Class PostAuthorizeAuthorizationManager
java.lang.Object
org.springframework.security.authorization.method.PostAuthorizeAuthorizationManager
- All Implemented Interfaces:
AuthorizationManager<MethodInvocationResult>
public final class PostAuthorizeAuthorizationManager
extends Object
implements AuthorizationManager<MethodInvocationResult>
An
AuthorizationManager
which can determine if an Authentication
may
return the result from an invoked MethodInvocation
by evaluating an expression
from the PostAuthorize
annotation.- Since:
- 5.6
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptioncheck
(Supplier<Authentication> authentication, MethodInvocationResult mi) Determine if anAuthentication
has access to the returned object by evaluating thePostAuthorize
annotation that theMethodInvocation
specifies.void
setExpressionHandler
(MethodSecurityExpressionHandler expressionHandler) Use this theMethodSecurityExpressionHandler
.void
setTemplateDefaults
(PrePostTemplateDefaults defaults) Configure pre/post-authorization template resolutionMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
-
Constructor Details
-
PostAuthorizeAuthorizationManager
public PostAuthorizeAuthorizationManager()
-
-
Method Details
-
setExpressionHandler
Use this theMethodSecurityExpressionHandler
.- Parameters:
expressionHandler
- theMethodSecurityExpressionHandler
to use
-
setTemplateDefaults
Configure pre/post-authorization template resolutionBy default, this value is
null
, which indicates that templates should not be resolved.- Parameters:
defaults
- - whether to resolve pre/post-authorization templates parameters- Since:
- 6.3
-
check
public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocationResult mi) Determine if anAuthentication
has access to the returned object by evaluating thePostAuthorize
annotation that theMethodInvocation
specifies.- Specified by:
check
in interfaceAuthorizationManager<MethodInvocationResult>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkmi
- theMethodInvocationResult
to check- Returns:
- an
AuthorizationDecision
ornull
if thePostAuthorize
annotation is not present
-