public class MethodInvocationPrivilegeEvaluator
extends java.lang.Object
implements org.springframework.beans.factory.InitializingBean
Of course, if an
AfterInvocationManager
is used to
authorize the result of a method invocation, this class cannot assist
determine whether or not the AfterInvocationManager
will enable access.
Instead this class aims to allow applications to determine whether or not the current
principal would be allowed to at least attempt to invoke the method, irrespective of
the "after" invocation handling.
Modifier and Type | Field and Description |
---|---|
protected static org.apache.commons.logging.Log |
logger |
Constructor and Description |
---|
MethodInvocationPrivilegeEvaluator() |
Modifier and Type | Method and Description |
---|---|
void |
afterPropertiesSet() |
boolean |
isAllowed(org.aopalliance.intercept.MethodInvocation mi,
Authentication authentication) |
void |
setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor) |
public void afterPropertiesSet()
afterPropertiesSet
in interface org.springframework.beans.factory.InitializingBean
public boolean isAllowed(org.aopalliance.intercept.MethodInvocation mi, Authentication authentication)
public void setSecurityInterceptor(AbstractSecurityInterceptor securityInterceptor)