public abstract class AbstractAuthorizeTag extends Object
Constructor and Description |
---|
AbstractAuthorizeTag() |
Modifier and Type | Method and Description |
---|---|
boolean |
authorize()
Make an authorization decision by considering all <authorize> tag attributes.
|
boolean |
authorizeUsingAccessExpression()
Make an authorization decision based on a Spring EL expression.
|
boolean |
authorizeUsingGrantedAuthorities()
Make an authorization decision by considering ifAllGranted, ifAnyGranted, and ifNotGranted.
|
boolean |
authorizeUsingUrlCheck()
Make an authorization decision based on the URL and HTTP method attributes.
|
protected EvaluationContext |
createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation> handler)
Allows the
EvaluationContext to be customized for variable lookup etc. |
String |
getAccess() |
String |
getIfAllGranted() |
String |
getIfAnyGranted() |
String |
getIfNotGranted() |
String |
getMethod() |
protected abstract javax.servlet.ServletRequest |
getRequest()
This method allows subclasses to provide a way to access the ServletRequest according to the rendering
technology.
|
protected abstract javax.servlet.ServletResponse |
getResponse()
This method allows subclasses to provide a way to access the ServletResponse according to the rendering
technology.
|
protected abstract javax.servlet.ServletContext |
getServletContext()
This method allows subclasses to provide a way to access the ServletContext according to the rendering
technology.
|
String |
getUrl() |
void |
setAccess(String access) |
void |
setIfAllGranted(String ifAllGranted) |
void |
setIfAnyGranted(String ifAnyGranted) |
void |
setIfNotGranted(String ifNotGranted) |
void |
setMethod(String method) |
void |
setUrl(String url) |
protected abstract javax.servlet.ServletRequest getRequest()
protected abstract javax.servlet.ServletResponse getResponse()
protected abstract javax.servlet.ServletContext getServletContext()
public boolean authorize() throws IOException
IOException
public boolean authorizeUsingGrantedAuthorities()
public boolean authorizeUsingAccessExpression() throws IOException
IOException
protected EvaluationContext createExpressionEvaluationContext(SecurityExpressionHandler<FilterInvocation> handler)
EvaluationContext
to be customized for variable lookup etc.public boolean authorizeUsingUrlCheck() throws IOException
IOException
public String getAccess()
public void setAccess(String access)
public String getUrl()
public void setUrl(String url)
public String getMethod()
public void setMethod(String method)
public String getIfAllGranted()
public void setIfAllGranted(String ifAllGranted)
public String getIfAnyGranted()
public void setIfAnyGranted(String ifAnyGranted)
public String getIfNotGranted()
public void setIfNotGranted(String ifNotGranted)