OAuth2WebSecurityExpressionHandler (OAuth for Spring Security 2.4.0.BUILD-SNAPSHOT API)

java.lang.Object
- org.springframework.security.access.expression.AbstractSecurityExpressionHandler<org.springframework.security.web.FilterInvocation>
- - org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
  - - org.springframework.security.oauth2.provider.expression.OAuth2WebSecurityExpressionHandler

All Implemented Interfaces:

AopInfrastructureBean, Aware, ApplicationContextAware, org.springframework.security.access.expression.SecurityExpressionHandler<org.springframework.security.web.FilterInvocation>
```
public class OAuth2WebSecurityExpressionHandler
extends org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
```
A security expression handler that can handle default web security expressions plus the set provided by OAuth2SecurityExpressionMethods using the variable oauth2 to access the methods. For example, the expression #oauth2.clientHasRole('ROLE_ADMIN') would invoke OAuth2SecurityExpressionMethods.clientHasRole(java.lang.String).

By default the OAuth2ExpressionParser is used. If this is undesirable one can inject their own ExpressionParser using AbstractSecurityExpressionHandler.setExpressionParser(ExpressionParser).

Author:

Dave Syer, Rob Winch

See Also:
OAuth2ExpressionParser

Constructor Summary

Constructors
Constructor and Description

OAuth2WebSecurityExpressionHandler()

Constructors
Constructor and Description
`OAuth2WebSecurityExpressionHandler()`

Method Summary

Methods
Modifier and Type	Method and Description
`protected org.springframework.expression.spel.support.StandardEvaluationContext`	`createEvaluationContextInternal(org.springframework.security.core.Authentication authentication, org.springframework.security.web.FilterInvocation invocation)`

Methods inherited from class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
createSecurityExpressionRoot, setDefaultRolePrefix, setTrustResolver

Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
createEvaluationContext, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler
createEvaluationContext, getExpressionParser

Constructor Detail
- OAuth2WebSecurityExpressionHandler
```
public OAuth2WebSecurityExpressionHandler()
```

Method Detail

createEvaluationContextInternal

protected org.springframework.expression.spel.support.StandardEvaluationContext createEvaluationContextInternal(org.springframework.security.core.Authentication authentication,
                                                                                                    org.springframework.security.web.FilterInvocation invocation)

Overrides:: createEvaluationContextInternal in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler<org.springframework.security.web.FilterInvocation>

Class OAuth2WebSecurityExpressionHandler

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler

Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler

Methods inherited from class java.lang.Object

Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler

Constructor Detail

OAuth2WebSecurityExpressionHandler

Method Detail

createEvaluationContextInternal