Class DefaultWebSecurityExpressionHandler
java.lang.Object
org.springframework.security.access.expression.AbstractSecurityExpressionHandler<FilterInvocation>
org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
- All Implemented Interfaces:
org.springframework.aop.framework.AopInfrastructureBean
,org.springframework.beans.factory.Aware
,org.springframework.context.ApplicationContextAware
,SecurityExpressionHandler<FilterInvocation>
public class DefaultWebSecurityExpressionHandler
extends AbstractSecurityExpressionHandler<FilterInvocation>
implements SecurityExpressionHandler<FilterInvocation>
- Since:
- 3.0
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected SecurityExpressionOperations
createSecurityExpressionRoot
(@Nullable Authentication authentication, FilterInvocation fi) Implement in order to create a root object of the correct type for the supported invocation type.void
setDefaultRolePrefix
(@Nullable String defaultRolePrefix) Deprecated.void
setTrustResolver
(AuthenticationTrustResolver trustResolver) Deprecated.Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
createEvaluationContext, createEvaluationContextInternal, getAuthorizationManagerFactory, getBeanResolver, getDefaultAuthorizationManagerFactory, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setAuthorizationManagerFactory, setExpressionParser, setPermissionEvaluator, setRoleHierarchy
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler
createEvaluationContext, createEvaluationContext, getExpressionParser
-
Constructor Details
-
DefaultWebSecurityExpressionHandler
public DefaultWebSecurityExpressionHandler()
-
-
Method Details
-
createSecurityExpressionRoot
protected SecurityExpressionOperations createSecurityExpressionRoot(@Nullable Authentication authentication, FilterInvocation fi) Description copied from class:AbstractSecurityExpressionHandler
Implement in order to create a root object of the correct type for the supported invocation type.- Specified by:
createSecurityExpressionRoot
in classAbstractSecurityExpressionHandler<FilterInvocation>
- Parameters:
authentication
- the current authentication objectfi
- the invocation (filter, method, channel)- Returns:
- the object
-
setTrustResolver
Deprecated.Sets theAuthenticationTrustResolver
to be used. The default isAuthenticationTrustResolverImpl
.- Parameters:
trustResolver
- theAuthenticationTrustResolver
to use. Cannot be null.
-
setDefaultRolePrefix
Deprecated.Sets the default prefix to be added to
SecurityExpressionRoot.hasAnyRole(String...)
orSecurityExpressionRoot.hasRole(String)
. For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN") is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is "ROLE_" (default).If null or empty, then no default role prefix is used.
- Parameters:
defaultRolePrefix
- the default prefix to add to roles. Default "ROLE_".
-
AbstractSecurityExpressionHandler.setAuthorizationManagerFactory(AuthorizationManagerFactory)
instead