@GrpcGlobalServerInterceptor @Order(value=5200) public class AuthorizationCheckingServerInterceptor extends AbstractSecurityInterceptor implements ServerInterceptor
GrpcSecurityMetadataSource
to obtain the information how the called method is protected
and uses an AccessDecisionManager
to evaluate that information. This interceptor isn't needed if you use
spring's security annotations, but can be used additionally. An example use case of using both would be requiring all
users to be authenticated, while using the annotations to require further permissions.
Note: If you use spring's security annotations, the you have to use
@EnableGlobalMethodSecurity(proxyTargetClass = true, ...)
logger, messages
Constructor and Description |
---|
AuthorizationCheckingServerInterceptor(AccessDecisionManager accessDecisionManager,
GrpcSecurityMetadataSource securityMetadataSource)
Creates a new AuthorizationCheckingServerInterceptor with the given
AccessDecisionManager and
GrpcSecurityMetadataSource . |
Modifier and Type | Method and Description |
---|---|
Class<?> |
getSecureObjectClass() |
<ReqT,RespT> |
interceptCall(ServerCall<ReqT,RespT> call,
Metadata headers,
ServerCallHandler<ReqT,RespT> next) |
SecurityMetadataSource |
obtainSecurityMetadataSource() |
afterInvocation, afterPropertiesSet, beforeInvocation, finallyInvocation, getAccessDecisionManager, getAfterInvocationManager, getAuthenticationManager, getRunAsManager, isAlwaysReauthenticate, isRejectPublicInvocations, isValidateConfigAttributes, setAccessDecisionManager, setAfterInvocationManager, setAlwaysReauthenticate, setApplicationEventPublisher, setAuthenticationManager, setMessageSource, setPublishAuthorizationSuccess, setRejectPublicInvocations, setRunAsManager, setValidateConfigAttributes
public AuthorizationCheckingServerInterceptor(AccessDecisionManager accessDecisionManager, GrpcSecurityMetadataSource securityMetadataSource)
AccessDecisionManager
and
GrpcSecurityMetadataSource
.accessDecisionManager
- The access decision manager to use.securityMetadataSource
- The security metadata source to use.public <ReqT,RespT> ServerCall.Listener<ReqT> interceptCall(ServerCall<ReqT,RespT> call, Metadata headers, ServerCallHandler<ReqT,RespT> next)
interceptCall
in interface ServerInterceptor
public Class<?> getSecureObjectClass()
getSecureObjectClass
in class AbstractSecurityInterceptor
public SecurityMetadataSource obtainSecurityMetadataSource()
obtainSecurityMetadataSource
in class AbstractSecurityInterceptor