Package org.springframework.security.authorization.method

Class PreAuthorizeReactiveAuthorizationManager

java.lang.Object
org.springframework.security.authorization.method.PreAuthorizeReactiveAuthorizationManager
All Implemented Interfaces:
MethodAuthorizationDeniedHandler, ReactiveAuthorizationManager<org.aopalliance.intercept.MethodInvocation>
public final class PreAuthorizeReactiveAuthorizationManager extends Object implements ReactiveAuthorizationManager<org.aopalliance.intercept.MethodInvocation>, MethodAuthorizationDeniedHandler
A ReactiveAuthorizationManager which can determine if an Authentication has access to the MethodInvocation by evaluating an expression from the PreAuthorize annotation.
Since:
5.8

  • Constructor Details

    • PreAuthorizeReactiveAuthorizationManager

      public PreAuthorizeReactiveAuthorizationManager()

    • PreAuthorizeReactiveAuthorizationManager

      public PreAuthorizeReactiveAuthorizationManager(MethodSecurityExpressionHandler expressionHandler)

  • Method Details

    • setTemplateDefaults

      public void setTemplateDefaults(AnnotationTemplateExpressionDefaults defaults)
      Configure pre/post-authorization template resolution

      By default, this value is null, which indicates that templates should not be resolved.

      Parameters:
      defaults - - whether to resolve pre/post-authorization templates parameters
      Since:
      6.4

    • setApplicationContext

      public void setApplicationContext(org.springframework.context.ApplicationContext context)

    • authorize

      public reactor.core.publisher.Mono<AuthorizationResult> authorize(reactor.core.publisher.Mono<Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi)
      Determines if an Authentication has access to the MethodInvocation by evaluating an expression from the PreAuthorize annotation.
      Specified by:
      authorize in interface ReactiveAuthorizationManager<org.aopalliance.intercept.MethodInvocation>
      Parameters:
      authentication - the Mono of the Authentication to check
      mi - the MethodInvocation to check
      Returns:
      a Mono of the AuthorizationResult or an empty Mono if the PreAuthorize annotation is not present

    • handleDeniedInvocation

      public @Nullable Object handleDeniedInvocation(org.aopalliance.intercept.MethodInvocation methodInvocation, AuthorizationResult authorizationResult)
      Description copied from interface: MethodAuthorizationDeniedHandler
      Handle denied method invocations, implementations might either throw an AuthorizationDeniedException or a replacement result instead of invoking the method, e.g. a masked value.
      Specified by:
      handleDeniedInvocation in interface MethodAuthorizationDeniedHandler
      Parameters:
      methodInvocation - the MethodInvocation related to the authorization denied
      authorizationResult - the authorization denied result
      Returns:
      a replacement result for the denied method invocation, or null, or a Mono for reactive applications