Package org.springframework.security.authorization

Interface ReactiveAuthorizationManager<T>

Type Parameters:
T - the type of object that the authorization check is being done on.
All Known Implementing Classes:
AuthenticatedReactiveAuthorizationManager, AuthorityReactiveAuthorizationManager, DelegatingReactiveAuthorizationManager, IpAddressReactiveAuthorizationManager, ObservationReactiveAuthorizationManager, PayloadExchangeMatcherReactiveAuthorizationManager, PostAuthorizeReactiveAuthorizationManager, PreAuthorizeReactiveAuthorizationManager
public interface ReactiveAuthorizationManager<T>
A reactive authorization manager which can determine if an Authentication has access to a specific object.
Since:
5.0

  • Method Summary

    Modifier and Type
    Method
    Description
    default reactor.core.publisher.Mono<AuthorizationResult>
    authorize(reactor.core.publisher.Mono<Authentication> authentication, T object)
    Determines if access is granted for a specific authentication and object.
    reactor.core.publisher.Mono<AuthorizationDecision>
    check(reactor.core.publisher.Mono<Authentication> authentication, T object)
    Deprecated.
    please use authorize(Mono, Object) instead
    default reactor.core.publisher.Mono<Void>
    verify(reactor.core.publisher.Mono<Authentication> authentication, T object)
    Determines if access should be granted for a specific authentication and object

  • Method Details

    • check

      @Deprecated reactor.core.publisher.Mono<AuthorizationDecision> check(reactor.core.publisher.Mono<Authentication> authentication, T object)
      Deprecated.
      please use authorize(Mono, Object) instead
      Determines if access is granted for a specific authentication and object.
      Parameters:
      authentication - the Authentication to check
      object - the object to check
      Returns:
      an decision or empty Mono if no decision could be made.

    • verify

      default reactor.core.publisher.Mono<Void> verify(reactor.core.publisher.Mono<Authentication> authentication, T object)
      Determines if access should be granted for a specific authentication and object
      Parameters:
      authentication - the Authentication to check
      object - the object to check
      Returns:
      an empty Mono if authorization is granted or a Mono error if access is denied

    • authorize

      default reactor.core.publisher.Mono<AuthorizationResult> authorize(reactor.core.publisher.Mono<Authentication> authentication, T object)
      Determines if access is granted for a specific authentication and object.
      Parameters:
      authentication - the Authentication to authorize
      object - the object to check
      Returns:
      an decision or empty Mono if no decision could be made.
      Since:
      6.4