Class AuthoritiesAuthorizationManager
java.lang.Object
org.springframework.security.authorization.AuthoritiesAuthorizationManager
- All Implemented Interfaces:
AuthorizationManager<Collection<String>>
public final class AuthoritiesAuthorizationManager
extends Object
implements AuthorizationManager<Collection<String>>
An
AuthorizationManager
that determines if the current user is authorized by
evaluating if the Authentication
contains any of the specified authorities.- Since:
- 6.1
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptioncheck
(Supplier<Authentication> authentication, Collection<String> authorities) Determines if the current user is authorized by evaluating if theAuthentication
contains any of specified authorities.void
setRoleHierarchy
(RoleHierarchy roleHierarchy) Sets theRoleHierarchy
to be used.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
authorize, verify
-
Constructor Details
-
AuthoritiesAuthorizationManager
public AuthoritiesAuthorizationManager()
-
-
Method Details
-
setRoleHierarchy
Sets theRoleHierarchy
to be used. Default isNullRoleHierarchy
. Cannot be null.- Parameters:
roleHierarchy
- theRoleHierarchy
to use
-
check
public AuthorityAuthorizationDecision check(Supplier<Authentication> authentication, Collection<String> authorities) Determines if the current user is authorized by evaluating if theAuthentication
contains any of specified authorities.- Specified by:
check
in interfaceAuthorizationManager<Collection<String>>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkauthorities
- the collection of authority strings to check- Returns:
- an
AuthorityAuthorizationDecision
-