Interface SecurityExpressionHandler<T>
- All Superinterfaces:
org.springframework.aop.framework.AopInfrastructureBean
- All Known Subinterfaces:
MethodSecurityExpressionHandler
- All Known Implementing Classes:
AbstractSecurityExpressionHandler
,DefaultHttpSecurityExpressionHandler
,DefaultMessageSecurityExpressionHandler
,DefaultMethodSecurityExpressionHandler
,DefaultWebSecurityExpressionHandler
,MessageAuthorizationContextSecurityExpressionHandler
public interface SecurityExpressionHandler<T>
extends org.springframework.aop.framework.AopInfrastructureBean
Facade which isolates Spring Security's requirements for evaluating security
expressions from the implementation of the underlying expression objects
- Since:
- 3.1
-
Method Summary
Modifier and TypeMethodDescriptiondefault org.springframework.expression.EvaluationContext
createEvaluationContext
(Supplier<Authentication> authentication, T invocation) Provides an evaluation context in which to evaluate security expressions for the invocation type.org.springframework.expression.EvaluationContext
createEvaluationContext
(Authentication authentication, T invocation) Provides an evaluation context in which to evaluate security expressions for the invocation type.org.springframework.expression.ExpressionParser
-
Method Details
-
getExpressionParser
org.springframework.expression.ExpressionParser getExpressionParser()- Returns:
- an expression parser for the expressions used by the implementation.
-
createEvaluationContext
org.springframework.expression.EvaluationContext createEvaluationContext(Authentication authentication, T invocation) Provides an evaluation context in which to evaluate security expressions for the invocation type. -
createEvaluationContext
default org.springframework.expression.EvaluationContext createEvaluationContext(Supplier<Authentication> authentication, T invocation) Provides an evaluation context in which to evaluate security expressions for the invocation type. You can override this method in order to provide a custom implementation that uses lazy initialization of theAuthentication
object. By default, this method uses eager initialization of theAuthentication
object.- Parameters:
authentication
- theSupplier
of theAuthentication
to useinvocation
- theSecurityExpressionHandler
to use- Returns:
- the
EvaluationContext
to use - Since:
- 5.8
-