Class WebExpressionAuthorizationManager
java.lang.Object
org.springframework.security.web.access.expression.WebExpressionAuthorizationManager
- All Implemented Interfaces:
AuthorizationManager<RequestAuthorizationContext>
public final class WebExpressionAuthorizationManager
extends Object
implements AuthorizationManager<RequestAuthorizationContext>
An expression-based
AuthorizationManager
that determines the access by
evaluating the provided expression.- Since:
- 5.8
-
Constructor Summary
ConstructorDescriptionWebExpressionAuthorizationManager
(String expressionString) Creates an instance. -
Method Summary
Modifier and TypeMethodDescriptioncheck
(Supplier<Authentication> authentication, RequestAuthorizationContext context) Determines the access by evaluating the provided expression.void
setExpressionHandler
(SecurityExpressionHandler<RequestAuthorizationContext> expressionHandler) Sets theSecurityExpressionHandler
to be used.toString()
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
-
Constructor Details
-
WebExpressionAuthorizationManager
Creates an instance.- Parameters:
expressionString
- the raw expression string to parse
-
-
Method Details
-
setExpressionHandler
public void setExpressionHandler(SecurityExpressionHandler<RequestAuthorizationContext> expressionHandler) Sets theSecurityExpressionHandler
to be used. The default isDefaultHttpSecurityExpressionHandler
.- Parameters:
expressionHandler
- theSecurityExpressionHandler
to use
-
check
public AuthorizationDecision check(Supplier<Authentication> authentication, RequestAuthorizationContext context) Determines the access by evaluating the provided expression.- Specified by:
check
in interfaceAuthorizationManager<RequestAuthorizationContext>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkcontext
- theRequestAuthorizationContext
to check- Returns:
- an
ExpressionAuthorizationDecision
based on the evaluated expression
-
toString
-