Class DefaultAuthorizationManagerFactory<T extends @Nullable Object>
java.lang.Object
org.springframework.security.authorization.DefaultAuthorizationManagerFactory<T>
- Type Parameters:
T- the type of object that the authorization check is being done on
- All Implemented Interfaces:
AuthorizationManagerFactory<T>
public final class DefaultAuthorizationManagerFactory<T extends @Nullable Object>
extends Object
implements AuthorizationManagerFactory<T>
A factory for creating different kinds of
AuthorizationManager instances.- Since:
- 7.0
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionCreates anAuthorizationManagerthat allows only anonymous users.Creates anAuthorizationManagerthat allows any authenticated user.Creates anAuthorizationManagerthat allows users who have authenticated and were not remembered.hasAllAuthorities(String... authorities) Creates anAuthorizationManagerthat requires users to have all the provided authorities.hasAllRoles(String... roles) Creates anAuthorizationManagerthat requires users to have all the provided roles.hasAnyAuthority(String... authorities) Creates anAuthorizationManagerthat requires users to have one of many authorities.hasAnyRole(String... roles) Creates anAuthorizationManagerthat requires users to have one of many roles.hasAuthority(String authority) Creates anAuthorizationManagerthat requires users to have the specified authority.Creates anAuthorizationManagerthat requires users to have the specified role.Creates anAuthorizationManagerthat allows users that have been remembered.voidsetAdditionalAuthorization(@Nullable AuthorizationManager<T> additionalAuthorization) Sets additional authorization to be applied to the returnedAuthorizationManagerfor the following methods:hasRole(String)hasAnyRole(String...)hasAllRoles(String...)hasAuthority(String)hasAnyAuthority(String...)hasAllAuthorities(String...)authenticated()fullyAuthenticated()rememberMe()voidsetRoleHierarchy(RoleHierarchy roleHierarchy) Sets theRoleHierarchyused to discover reachable authorities.voidsetRolePrefix(String rolePrefix) Sets the prefix used to create an authority name from a role name.voidsetTrustResolver(AuthenticationTrustResolver trustResolver) Sets theAuthenticationTrustResolverused to check the user's authentication.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.springframework.security.authorization.AuthorizationManagerFactory
denyAll, permitAll
-
Constructor Details
-
DefaultAuthorizationManagerFactory
public DefaultAuthorizationManagerFactory()
-
-
Method Details
-
setTrustResolver
Sets theAuthenticationTrustResolverused to check the user's authentication.- Parameters:
trustResolver- theAuthenticationTrustResolverto use
-
setRoleHierarchy
Sets theRoleHierarchyused to discover reachable authorities.- Parameters:
roleHierarchy- theRoleHierarchyto use
-
setRolePrefix
Sets the prefix used to create an authority name from a role name. Can be an empty string.- Parameters:
rolePrefix- the role prefix to use
-
setAdditionalAuthorization
Sets additional authorization to be applied to the returnedAuthorizationManagerfor the following methods:hasRole(String)hasAnyRole(String...)hasAllRoles(String...)hasAuthority(String)hasAnyAuthority(String...)hasAllAuthorities(String...)authenticated()fullyAuthenticated()rememberMe()
This does not affect
anonymous,permitAll, ordenyAll.- Parameters:
additionalAuthorization- theAuthorizationManagerto be applied. Default is null (no additional authorization).
-
hasRole
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat requires users to have the specified role.- Specified by:
hasRolein interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Parameters:
role- the role (automatically prepended with ROLE_) that should be required to allow access (i.e. USER, ADMIN, etc.)- Returns:
- A new
AuthorizationManagerinstance
-
hasAnyRole
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat requires users to have one of many roles.- Specified by:
hasAnyRolein interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Parameters:
roles- the roles (automatically prepended with ROLE_) that the user should have at least one of to allow access (i.e. USER, ADMIN, etc.)- Returns:
- A new
AuthorizationManagerinstance
-
hasAllRoles
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat requires users to have all the provided roles.- Specified by:
hasAllRolesin interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Parameters:
roles- the roles (automatically prepended with ROLE_) that the user must have to allow access (i.e. USER, ADMIN, etc.)- Returns:
- A new
AuthorizationManagerinstance
-
hasAuthority
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat requires users to have the specified authority.- Specified by:
hasAuthorityin interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Parameters:
authority- the authority that should be required to allow access (i.e. ROLE_USER, ROLE_ADMIN, etc.)- Returns:
- A new
AuthorizationManagerinstance
-
hasAnyAuthority
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat requires users to have one of many authorities.- Specified by:
hasAnyAuthorityin interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Parameters:
authorities- the authorities that the user should have at least one of to allow access (i.e. ROLE_USER, ROLE_ADMIN, etc.)- Returns:
- A new
AuthorizationManagerinstance
-
hasAllAuthorities
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat requires users to have all the provided authorities.- Specified by:
hasAllAuthoritiesin interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Parameters:
authorities- the authorities that the user must have to allow access (i.e. USER, ADMIN, etc.)- Returns:
- A new
AuthorizationManagerinstance
-
authenticated
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat allows any authenticated user.- Specified by:
authenticatedin interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Returns:
- A new
AuthorizationManagerinstance
-
fullyAuthenticated
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat allows users who have authenticated and were not remembered.- Specified by:
fullyAuthenticatedin interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Returns:
- A new
AuthorizationManagerinstance
-
rememberMe
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat allows users that have been remembered.- Specified by:
rememberMein interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Returns:
- A new
AuthorizationManagerinstance
-
anonymous
Description copied from interface:AuthorizationManagerFactoryCreates anAuthorizationManagerthat allows only anonymous users.- Specified by:
anonymousin interfaceAuthorizationManagerFactory<T extends @Nullable Object>- Returns:
- A new
AuthorizationManagerinstance
-