Package org.springframework.security.authorization

Class ObservationAuthorizationManager<T>

java.lang.Object

org.springframework.security.authorization.ObservationAuthorizationManager<T>

All Implemented Interfaces:

org.springframework.beans.factory.Aware, org.springframework.context.MessageSourceAware, AuthorizationManager<T>, MethodAuthorizationDeniedHandler

public final class ObservationAuthorizationManager<T>
extends Object
implements AuthorizationManager<T>, org.springframework.context.MessageSourceAware, MethodAuthorizationDeniedHandler

An AuthorizationManager that observes the authorization

Since:

6.0

Constructor Summary

Constructors

Constructor	Description
ObservationAuthorizationManager(io.micrometer.observation.ObservationRegistry registry, AuthorizationManager<T> delegate)

Method Summary

Modifier and Type	Method	Description
AuthorizationDecision	check(Supplier<Authentication> authentication, T object)	Determines if access is granted for a specific authentication and object.
Object	handleDeniedInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation, AuthorizationResult authorizationResult)	Handle denied method invocations, implementations might either throw an AuthorizationDeniedException or a replacement result instead of invoking the method, e.g.
Object	handleDeniedInvocationResult(MethodInvocationResult methodInvocationResult, AuthorizationResult authorizationResult)	Handle denied method invocations, implementations might either throw an AuthorizationDeniedException or a replacement result instead of invoking the method, e.g.
void	setMessageSource(org.springframework.context.MessageSource messageSource)	Set the MessageSource that this object runs in.
void	setObservationConvention(io.micrometer.observation.ObservationConvention<AuthorizationObservationContext<?>> convention)	Use the provided convention for reporting observation data

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.authorization.AuthorizationManager

verify

Constructor Details

ObservationAuthorizationManager

public ObservationAuthorizationManager(io.micrometer.observation.ObservationRegistry registry,
 AuthorizationManager<T> delegate)

Method Details

check

public AuthorizationDecision check(Supplier<Authentication> authentication,
 T object)

Description copied from interface: AuthorizationManager

Determines if access is granted for a specific authentication and object.

Specified by:

check in interface AuthorizationManager<T>

Parameters:

authentication - the Supplier of the Authentication to check

object - the AuthorizationManager object to check

Returns:

an AuthorizationDecision or null if no decision could be made

setObservationConvention

public void setObservationConvention(io.micrometer.observation.ObservationConvention<AuthorizationObservationContext<?>> convention)

Use the provided convention for reporting observation data

Parameters:

convention - The provided convention

Since:

6.1

setMessageSource

public void setMessageSource(org.springframework.context.MessageSource messageSource)

Set the MessageSource that this object runs in.

Specified by:

setMessageSource in interface org.springframework.context.MessageSourceAware

Parameters:

messageSource - The message source to be used by this object

Since:

6.2

handleDeniedInvocation

public Object handleDeniedInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation,
 AuthorizationResult authorizationResult)

Description copied from interface: MethodAuthorizationDeniedHandler

Handle denied method invocations, implementations might either throw an AuthorizationDeniedException or a replacement result instead of invoking the method, e.g. a masked value.

Specified by:

handleDeniedInvocation in interface MethodAuthorizationDeniedHandler

Parameters:

methodInvocation - the MethodInvocation related to the authorization denied

authorizationResult - the authorization denied result

Returns:

a replacement result for the denied method invocation, or null, or a Mono for reactive applications

handleDeniedInvocationResult

public Object handleDeniedInvocationResult(MethodInvocationResult methodInvocationResult,
 AuthorizationResult authorizationResult)

Description copied from interface: MethodAuthorizationDeniedHandler

Handle denied method invocations, implementations might either throw an AuthorizationDeniedException or a replacement result instead of invoking the method, e.g. a masked value. By default, this method invokes MethodAuthorizationDeniedHandler.handleDeniedInvocation(MethodInvocation, AuthorizationResult).

Specified by:

handleDeniedInvocationResult in interface MethodAuthorizationDeniedHandler

Parameters:

methodInvocationResult - the object containing the MethodInvocation and the result produced

authorizationResult - the authorization denied result

Returns:

a replacement result for the denied method invocation, or null, or a Mono for reactive applications