public class MethodInvocationPrivilegeEvaluator extends Object implements InitializingBean
Of course, if an AfterInvocationManager is used to authorize the
result of a method invocation, this class cannot assist determine whether or not the
AfterInvocationManager will enable
access. Instead this class aims to allow applications to determine whether or not the current principal would be
allowed to at least attempt to invoke the method, irrespective of the "after" invocation handling.
| Modifier and Type | Field and Description |
|---|---|
protected static org.apache.commons.logging.Log |
logger |
| Constructor and Description |
|---|
MethodInvocationPrivilegeEvaluator() |
| Modifier and Type | Method and Description |
|---|---|
void |
afterPropertiesSet() |
boolean |
isAllowed(org.aopalliance.intercept.MethodInvocation mi,
Authentication authentication) |
void |
setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor) |
public void afterPropertiesSet()
throws Exception
afterPropertiesSet in interface InitializingBeanExceptionpublic boolean isAllowed(org.aopalliance.intercept.MethodInvocation mi,
Authentication authentication)
public void setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor)