Class PreAuthorizeAuthorizationManager
java.lang.Object
org.springframework.security.authorization.method.PreAuthorizeAuthorizationManager
- All Implemented Interfaces:
AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
,MethodAuthorizationDeniedHandler
public final class PreAuthorizeAuthorizationManager
extends Object
implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>, MethodAuthorizationDeniedHandler
An
AuthorizationManager
which can determine if an Authentication
may
invoke the MethodInvocation
by evaluating an expression from the
PreAuthorize
annotation.- Since:
- 5.6
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptioncheck
(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi) Determine if anAuthentication
has access to a method by evaluating an expression from thePreAuthorize
annotation that theMethodInvocation
specifies.handleDeniedInvocation
(org.aopalliance.intercept.MethodInvocation methodInvocation, AuthorizationResult authorizationResult) Handle denied method invocations, implementations might either throw anAuthorizationDeniedException
or a replacement result instead of invoking the method, e.g.void
setApplicationContext
(org.springframework.context.ApplicationContext context) void
setExpressionHandler
(MethodSecurityExpressionHandler expressionHandler) Sets theMethodSecurityExpressionHandler
.void
setTemplateDefaults
(PrePostTemplateDefaults defaults) Configure pre/post-authorization template resolutionMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
Methods inherited from interface org.springframework.security.authorization.method.MethodAuthorizationDeniedHandler
handleDeniedInvocationResult
-
Constructor Details
-
PreAuthorizeAuthorizationManager
public PreAuthorizeAuthorizationManager()
-
-
Method Details
-
setExpressionHandler
Sets theMethodSecurityExpressionHandler
.- Parameters:
expressionHandler
- theMethodSecurityExpressionHandler
to use
-
setTemplateDefaults
Configure pre/post-authorization template resolutionBy default, this value is
null
, which indicates that templates should not be resolved.- Parameters:
defaults
- - whether to resolve pre/post-authorization templates parameters- Since:
- 6.3
-
setApplicationContext
public void setApplicationContext(org.springframework.context.ApplicationContext context) -
check
public AuthorizationDecision check(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi) Determine if anAuthentication
has access to a method by evaluating an expression from thePreAuthorize
annotation that theMethodInvocation
specifies.- Specified by:
check
in interfaceAuthorizationManager<org.aopalliance.intercept.MethodInvocation>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkmi
- theMethodInvocation
to check- Returns:
- an
AuthorizationDecision
ornull
if thePreAuthorize
annotation is not present
-
handleDeniedInvocation
public Object handleDeniedInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation, AuthorizationResult authorizationResult) Description copied from interface:MethodAuthorizationDeniedHandler
Handle denied method invocations, implementations might either throw anAuthorizationDeniedException
or a replacement result instead of invoking the method, e.g. a masked value.- Specified by:
handleDeniedInvocation
in interfaceMethodAuthorizationDeniedHandler
- Parameters:
methodInvocation
- theMethodInvocation
related to the authorization deniedauthorizationResult
- the authorization denied result- Returns:
- a replacement result for the denied method invocation, or null, or a
Mono
for reactive applications
-