Class Jsr250AuthorizationManager
java.lang.Object
org.springframework.security.authorization.method.Jsr250AuthorizationManager
- All Implemented Interfaces:
AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
public final class Jsr250AuthorizationManager
extends Object
implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
An
AuthorizationManager
which can determine if an Authentication
may
invoke the MethodInvocation
by evaluating if the Authentication
contains a specified authority from the JSR-250 security annotations.- Since:
- 5.6
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptioncheck
(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation methodInvocation) Determine if anAuthentication
has access to a method by evaluating theDenyAll
,PermitAll
, andRolesAllowed
annotations thatMethodInvocation
specifies.void
setRolePrefix
(String rolePrefix) Sets the role prefix.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
-
Constructor Details
-
Jsr250AuthorizationManager
public Jsr250AuthorizationManager()
-
-
Method Details
-
setRolePrefix
Sets the role prefix. Defaults to "ROLE_".- Parameters:
rolePrefix
- the role prefix to use
-
check
public AuthorizationDecision check(Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation methodInvocation) Determine if anAuthentication
has access to a method by evaluating theDenyAll
,PermitAll
, andRolesAllowed
annotations thatMethodInvocation
specifies.- Specified by:
check
in interfaceAuthorizationManager<org.aopalliance.intercept.MethodInvocation>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkmethodInvocation
- theMethodInvocation
to check- Returns:
- an
AuthorizationDecision
or null if the JSR-250 security annotations is not present
-