Class SecuredAuthorizationManager
java.lang.Object
org.springframework.security.authorization.method.SecuredAuthorizationManager
- All Implemented Interfaces:
AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
public final class SecuredAuthorizationManager
extends Object
implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
An
AuthorizationManager
which can determine if an Authentication
may
invoke the MethodInvocation
by evaluating if the Authentication
contains a specified authority from the Spring Security's Secured
annotation.- Since:
- 5.6
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptioncheck
(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi) Deprecated.void
setAuthoritiesAuthorizationManager
(AuthorizationManager<Collection<String>> authoritiesAuthorizationManager) Sets anAuthorizationManager
that accepts a collection of authority strings.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
authorize, verify
-
Constructor Details
-
SecuredAuthorizationManager
public SecuredAuthorizationManager()
-
-
Method Details
-
setAuthoritiesAuthorizationManager
public void setAuthoritiesAuthorizationManager(AuthorizationManager<Collection<String>> authoritiesAuthorizationManager) Sets anAuthorizationManager
that accepts a collection of authority strings.- Parameters:
authoritiesAuthorizationManager
- theAuthorizationManager
that accepts a collection of authority strings to use- Since:
- 6.1
-
check
@Deprecated public AuthorizationDecision check(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi) Deprecated.please useAuthorizationManager.authorize(Supplier, Object)
insteadDetermine if anAuthentication
has access to a method by evaluating theSecured
annotation thatMethodInvocation
specifies.- Specified by:
check
in interfaceAuthorizationManager<org.aopalliance.intercept.MethodInvocation>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkmi
- theMethodInvocation
to check- Returns:
- an
AuthorizationDecision
or null if theSecured
annotation is not present
-
AuthorizationManager.authorize(Supplier, Object)
instead