Class WebSecurityExpressionRoot
java.lang.Object
org.springframework.security.access.expression.SecurityExpressionRoot<RequestAuthorizationContext>
org.springframework.security.web.access.expression.WebSecurityExpressionRoot
- All Implemented Interfaces:
SecurityExpressionOperations
- Since:
- 3.0
-
Field Summary
FieldsModifier and TypeFieldDescriptionfinal jakarta.servlet.http.HttpServletRequest
Allows direct access to the request object -
Constructor Summary
ConstructorsConstructorDescriptionWebSecurityExpressionRoot
(@Nullable Authentication a, FilterInvocation fi) Deprecated.WebSecurityExpressionRoot
(Supplier<? extends @Nullable Authentication> authentication, jakarta.servlet.http.HttpServletRequest request) Deprecated.WebSecurityExpressionRoot
(Supplier<? extends @Nullable Authentication> authentication, RequestAuthorizationContext context) -
Method Summary
Modifier and TypeMethodDescriptionboolean
hasIpAddress
(String ipAddress) Takes a specific IP address or a range using the IP/Netmask (e.g.Methods inherited from class org.springframework.security.access.expression.SecurityExpressionRoot
denyAll, getAuthentication, getPrincipal, hasAllAuthorities, hasAllRoles, hasAnyAuthority, hasAnyRole, hasAuthority, hasPermission, hasPermission, hasRole, isAnonymous, isAuthenticated, isFullyAuthenticated, isRememberMe, permitAll, setAuthorizationManagerFactory, setDefaultRolePrefix, setPermissionEvaluator, setRoleHierarchy, setTrustResolver
-
Field Details
-
request
public final jakarta.servlet.http.HttpServletRequest requestAllows direct access to the request object
-
-
Constructor Details
-
WebSecurityExpressionRoot
@Deprecated(since="7.0") public WebSecurityExpressionRoot(@Nullable Authentication a, FilterInvocation fi) Deprecated. -
WebSecurityExpressionRoot
@Deprecated(since="7.0") public WebSecurityExpressionRoot(Supplier<? extends @Nullable Authentication> authentication, jakarta.servlet.http.HttpServletRequest request) Deprecated.- Parameters:
authentication
- theSupplier
of theAuthentication
to userequest
- theHttpServletRequest
to use- Since:
- 5.8
-
WebSecurityExpressionRoot
public WebSecurityExpressionRoot(Supplier<? extends @Nullable Authentication> authentication, RequestAuthorizationContext context) - Parameters:
authentication
- theSupplier
of theAuthentication
to usecontext
- theRequestAuthorizationContext
to use- Since:
- 7.0
-
-
Method Details
-
hasIpAddress
Takes a specific IP address or a range using the IP/Netmask (e.g. 192.168.1.0/24 or 202.24.0.0/14).- Parameters:
ipAddress
- the address or range of addresses from which the request must come.- Returns:
- true if the IP address of the current request is in the required range.
-
WebSecurityExpressionRoot(Supplier, RequestAuthorizationContext)
instead