Package org.springframework.security.web.access.expression

Class DefaultHttpSecurityExpressionHandler

java.lang.Object

org.springframework.security.access.expression.AbstractSecurityExpressionHandler<RequestAuthorizationContext>

org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler

All Implemented Interfaces:

org.springframework.aop.framework.AopInfrastructureBean, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, SecurityExpressionHandler<RequestAuthorizationContext>

public class DefaultHttpSecurityExpressionHandler
extends AbstractSecurityExpressionHandler<RequestAuthorizationContext>
implements SecurityExpressionHandler<RequestAuthorizationContext>

A SecurityExpressionHandler that uses a RequestAuthorizationContext to create a WebSecurityExpressionRoot.

Since:

5.8

Constructor Summary

Constructors

Constructor	Description
DefaultHttpSecurityExpressionHandler()

Method Summary

Modifier and Type	Method	Description
protected SecurityExpressionOperations	createSecurityExpressionRoot(Authentication authentication, RequestAuthorizationContext context)	Implement in order to create a root object of the correct type for the supported invocation type.
void	setDefaultRolePrefix(String defaultRolePrefix)	Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
void	setTrustResolver(AuthenticationTrustResolver trustResolver)	Sets the AuthenticationTrustResolver to be used.

Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler

createEvaluationContext, createEvaluationContextInternal, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler

createEvaluationContext, getExpressionParser

Constructor Details

DefaultHttpSecurityExpressionHandler

public DefaultHttpSecurityExpressionHandler()

Method Details

createSecurityExpressionRoot

protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication,
 RequestAuthorizationContext context)

Description copied from class: AbstractSecurityExpressionHandler

Implement in order to create a root object of the correct type for the supported invocation type.

Specified by:

createSecurityExpressionRoot in class AbstractSecurityExpressionHandler<RequestAuthorizationContext>

Parameters:

authentication - the current authentication object

context - the invocation (filter, method, channel)

Returns:

the object

setTrustResolver

public void setTrustResolver(AuthenticationTrustResolver trustResolver)

Sets the AuthenticationTrustResolver to be used. The default is AuthenticationTrustResolverImpl.

Parameters:

trustResolver - the AuthenticationTrustResolver to use

setDefaultRolePrefix

public void setDefaultRolePrefix(String defaultRolePrefix)

Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String). For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN") is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is "ROLE_" (default).

Parameters:

defaultRolePrefix - the default prefix to add to roles. The default is "ROLE_".