Class AuthoritiesAuthorizationManager
java.lang.Object
org.springframework.security.authorization.AuthoritiesAuthorizationManager
- All Implemented Interfaces:
AuthorizationManager<Collection<String>>
public final class AuthoritiesAuthorizationManager
extends Object
implements AuthorizationManager<Collection<String>>
An
AuthorizationManager that determines if the current user is authorized by
evaluating if the Authentication contains any of the specified authorities.- Since:
- 6.1
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionauthorize(Supplier<? extends @Nullable Authentication> authentication, Collection<String> authorities) Determines if the current user is authorized by evaluating if theAuthenticationcontains any of specified authorities.voidsetRoleHierarchy(RoleHierarchy roleHierarchy) Sets theRoleHierarchyto be used.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
-
Constructor Details
-
AuthoritiesAuthorizationManager
public AuthoritiesAuthorizationManager()
-
-
Method Details
-
setRoleHierarchy
Sets theRoleHierarchyto be used. Default isNullRoleHierarchy. Cannot be null.- Parameters:
roleHierarchy- theRoleHierarchyto use
-
authorize
public AuthorizationResult authorize(Supplier<? extends @Nullable Authentication> authentication, Collection<String> authorities) Determines if the current user is authorized by evaluating if theAuthenticationcontains any of specified authorities.- Specified by:
authorizein interfaceAuthorizationManager<Collection<String>>- Parameters:
authentication- theSupplierof theAuthenticationto checkauthorities- the collection of authority strings to check- Returns:
- an
AuthorityAuthorizationDecision
-