java.lang.Object
- org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter

All Implemented Interfaces:

AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>
```
@Deprecated
public class PreInvocationAuthorizationAdviceVoter
extends java.lang.Object
implements AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>
```
Deprecated.
Use AuthorizationManagerBeforeMethodInterceptor instead

Voter which performs the actions using a PreInvocationAuthorizationAdvice implementation generated from @PreFilter and @PreAuthorize annotations.
In practice, if these annotations are being used, they will normally contain all the necessary access control logic, so a voter-based system is not really necessary and a single AccessDecisionManager which contained the same logic would suffice. However, this class fits in readily with the traditional voter-based AccessDecisionManager implementations used by Spring Security.

Since:

3.0

Field Summary

Fields
Modifier and Type Field Description

protected org.apache.commons.logging.Log logger
Deprecated.
- Fields inherited from interface org.springframework.security.access.AccessDecisionVoter
  ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED

Constructor Summary

Constructors
Constructor Description

PreInvocationAuthorizationAdviceVoter(PreInvocationAuthorizationAdvice pre)
Deprecated.

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method	Description
`boolean`	`supports(java.lang.Class<?> clazz)`	Deprecated. Indicates whether the `AccessDecisionVoter` implementation is able to provide access control votes for the indicated secured object type.
`boolean`	`supports(ConfigAttribute attribute)`	Deprecated. Indicates whether this `AccessDecisionVoter` is able to vote on the passed `ConfigAttribute`.
`int`	`vote(Authentication authentication, org.aopalliance.intercept.MethodInvocation method, java.util.Collection<ConfigAttribute> attributes)`	Deprecated. Indicates whether or not access is granted.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - logger
```
protected final org.apache.commons.logging.Log logger
```
    Deprecated.
- Constructor Detail
  - PreInvocationAuthorizationAdviceVoter
```
public PreInvocationAuthorizationAdviceVoter(PreInvocationAuthorizationAdvice pre)
```
    Deprecated.
- Method Detail
  - supports
```
public boolean supports(ConfigAttribute attribute)
```
    Deprecated.
    
    Description copied from interface: AccessDecisionVoter
    
    Indicates whether this AccessDecisionVoter is able to vote on the passed ConfigAttribute.
    This allows the AbstractSecurityInterceptor to check every configuration attribute can be consumed by the configured AccessDecisionManager and/or RunAsManager and/or AfterInvocationManager.
    
    Specified by:
    
    supports in interface AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>
    
    Parameters:
    
    attribute - a configuration attribute that has been configured against the AbstractSecurityInterceptor
    
    Returns:
    
    true if this AccessDecisionVoter can support the passed configuration attribute
  - supports
```
public boolean supports(java.lang.Class<?> clazz)
```
    Deprecated.
    
    Description copied from interface: AccessDecisionVoter
    
    Indicates whether the AccessDecisionVoter implementation is able to provide access control votes for the indicated secured object type.
    
    Specified by:
    
    supports in interface AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>
    
    Parameters:
    
    clazz - the class that is being queried
    
    Returns:
    
    true if the implementation can process the indicated class
  - vote
```
public int vote(Authentication authentication,
                org.aopalliance.intercept.MethodInvocation method,
                java.util.Collection<ConfigAttribute> attributes)
```
    Deprecated.
    
    Description copied from interface: AccessDecisionVoter
    
    Indicates whether or not access is granted.
    The decision must be affirmative (ACCESS_GRANTED), negative ( ACCESS_DENIED) or the AccessDecisionVoter can abstain ( ACCESS_ABSTAIN) from voting. Under no circumstances should implementing classes return any other value. If a weighting of results is desired, this should be handled in a custom AccessDecisionManager instead.
    Unless an AccessDecisionVoter is specifically intended to vote on an access control decision due to a passed method invocation or configuration attribute parameter, it must return ACCESS_ABSTAIN. This prevents the coordinating AccessDecisionManager from counting votes from those AccessDecisionVoters without a legitimate interest in the access control decision.
    Whilst the secured object (such as a MethodInvocation) is passed as a parameter to maximise flexibility in making access control decisions, implementing classes should not modify it or cause the represented invocation to take place (for example, by calling MethodInvocation.proceed()).
    
    Specified by:
    
    vote in interface AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>
    
    Parameters:
    
    authentication - the caller making the invocation
    
    method - the secured object being invoked
    
    attributes - the configuration attributes associated with the secured object
    
    Returns:
    
    either AccessDecisionVoter.ACCESS_GRANTED, AccessDecisionVoter.ACCESS_ABSTAIN or AccessDecisionVoter.ACCESS_DENIED

Class PreInvocationAuthorizationAdviceVoter

Field Summary

Fields inherited from interface org.springframework.security.access.AccessDecisionVoter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

logger

Constructor Detail

PreInvocationAuthorizationAdviceVoter

Method Detail

supports

supports

vote