org.springframework.security.authorization.method.SecuredAuthorizationManager

All Implemented Interfaces:: AuthorizationManager<org.aopalliance.intercept.MethodInvocation>

public final class SecuredAuthorizationManager extends Object implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>

An AuthorizationManager which can determine if an Authentication may invoke the MethodInvocation by evaluating if the Authentication contains a specified authority from the Spring Security's Secured annotation.

Since:: 5.6

Constructor Summary

Constructors

Constructor

Description

SecuredAuthorizationManager()
Method Summary

Modifier and Type

Method

Description

@Nullable AuthorizationResult

authorize(Supplier<? extends @Nullable Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi)

Determines if access is granted for a specific authentication and object.

void

setAuthoritiesAuthorizationManager(AuthorizationManager<Collection<String>> authoritiesAuthorizationManager)

Sets an AuthorizationManager that accepts a collection of authority strings.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify

Constructor Details
- SecuredAuthorizationManager
  
  public SecuredAuthorizationManager()
Method Details
- setAuthoritiesAuthorizationManager
  
  public void setAuthoritiesAuthorizationManager(AuthorizationManager<Collection<String>> authoritiesAuthorizationManager)
  
  Sets an AuthorizationManager that accepts a collection of authority strings.
  
  Parameters:
  
  authoritiesAuthorizationManager - the AuthorizationManager that accepts a collection of authority strings to use
  
  Since:
  
  6.1
- authorize
  
  public @Nullable AuthorizationResult authorize(Supplier<? extends @Nullable Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi)
  
  Description copied from interface: AuthorizationManager
  
  Determines if access is granted for a specific authentication and object.
  
  Specified by:
  
  authorize in interface AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
  
  Parameters:
  
  authentication - the Supplier of the Authentication to authorize
  
  mi - the AuthorizationManager object to authorize
  
  Returns:
  
  an AuthorizationResult

Class SecuredAuthorizationManager

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.springframework.security.authorization.AuthorizationManager

Constructor Details

SecuredAuthorizationManager

Method Details

setAuthoritiesAuthorizationManager

authorize