Package org.springframework.security.access.expression

Class AbstractSecurityExpressionHandler<T>

    • Constructor Detail

      • AbstractSecurityExpressionHandler

        public AbstractSecurityExpressionHandler()

    • Method Detail

      • getExpressionParser

        public final org.springframework.expression.ExpressionParser getExpressionParser()
        Specified by:
        getExpressionParser in interface SecurityExpressionHandler<T>
        Returns:
        an expression parser for the expressions used by the implementation.

      • setExpressionParser

        public final void setExpressionParser​(org.springframework.expression.ExpressionParser expressionParser)

      • createEvaluationContext

        public final org.springframework.expression.EvaluationContext createEvaluationContext​(Authentication authentication,
                                                                                      T invocation)
        Invokes the internal template methods to create StandardEvaluationContext and SecurityExpressionRoot objects.
        Specified by:
        createEvaluationContext in interface SecurityExpressionHandler<T>
        Parameters:
        authentication - the current authentication object
        invocation - the invocation (filter, method, channel)
        Returns:
        the context object for use in evaluating the expression, populated with a suitable root object.

      • createEvaluationContextInternal

        protected org.springframework.expression.spel.support.StandardEvaluationContext createEvaluationContextInternal​(Authentication authentication,
                                                                                                                T invocation)
        Override to create a custom instance of StandardEvaluationContext.

        The returned object will have a SecurityExpressionRootPropertyAccessor added, allowing beans in the ApplicationContext to be accessed via expression properties.

        Parameters:
        authentication - the current authentication object
        invocation - the invocation (filter, method, channel)
        Returns:
        A StandardEvaluationContext or potentially a custom subclass if overridden.

      • createSecurityExpressionRoot

        protected abstract SecurityExpressionOperations createSecurityExpressionRoot​(Authentication authentication,
                                                                             T invocation)
        Implement in order to create a root object of the correct type for the supported invocation type.
        Parameters:
        authentication - the current authentication object
        invocation - the invocation (filter, method, channel)
        Returns:
        the object

      • setRoleHierarchy

        public void setRoleHierarchy​(RoleHierarchy roleHierarchy)

      • setPermissionEvaluator

        public void setPermissionEvaluator​(PermissionEvaluator permissionEvaluator)

      • setApplicationContext

        public void setApplicationContext​(org.springframework.context.ApplicationContext applicationContext)
        Specified by:
        setApplicationContext in interface org.springframework.context.ApplicationContextAware