AuthorizationManager (spring-security-docs 6.4.0-RC1 API)

Type Parameters:: T - the type of object that the authorization check is being done on.

All Known Implementing Classes:: AuthenticatedAuthorizationManager, AuthoritiesAuthorizationManager, AuthorityAuthorizationManager, IpAddressAuthorizationManager, Jsr250AuthorizationManager, MessageMatcherDelegatingAuthorizationManager, MethodExpressionAuthorizationManager, ObservationAuthorizationManager, PostAuthorizeAuthorizationManager, PreAuthorizeAuthorizationManager, RequestMatcherDelegatingAuthorizationManager, SecuredAuthorizationManager, WebExpressionAuthorizationManager

Functional Interface:: This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.

@FunctionalInterface public interface AuthorizationManager<T>

An Authorization manager which can determine if an Authentication has access to a specific object.

Method Summary

Modifier and Type

Method

Description

default AuthorizationResult

authorize(Supplier<Authentication> authentication, T object)

Determines if access is granted for a specific authentication and object.

AuthorizationDecision

check(Supplier<Authentication> authentication, T object)

Deprecated.
please use authorize(Supplier, Object) instead

default void

verify(Supplier<Authentication> authentication, T object)

Determines if access should be granted for a specific authentication and object.

Method Details
- verify
  
  default void verify(Supplier<Authentication> authentication, T object)
  
  Determines if access should be granted for a specific authentication and object.
  
  Parameters:
  
  authentication - the Supplier of the Authentication to check
  
  object - the AuthorizationManager object to check
  
  Throws:
  
  AccessDeniedException - if access is not granted
- check
  
  @Nullable @Deprecated AuthorizationDecision check(Supplier<Authentication> authentication, T object)
  
  Deprecated.
  please use authorize(Supplier, Object) instead
  
  Determines if access is granted for a specific authentication and object.
  
  Parameters:
  
  authentication - the Supplier of the Authentication to check
  
  object - the AuthorizationManager object to check
  
  Returns:
  
  an AuthorizationDecision or null if no decision could be made
- authorize
  
  @Nullable default AuthorizationResult authorize(Supplier<Authentication> authentication, T object)
  
  Determines if access is granted for a specific authentication and object.
  
  Parameters:
  
  authentication - the Supplier of the Authentication to authorize
  
  object - the AuthorizationManager object to authorize
  
  Returns:
  
  an AuthorizationResult
  
  Since:
  
  6.4