A secure object is a term frequently used throughout the security system. It
does not refer to a business object that is being secured, but instead refers to
some infrastructure object that can have security facilities provided for it by Spring
Security. For example, one secure object would be
another would be HTTP
these are infrastructure objects and their design allows them to represent a large
variety of actual resources that might need to be secured, such as business objects or
HTTP request URLs.
Each secure object typically has its own interceptor package. Each package usually
includes a concrete security interceptor (which subclasses
the type of resources the secure object represents.
Interface Summary Interface Description AfterInvocationManagerReviews the
Objectreturned from a secure object invocation, being able to modify the
Objector throw an
RunAsManagerCreates a new temporary
Authenticationobject for the current secure object invocation only.
Class Summary Class Description AbstractSecurityInterceptorAbstract class that implements security interception for secure objects. AfterInvocationProviderManagerProvider-based implementation of
InterceptorStatusTokenA return object received by
MethodInvocationPrivilegeEvaluatorAllows users to determine whether they have "before invocation" privileges for a given method invocation. RunAsImplAuthenticationProvider RunAsManagerImplBasic concrete implementation of a