Interface AuthorizationManager<T>
- Type Parameters:
T
- the type of object that the authorization check is being done on.
- All Known Implementing Classes:
AuthenticatedAuthorizationManager
,AuthoritiesAuthorizationManager
,AuthorityAuthorizationManager
,Jsr250AuthorizationManager
,MessageMatcherDelegatingAuthorizationManager
,MethodExpressionAuthorizationManager
,ObservationAuthorizationManager
,PostAuthorizeAuthorizationManager
,PreAuthorizeAuthorizationManager
,RequestMatcherDelegatingAuthorizationManager
,SecuredAuthorizationManager
,WebExpressionAuthorizationManager
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
An Authorization manager which can determine if an
Authentication
has access to
a specific object.-
Method Summary
Modifier and TypeMethodDescriptioncheck
(Supplier<Authentication> authentication, T object) Determines if access is granted for a specific authentication and object.default void
verify
(Supplier<Authentication> authentication, T object) Determines if access should be granted for a specific authentication and object.
-
Method Details
-
verify
Determines if access should be granted for a specific authentication and object.- Parameters:
authentication
- theSupplier
of theAuthentication
to checkobject
- theAuthorizationManager
object to check- Throws:
AccessDeniedException
- if access is not granted
-
check
Determines if access is granted for a specific authentication and object.- Parameters:
authentication
- theSupplier
of theAuthentication
to checkobject
- theAuthorizationManager
object to check- Returns:
- an
AuthorizationDecision
or null if no decision could be made
-