Class ExpressionBasedMessageSecurityMetadataSourceFactory
- java.lang.Object
-
- org.springframework.security.messaging.access.expression.ExpressionBasedMessageSecurityMetadataSourceFactory
-
public final class ExpressionBasedMessageSecurityMetadataSourceFactory extends java.lang.Object
A class used to create aMessageSecurityMetadataSource
that usesMessageMatcher
mapped to Spring Expressions.- Since:
- 4.0
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static MessageSecurityMetadataSource
createExpressionMessageMetadataSource(java.util.LinkedHashMap<MessageMatcher<?>,java.lang.String> matcherToExpression)
Create aMessageSecurityMetadataSource
that usesMessageMatcher
mapped to Spring Expressions.static MessageSecurityMetadataSource
createExpressionMessageMetadataSource(java.util.LinkedHashMap<MessageMatcher<?>,java.lang.String> matcherToExpression, SecurityExpressionHandler<org.springframework.messaging.Message<java.lang.Object>> handler)
Create aMessageSecurityMetadataSource
that usesMessageMatcher
mapped to Spring Expressions.
-
-
-
Method Detail
-
createExpressionMessageMetadataSource
public static MessageSecurityMetadataSource createExpressionMessageMetadataSource(java.util.LinkedHashMap<MessageMatcher<?>,java.lang.String> matcherToExpression)
Create aMessageSecurityMetadataSource
that usesMessageMatcher
mapped to Spring Expressions. Each entry is considered in order and only the first match is used. For example:LinkedHashMap<MessageMatcher<?>,String> matcherToExpression = new LinkedHashMap<MessageMatcher<Object>,String>(); matcherToExpression.put(new SimDestinationMessageMatcher("/public/**"), "permitAll"); matcherToExpression.put(new SimDestinationMessageMatcher("/admin/**"), "hasRole('ROLE_ADMIN')"); matcherToExpression.put(new SimDestinationMessageMatcher("/topics/{name}/**"), "@someBean.customLogic(authentication, #name)"); matcherToExpression.put(new SimDestinationMessageMatcher("/**"), "authenticated"); MessageSecurityMetadataSource metadataSource = createExpressionMessageMetadataSource(matcherToExpression);
If our destination is "/public/hello", it would match on "/public/**" and on "/**". However, only "/public/**" would be used since it is the first entry. That means that a destination of "/public/hello" will be mapped to "permitAll".
For a complete listing of expressions see
MessageSecurityExpressionRoot
- Parameters:
matcherToExpression
- an ordered mapping ofMessageMatcher
to Strings that are turned into an Expression usingAbstractSecurityExpressionHandler.getExpressionParser()
- Returns:
- the
MessageSecurityMetadataSource
to use. Cannot be null.
-
createExpressionMessageMetadataSource
public static MessageSecurityMetadataSource createExpressionMessageMetadataSource(java.util.LinkedHashMap<MessageMatcher<?>,java.lang.String> matcherToExpression, SecurityExpressionHandler<org.springframework.messaging.Message<java.lang.Object>> handler)
Create aMessageSecurityMetadataSource
that usesMessageMatcher
mapped to Spring Expressions. Each entry is considered in order and only the first match is used. For example:LinkedHashMap<MessageMatcher<?>,String> matcherToExpression = new LinkedHashMap<MessageMatcher<Object>,String>(); matcherToExpression.put(new SimDestinationMessageMatcher("/public/**"), "permitAll"); matcherToExpression.put(new SimDestinationMessageMatcher("/admin/**"), "hasRole('ROLE_ADMIN')"); matcherToExpression.put(new SimDestinationMessageMatcher("/topics/{name}/**"), "@someBean.customLogic(authentication, #name)"); matcherToExpression.put(new SimDestinationMessageMatcher("/**"), "authenticated"); MessageSecurityMetadataSource metadataSource = createExpressionMessageMetadataSource(matcherToExpression);
If our destination is "/public/hello", it would match on "/public/**" and on "/**". However, only "/public/**" would be used since it is the first entry. That means that a destination of "/public/hello" will be mapped to "permitAll".
For a complete listing of expressions see
MessageSecurityExpressionRoot
- Parameters:
matcherToExpression
- an ordered mapping ofMessageMatcher
to Strings that are turned into an Expression usingAbstractSecurityExpressionHandler.getExpressionParser()
handler
- theSecurityExpressionHandler
to use- Returns:
- the
MessageSecurityMetadataSource
to use. Cannot be null.
-
-