Package org.springframework.security.access.prepost

Class PostInvocationAdviceProvider

java.lang.Object

org.springframework.security.access.prepost.PostInvocationAdviceProvider

All Implemented Interfaces:

AfterInvocationProvider

public class PostInvocationAdviceProvider
extends Object
implements AfterInvocationProvider

AfterInvocationProvider which delegates to a PostInvocationAuthorizationAdvice instance passing it the PostInvocationAttribute created from @PostAuthorize and @PostFilter annotations.

Since:

3.0

Field Summary

Fields

Modifier and Type	Field	Description
protected final org.apache.commons.logging.Log	logger

Constructor Summary

Constructors

Constructor	Description
PostInvocationAdviceProvider(PostInvocationAuthorizationAdvice postAdvice)

Method Summary

Modifier and Type	Method	Description
Object	decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject)
boolean	supports(Class<?> clazz)	Indicates whether the AfterInvocationProvider is able to provide "after invocation" processing for the indicated secured object type.
boolean	supports(ConfigAttribute attribute)	Indicates whether this AfterInvocationProvider is able to participate in a decision involving the passed ConfigAttribute.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected final org.apache.commons.logging.Log logger

Constructor Details

PostInvocationAdviceProvider

public PostInvocationAdviceProvider(PostInvocationAuthorizationAdvice postAdvice)

Method Details

decide

public Object decide(Authentication authentication,
 Object object,
 Collection<ConfigAttribute> config,
 Object returnedObject)
              throws AccessDeniedException

Specified by:

decide in interface AfterInvocationProvider

Throws:

AccessDeniedException

supports

public boolean supports(ConfigAttribute attribute)

Description copied from interface: AfterInvocationProvider

Indicates whether this AfterInvocationProvider is able to participate in a decision involving the passed ConfigAttribute.

This allows the AbstractSecurityInterceptor to check every configuration attribute can be consumed by the configured AccessDecisionManager and/or RunAsManager and/or AccessDecisionManager.

Specified by:

supports in interface AfterInvocationProvider

Parameters:

attribute - a configuration attribute that has been configured against the AbstractSecurityInterceptor

Returns:

true if this AfterInvocationProvider can support the passed configuration attribute

supports

public boolean supports(Class<?> clazz)

Description copied from interface: AfterInvocationProvider

Indicates whether the AfterInvocationProvider is able to provide "after invocation" processing for the indicated secured object type.

Specified by:

supports in interface AfterInvocationProvider

Parameters:

clazz - the class of secure object that is being queried

Returns:

true if the implementation can process the indicated class