Class Jsr250AuthorizationManager
- java.lang.Object
-
- org.springframework.security.authorization.method.Jsr250AuthorizationManager
-
- All Implemented Interfaces:
AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
public final class Jsr250AuthorizationManager extends java.lang.Object implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
AnAuthorizationManager
which can determine if anAuthentication
may invoke theMethodInvocation
by evaluating if theAuthentication
contains a specified authority from the JSR-250 security annotations.- Since:
- 5.6
-
-
Constructor Summary
Constructors Constructor Description Jsr250AuthorizationManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthorizationDecision
check(java.util.function.Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation methodInvocation)
Determine if anAuthentication
has access to a method by evaluating theDenyAll
,PermitAll
, andRolesAllowed
annotations thatMethodInvocation
specifies.void
setRolePrefix(java.lang.String rolePrefix)
Sets the role prefix.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
-
-
-
-
Method Detail
-
setRolePrefix
public void setRolePrefix(java.lang.String rolePrefix)
Sets the role prefix. Defaults to "ROLE_".- Parameters:
rolePrefix
- the role prefix to use
-
check
public AuthorizationDecision check(java.util.function.Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation methodInvocation)
Determine if anAuthentication
has access to a method by evaluating theDenyAll
,PermitAll
, andRolesAllowed
annotations thatMethodInvocation
specifies.- Specified by:
check
in interfaceAuthorizationManager<org.aopalliance.intercept.MethodInvocation>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkmethodInvocation
- theMethodInvocation
to check- Returns:
- an
AuthorizationDecision
or null if the JSR-250 security annotations is not present
-
-