                                                    org.aopalliance.intercept.MethodInvocation mi)

Overrides:

createEvaluationContextInternal in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler