public final class MessageSecurityBeanDefinitionParser extends Object implements BeanDefinitionParser
<messages>
<message-interceptor pattern='/permitAll' access='permitAll' />
<message-interceptor pattern='/denyAll' access='denyAll' />
</messages>
The above configuration will ensure that any SimpAnnotationMethodMessageHandler has the AuthenticationPrincipalArgumentResolver registered as a custom argument resolver. It also ensures that the SecurityContextChannelInterceptor is automatically registered for the clientInboundChannel. Last, it ensures that a ChannelSecurityInterceptor is registered with the clientInboundChannel.
If finer control is necessary, the id attribute can be used as shown below:
<messages id="channelSecurityInterceptor">
<message-interceptor pattern='/permitAll' access='permitAll' />
<message-interceptor pattern='/denyAll' access='denyAll' />
</messages>
Now the configuration will only create a bean named ChannelSecurityInterceptor and assign it to the id of channelSecurityInterceptor. Users can explicitly wire Spring Security using the standard Spring Messaging XML namespace support.
| Constructor and Description |
|---|
MessageSecurityBeanDefinitionParser() |
public BeanDefinition parse(Element element, ParserContext parserContext)
parse in interface BeanDefinitionParserelement - parserContext -