public class DefaultWebSecurityExpressionHandler extends AbstractSecurityExpressionHandler<FilterInvocation> implements SecurityExpressionHandler<FilterInvocation>
Constructor and Description |
---|
DefaultWebSecurityExpressionHandler() |
Modifier and Type | Method and Description |
---|---|
protected SecurityExpressionOperations |
createSecurityExpressionRoot(Authentication authentication,
FilterInvocation fi)
Implement in order to create a root object of the correct type for the supported
invocation type.
|
void |
setDefaultRolePrefix(String defaultRolePrefix)
Sets the default prefix to be added to
SecurityExpressionRoot.hasAnyRole(String...) or
SecurityExpressionRoot.hasRole(String) . |
void |
setTrustResolver(AuthenticationTrustResolver trustResolver)
Sets the
AuthenticationTrustResolver to be used. |
createEvaluationContext, createEvaluationContextInternal, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
createEvaluationContext, getExpressionParser
protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, FilterInvocation fi)
AbstractSecurityExpressionHandler
createSecurityExpressionRoot
in class AbstractSecurityExpressionHandler<FilterInvocation>
authentication
- the current authentication objectfi
- the invocation (filter, method, channel)public void setTrustResolver(AuthenticationTrustResolver trustResolver)
AuthenticationTrustResolver
to be used. The default is
AuthenticationTrustResolverImpl
.trustResolver
- the AuthenticationTrustResolver
to use. Cannot be
null.public void setDefaultRolePrefix(String defaultRolePrefix)
Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...)
or
SecurityExpressionRoot.hasRole(String)
. For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN")
is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is
"ROLE_" (default).
If null or empty, then no default role prefix is used.
defaultRolePrefix
- the default prefix to add to roles. Default "ROLE_".