public class MethodInvocationPrivilegeEvaluator
extends java.lang.Object
Of course, if an
AfterInvocationManager
is used to
authorize the result of a method invocation, this class cannot assist
determine whether or not the AfterInvocationManager
will enable access.
Instead this class aims to allow applications to determine whether or not the current
principal would be allowed to at least attempt to invoke the method, irrespective of
the "after" invocation handling.
Modifier and Type | Field and Description |
---|---|
protected static Log |
logger |
Constructor and Description |
---|
MethodInvocationPrivilegeEvaluator() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
boolean |
isAllowed(MethodInvocation mi,
Authentication authentication) |
void |
setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor) |
public void afterPropertiesSet() throws java.lang.Exception
java.lang.Exception
public boolean isAllowed(MethodInvocation mi, Authentication authentication)
public void setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor)