|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
public interface WebInvocationPrivilegeEvaluator
Allows users to determine whether they have privileges for a given web URI.
| Method Summary | |
|---|---|
boolean |
isAllowed(java.lang.String uri,
Authentication authentication)
Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI. |
boolean |
isAllowed(java.lang.String contextPath,
java.lang.String uri,
java.lang.String method,
Authentication authentication)
Determines whether the user represented by the supplied Authentication object is allowed to invoke the supplied URI, with the given . |
| Method Detail |
|---|
boolean isAllowed(java.lang.String uri,
Authentication authentication)
uri - the URI excluding the context path (a default context path setting will be used)
boolean isAllowed(java.lang.String contextPath,
java.lang.String uri,
java.lang.String method,
Authentication authentication)
Note the default implementation of FilterInvocationSecurityMetadataSource disregards the
contextPath when evaluating which secure object metadata applies to a given
request URI, so generally the contextPath is unimportant unless you
are using a custom FilterInvocationSecurityMetadataSource.
uri - the URI excluding the context pathcontextPath - the context path (may be null).method - the HTTP method (or null, for any method)authentication - the Authentication instance whose authorities should be used in evaluation
whether access should be granted.
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||