org.springframework.security.authorization.method.Jsr250AuthorizationManager

All Implemented Interfaces:: AuthorizationManager<org.aopalliance.intercept.MethodInvocation>

public final class Jsr250AuthorizationManager extends Object implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>

An AuthorizationManager which can determine if an Authentication may invoke the MethodInvocation by evaluating if the Authentication contains a specified authority from the JSR-250 security annotations.

Since:: 5.6

Constructor Summary

Constructors

Constructor

Description

Jsr250AuthorizationManager()
Method Summary

Modifier and Type

Method

Description

AuthorizationDecision

check(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation methodInvocation)

Deprecated.
please use AuthorizationManager.authorize(Supplier, Object) instead

void

setAuthoritiesAuthorizationManager(AuthorizationManager<Collection<String>> authoritiesAuthorizationManager)

Sets an AuthorizationManager that accepts a collection of authority strings.

void

setRolePrefix(String rolePrefix)

Sets the role prefix.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
authorize, verify

Constructor Details
- Jsr250AuthorizationManager
  
  public Jsr250AuthorizationManager()
Method Details
- setAuthoritiesAuthorizationManager
  
  public void setAuthoritiesAuthorizationManager(AuthorizationManager<Collection<String>> authoritiesAuthorizationManager)
  
  Sets an AuthorizationManager that accepts a collection of authority strings.
  
  Parameters:
  
  authoritiesAuthorizationManager - the AuthorizationManager that accepts a collection of authority strings to use
  
  Since:
  
  6.2
- setRolePrefix
  
  public void setRolePrefix(String rolePrefix)
  
  Sets the role prefix. Defaults to "ROLE_".
  
  Parameters:
  
  rolePrefix - the role prefix to use
- check
  
  @Deprecated public AuthorizationDecision check(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation methodInvocation)
  
  Deprecated.
  please use AuthorizationManager.authorize(Supplier, Object) instead
  
  Determine if an Authentication has access to a method by evaluating the DenyAll, PermitAll, and RolesAllowed annotations that MethodInvocation specifies.
  
  Specified by:
  
  check in interface AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
  
  Parameters:
  
  authentication - the Supplier of the Authentication to check
  
  methodInvocation - the MethodInvocation to check
  
  Returns:
  
  an AuthorizationDecision or null if the JSR-250 security annotations is not present

Class Jsr250AuthorizationManager

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.springframework.security.authorization.AuthorizationManager

Constructor Details

Jsr250AuthorizationManager

Method Details

setAuthoritiesAuthorizationManager

setRolePrefix

check