Interface AuthorizationManager<T>
- Type Parameters:
T- the type of object that the authorization check is being done on.
- All Known Implementing Classes:
AuthenticatedAuthorizationManager,AuthoritiesAuthorizationManager,AuthorityAuthorizationManager,IpAddressAuthorizationManager,Jsr250AuthorizationManager,MessageMatcherDelegatingAuthorizationManager,MethodExpressionAuthorizationManager,ObservationAuthorizationManager,PostAuthorizeAuthorizationManager,PreAuthorizeAuthorizationManager,RequestMatcherDelegatingAuthorizationManager,SecuredAuthorizationManager,WebExpressionAuthorizationManager
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
An Authorization manager which can determine if an
Authentication has access to
a specific object.-
Method Summary
Modifier and TypeMethodDescriptioncheck(Supplier<Authentication> authentication, T object) Determines if access is granted for a specific authentication and object.default voidverify(Supplier<Authentication> authentication, T object) Determines if access should be granted for a specific authentication and object.
-
Method Details
-
verify
Determines if access should be granted for a specific authentication and object.- Parameters:
authentication- theSupplierof theAuthenticationto checkobject- theAuthorizationManagerobject to check- Throws:
AccessDeniedException- if access is not granted
-
check
Determines if access is granted for a specific authentication and object.- Parameters:
authentication- theSupplierof theAuthenticationto checkobject- theAuthorizationManagerobject to check- Returns:
- an
AuthorizationDecisionor null if no decision could be made
-