SpringAuthorizationEventPublisher (spring-security-docs 6.3.10 API)

java.lang.Object

org.springframework.security.authorization.SpringAuthorizationEventPublisher

All Implemented Interfaces:: AuthorizationEventPublisher

public final class SpringAuthorizationEventPublisher extends Object implements AuthorizationEventPublisher

An implementation of AuthorizationEventPublisher that uses Spring's event publishing support. Because AuthorizationGrantedEvents typically require additional business logic to decide whether to publish, this implementation only publishes AuthorizationDeniedEvents.

Since:: 5.7

Constructor Summary

Constructors

Constructor

Description

SpringAuthorizationEventPublisher(org.springframework.context.ApplicationEventPublisher eventPublisher)

Construct this publisher using Spring's ApplicationEventPublisher
Method Summary

Modifier and Type

Method

Description

<T> void

publishAuthorizationEvent(Supplier<Authentication> authentication, T object, AuthorizationDecision decision)

Publish the given details in the form of an event, typically AuthorizationGrantedEvent or AuthorizationDeniedEvent.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- SpringAuthorizationEventPublisher
  
  public SpringAuthorizationEventPublisher(org.springframework.context.ApplicationEventPublisher eventPublisher)
  
  Construct this publisher using Spring's ApplicationEventPublisher
  
  Parameters:
  
  eventPublisher -
Method Details
- publishAuthorizationEvent
  
  public <T> void publishAuthorizationEvent(Supplier<Authentication> authentication, T object, AuthorizationDecision decision)
  
  Publish the given details in the form of an event, typically AuthorizationGrantedEvent or AuthorizationDeniedEvent. Note that success events can be very noisy if enabled by default. Because of this implementations may choose to drop success events by default.
  
  Specified by:
  
  publishAuthorizationEvent in interface AuthorizationEventPublisher
  
  Type Parameters:
  
  T - the secured object's type
  
  Parameters:
  
  authentication - a Supplier for the current user
  
  object - the secured object
  
  decision - the decision about whether the user may access the secured object