Package org.springframework.security.authorization.method

Class SecuredAuthorizationManager

java.lang.Object

org.springframework.security.authorization.method.SecuredAuthorizationManager

All Implemented Interfaces:

AuthorizationManager<org.aopalliance.intercept.MethodInvocation>

public final class SecuredAuthorizationManager
extends Object
implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>

An AuthorizationManager which can determine if an Authentication may invoke the MethodInvocation by evaluating if the Authentication contains a specified authority from the Spring Security's Secured annotation.

Since:

5.6

Constructor Summary

Constructors

Constructor	Description
SecuredAuthorizationManager()

Method Summary

Modifier and Type	Method	Description
AuthorizationDecision	check(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation mi)	Determine if an Authentication has access to a method by evaluating the Secured annotation that MethodInvocation specifies.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.authorization.AuthorizationManager

verify

Constructor Details

SecuredAuthorizationManager

public SecuredAuthorizationManager()

Method Details

check

public AuthorizationDecision check(Supplier<Authentication> authentication,
 org.aopalliance.intercept.MethodInvocation mi)

Determine if an Authentication has access to a method by evaluating the Secured annotation that MethodInvocation specifies.

Specified by:

check in interface AuthorizationManager<org.aopalliance.intercept.MethodInvocation>

Parameters:

authentication - the Supplier of the Authentication to check

mi - the MethodInvocation to check

Returns:

an AuthorizationDecision or null if the Secured annotation is not present