Core access-control related code, including security metadata related classes, interception code, access control annotations, EL support and voter-based implementations of the central
Interface Summary Interface Description AccessDecisionManagerMakes a final access control (authorization) decision. AccessDecisionVoter<S>Indicates a class is responsible for voting on authorization decisions. AfterInvocationProviderIndicates a class is responsible for participating in an
ConfigAttributeStores a security system related configuration attribute. PermissionCacheOptimizerAllows permissions to be pre-cached when using pre or post filtering with expressions PermissionEvaluatorStrategy used in expression evaluation to determine whether a user has a permission or permissions for a given domain object. SecurityMetadataSourceImplemented by classes that store and can identify the
ConfigAttributes that applies to a given secure object invocation.
Class Summary Class Description SecurityConfigStores a
Exception Summary Exception Description AccessDeniedExceptionThrown if an
Authenticationobject does not hold a required authority.
AuthorizationServiceExceptionThrown if an authorization request could not be processed due to a system problem.