public final class ExpressionBasedMessageSecurityMetadataSourceFactory extends Object
MessageSecurityMetadataSource
that uses
MessageMatcher
mapped to Spring Expressions.Modifier and Type | Method and Description |
---|---|
static MessageSecurityMetadataSource |
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>,String> matcherToExpression)
Create a
MessageSecurityMetadataSource that uses MessageMatcher
mapped to Spring Expressions. |
static MessageSecurityMetadataSource |
createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>,String> matcherToExpression,
SecurityExpressionHandler<org.springframework.messaging.Message<Object>> handler)
Create a
MessageSecurityMetadataSource that uses MessageMatcher
mapped to Spring Expressions. |
public static MessageSecurityMetadataSource createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>,String> matcherToExpression)
MessageSecurityMetadataSource
that uses MessageMatcher
mapped to Spring Expressions. Each entry is considered in order and only the first
match is used.
For example:
LinkedHashMap<MessageMatcher<?>,String> matcherToExpression = new LinkedHashMap<MessageMatcher<Object>,String>(); matcherToExpression.put(new SimDestinationMessageMatcher("/public/**"), "permitAll"); matcherToExpression.put(new SimDestinationMessageMatcher("/admin/**"), "hasRole('ROLE_ADMIN')"); matcherToExpression.put(new SimDestinationMessageMatcher("/**"), "authenticated"); MessageSecurityMetadataSource metadataSource = createExpressionMessageMetadataSource(matcherToExpression);
If our destination is "/public/hello", it would match on "/public/**" and on "/**". However, only "/public/**" would be used since it is the first entry. That means that a destination of "/public/hello" will be mapped to "permitAll".
For a complete listing of expressions see MessageSecurityExpressionRoot
matcherToExpression
- an ordered mapping of MessageMatcher
to Strings
that are turned into an Expression using
AbstractSecurityExpressionHandler.getExpressionParser()
MessageSecurityMetadataSource
to use. Cannot be null.public static MessageSecurityMetadataSource createExpressionMessageMetadataSource(LinkedHashMap<MessageMatcher<?>,String> matcherToExpression, SecurityExpressionHandler<org.springframework.messaging.Message<Object>> handler)
MessageSecurityMetadataSource
that uses MessageMatcher
mapped to Spring Expressions. Each entry is considered in order and only the first
match is used.
For example:
LinkedHashMap<MessageMatcher<?>,String> matcherToExpression = new LinkedHashMap<MessageMatcher<Object>,String>(); matcherToExpression.put(new SimDestinationMessageMatcher("/public/**"), "permitAll"); matcherToExpression.put(new SimDestinationMessageMatcher("/admin/**"), "hasRole('ROLE_ADMIN')"); matcherToExpression.put(new SimDestinationMessageMatcher("/**"), "authenticated"); MessageSecurityMetadataSource metadataSource = createExpressionMessageMetadataSource(matcherToExpression);
If our destination is "/public/hello", it would match on "/public/**" and on "/**". However, only "/public/**" would be used since it is the first entry. That means that a destination of "/public/hello" will be mapped to "permitAll".
For a complete listing of expressions see MessageSecurityExpressionRoot
matcherToExpression
- an ordered mapping of MessageMatcher
to Strings
that are turned into an Expression using
AbstractSecurityExpressionHandler.getExpressionParser()
handler
- the SecurityExpressionHandler
to useMessageSecurityMetadataSource
to use. Cannot be null.