Class AfterInvocationProviderManager
- All Implemented Interfaces:
org.springframework.beans.factory.InitializingBean
,AfterInvocationManager
AfterInvocationManager
.
Handles configuration of a bean context defined list of AfterInvocationProvider
s.
Every AfterInvocationProvider
will be polled when the
decide(Authentication, Object, Collection, Object)
method is called. The
Object
returned from each provider will be presented to the successive
provider for processing. This means each provider must ensure they return the
Object
, even if they are not interested in the "after invocation" decision
(perhaps as the secure object invocation did not include a configuration attribute a
given provider is configured to respond to).
-
Field Summary
Modifier and TypeFieldDescriptionprotected static final org.apache.commons.logging.Log
Deprecated. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
Deprecated.decide
(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) Deprecated.Given the details of a secure object invocation including its returnedObject
, make an access control decision or optionally modify the returnedObject
.Deprecated.void
setProviders
(List<?> newList) Deprecated.boolean
Deprecated.Iterates through allAfterInvocationProvider
s and ensures each can support the presented class.boolean
supports
(ConfigAttribute attribute) Deprecated.Indicates whether thisAfterInvocationManager
is able to process "after invocation" requests presented with the passedConfigAttribute
.
-
Field Details
-
logger
protected static final org.apache.commons.logging.Log loggerDeprecated.
-
-
Constructor Details
-
AfterInvocationProviderManager
public AfterInvocationProviderManager()Deprecated.
-
-
Method Details
-
afterPropertiesSet
public void afterPropertiesSet()Deprecated.- Specified by:
afterPropertiesSet
in interfaceorg.springframework.beans.factory.InitializingBean
-
decide
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) throws AccessDeniedException Deprecated.Description copied from interface:AfterInvocationManager
Given the details of a secure object invocation including its returnedObject
, make an access control decision or optionally modify the returnedObject
.- Specified by:
decide
in interfaceAfterInvocationManager
- Parameters:
authentication
- the caller that invoked the methodobject
- the secured object that was calledconfig
- the configuration attributes associated with the secured object that was invokedreturnedObject
- theObject
that was returned from the secure object invocation- Returns:
- the
Object
that will ultimately be returned to the caller (if an implementation does not wish to modify the object to be returned to the caller, the implementation should simply return the same object it was passed by thereturnedObject
method argument) - Throws:
AccessDeniedException
- if access is denied
-
getProviders
Deprecated. -
setProviders
Deprecated. -
supports
Deprecated.Description copied from interface:AfterInvocationManager
Indicates whether thisAfterInvocationManager
is able to process "after invocation" requests presented with the passedConfigAttribute
.This allows the
AbstractSecurityInterceptor
to check every configuration attribute can be consumed by the configuredAccessDecisionManager
and/orRunAsManager
and/orAfterInvocationManager
.- Specified by:
supports
in interfaceAfterInvocationManager
- Parameters:
attribute
- a configuration attribute that has been configured against theAbstractSecurityInterceptor
- Returns:
- true if this
AfterInvocationManager
can support the passed configuration attribute
-
supports
Deprecated.Iterates through allAfterInvocationProvider
s and ensures each can support the presented class.If one or more providers cannot support the presented class,
false
is returned.- Specified by:
supports
in interfaceAfterInvocationManager
- Parameters:
clazz
- the secure object class being queries- Returns:
- if the
AfterInvocationProviderManager
can support the secure object class, which requires every one of itsAfterInvocationProvider
s to support the secure object class
-
AuthorizationManager