DefaultMethodSecurityExpressionHandler

java.lang.Object
- org.springframework.security.access.expression.AbstractSecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
- - org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler

All Implemented Interfaces:

org.springframework.aop.framework.AopInfrastructureBean, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, MethodSecurityExpressionHandler, SecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
```
public class DefaultMethodSecurityExpressionHandler
extends AbstractSecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
implements MethodSecurityExpressionHandler
```
The standard implementation of MethodSecurityExpressionHandler.
A single instance should usually be shared amongst the beans that require expression support.

Since:

3.0

Field Summary

Fields
Modifier and Type Field and Description

protected org.apache.commons.logging.Log logger

Fields
Modifier and Type	Field and Description
`protected org.apache.commons.logging.Log`	`logger`

Constructor Summary

Constructors
Constructor and Description

DefaultMethodSecurityExpressionHandler()

Constructors
Constructor and Description
`DefaultMethodSecurityExpressionHandler()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`org.springframework.expression.spel.support.StandardEvaluationContext`	`createEvaluationContextInternal(Authentication auth, org.aopalliance.intercept.MethodInvocation mi)` Uses a `MethodSecurityEvaluationContext` as the `EvaluationContext` implementation.
`protected MethodSecurityExpressionOperations`	`createSecurityExpressionRoot(Authentication authentication, org.aopalliance.intercept.MethodInvocation invocation)` Creates the root object for expression evaluation.
`java.lang.Object`	`filter(java.lang.Object filterTarget, org.springframework.expression.Expression filterExpression, org.springframework.expression.EvaluationContext ctx)` Filters the `filterTarget` object (which must be either a collection, array, or stream), by evaluating the supplied expression.
`protected java.lang.String`	`getDefaultRolePrefix()`
`protected org.springframework.core.ParameterNameDiscoverer`	`getParameterNameDiscoverer()`
`protected AuthenticationTrustResolver`	`getTrustResolver()`
`void`	`setDefaultRolePrefix(java.lang.String defaultRolePrefix)` Sets the default prefix to be added to `SecurityExpressionRoot.hasAnyRole(String...)` or `SecurityExpressionRoot.hasRole(String)`.
`void`	`setParameterNameDiscoverer(org.springframework.core.ParameterNameDiscoverer parameterNameDiscoverer)` Sets the `ParameterNameDiscoverer` to use.
`void`	`setPermissionCacheOptimizer(PermissionCacheOptimizer permissionCacheOptimizer)`
`void`	`setReturnObject(java.lang.Object returnObject, org.springframework.expression.EvaluationContext ctx)` Used to inform the expression system of the return object for the given evaluation context.
`void`	`setTrustResolver(AuthenticationTrustResolver trustResolver)` Sets the `AuthenticationTrustResolver` to be used.

Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
createEvaluationContext, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler
createEvaluationContext, getExpressionParser

- Field Detail
  - logger
```
protected final org.apache.commons.logging.Log logger
```
- Constructor Detail
  - DefaultMethodSecurityExpressionHandler
```
public DefaultMethodSecurityExpressionHandler()
```
- Method Detail
  - createEvaluationContextInternal
```
public org.springframework.expression.spel.support.StandardEvaluationContext createEvaluationContextInternal(Authentication auth,
                                                                                                             org.aopalliance.intercept.MethodInvocation mi)
```
    Uses a MethodSecurityEvaluationContext as the EvaluationContext implementation.
    
    Overrides:
    
    createEvaluationContextInternal in class AbstractSecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
    
    Parameters:
    
    auth - the current authentication object
    
    mi - the invocation (filter, method, channel)
    
    Returns:
    
    A StandardEvaluationContext or potentially a custom subclass if overridden.
  - createSecurityExpressionRoot
```
protected MethodSecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication,
                                                                          org.aopalliance.intercept.MethodInvocation invocation)
```
    Creates the root object for expression evaluation.
    
    Specified by:
    
    createSecurityExpressionRoot in class AbstractSecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
    
    Parameters:
    
    authentication - the current authentication object
    
    invocation - the invocation (filter, method, channel)
    
    Returns:
    
    the object wh
  - filter
```
public java.lang.Object filter(java.lang.Object filterTarget,
                               org.springframework.expression.Expression filterExpression,
                               org.springframework.expression.EvaluationContext ctx)
```
    Filters the filterTarget object (which must be either a collection, array, or stream), by evaluating the supplied expression.
    If a Collection is used, the original instance will be modified to contain the elements for which the permission expression evaluates to true. For an array, a new array instance will be returned.
    
    Specified by:
    
    filter in interface MethodSecurityExpressionHandler
    
    Parameters:
    
    filterTarget - the array or collection to be filtered.
    
    filterExpression - the expression which should be used as the filter condition. If it returns false on evaluation, the object will be removed from the returned collection
    
    ctx - the current evaluation context (as created through a call to SecurityExpressionHandler.createEvaluationContext(org.springframework.security.core.Authentication, Object)
    
    Returns:
    
    the filtered collection or array
  - setTrustResolver
```
public void setTrustResolver(AuthenticationTrustResolver trustResolver)
```
    Sets the AuthenticationTrustResolver to be used. The default is AuthenticationTrustResolverImpl.
    
    Parameters:
    
    trustResolver - the AuthenticationTrustResolver to use. Cannot be null.
  - getTrustResolver
```
protected AuthenticationTrustResolver getTrustResolver()
```
    Returns:
    
    The current AuthenticationTrustResolver
  - setParameterNameDiscoverer
```
public void setParameterNameDiscoverer(org.springframework.core.ParameterNameDiscoverer parameterNameDiscoverer)
```
    Sets the ParameterNameDiscoverer to use. The default is DefaultSecurityParameterNameDiscoverer.
    
    Parameters:
    
    parameterNameDiscoverer -
  - getParameterNameDiscoverer
```
protected org.springframework.core.ParameterNameDiscoverer getParameterNameDiscoverer()
```
    Returns:
    
    The current ParameterNameDiscoverer
  - setPermissionCacheOptimizer
```
public void setPermissionCacheOptimizer(PermissionCacheOptimizer permissionCacheOptimizer)
```
  - setReturnObject
```
public void setReturnObject(java.lang.Object returnObject,
                            org.springframework.expression.EvaluationContext ctx)
```
    Description copied from interface: MethodSecurityExpressionHandler
    
    Used to inform the expression system of the return object for the given evaluation context. Only applies to method invocations.
    
    Specified by:
    
    setReturnObject in interface MethodSecurityExpressionHandler
    
    Parameters:
    
    returnObject - the return object value
    
    ctx - the context within which the object should be set (as created through a call to SecurityExpressionHandler.createEvaluationContext(org.springframework.security.core.Authentication, Object)
  - setDefaultRolePrefix
```
public void setDefaultRolePrefix(java.lang.String defaultRolePrefix)
```
    Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String). For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN") is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is "ROLE_" (default).
    
    If null or empty, then no default role prefix is used.
    
    Parameters:
    
    defaultRolePrefix - the default prefix to add to roles. Default "ROLE_".
  - getDefaultRolePrefix
```
protected java.lang.String getDefaultRolePrefix()
```
    Returns:
    
    The default role prefix

Class DefaultMethodSecurityExpressionHandler

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler

Methods inherited from class java.lang.Object

Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler

Field Detail

logger

Constructor Detail

DefaultMethodSecurityExpressionHandler

Method Detail

createEvaluationContextInternal

createSecurityExpressionRoot

filter

setTrustResolver

getTrustResolver

setParameterNameDiscoverer

getParameterNameDiscoverer

setPermissionCacheOptimizer

setReturnObject

setDefaultRolePrefix

getDefaultRolePrefix