Package org.springframework.security.web.access.expression

Class DefaultWebSecurityExpressionHandler

  • All Implemented Interfaces:
    org.springframework.aop.framework.AopInfrastructureBean, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, org.springframework.security.access.expression.SecurityExpressionHandler<FilterInvocation>
    public class DefaultWebSecurityExpressionHandler
extends org.springframework.security.access.expression.AbstractSecurityExpressionHandler<FilterInvocation>
implements org.springframework.security.access.expression.SecurityExpressionHandler<FilterInvocation>
    Since:
    3.0

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected org.springframework.security.access.expression.SecurityExpressionOperations createSecurityExpressionRoot​(org.springframework.security.core.Authentication authentication, FilterInvocation fi)  
      void setDefaultRolePrefix​(java.lang.String defaultRolePrefix)
      Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
      void setTrustResolver​(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)
      Sets the AuthenticationTrustResolver to be used.

      • Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler

        createEvaluationContext, createEvaluationContextInternal, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler

        createEvaluationContext, getExpressionParser

    • Constructor Detail

      • DefaultWebSecurityExpressionHandler

        public DefaultWebSecurityExpressionHandler()

    • Method Detail

      • createSecurityExpressionRoot

        protected org.springframework.security.access.expression.SecurityExpressionOperations createSecurityExpressionRoot​(org.springframework.security.core.Authentication authentication,
                                                                                                                   FilterInvocation fi)
        Specified by:
        createSecurityExpressionRoot in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler<FilterInvocation>

      • setTrustResolver

        public void setTrustResolver​(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)
        Sets the AuthenticationTrustResolver to be used. The default is AuthenticationTrustResolverImpl.
        Parameters:
        trustResolver - the AuthenticationTrustResolver to use. Cannot be null.

      • setDefaultRolePrefix

        public void setDefaultRolePrefix​(java.lang.String defaultRolePrefix)

        Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String). For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN") is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is "ROLE_" (default).

        If null or empty, then no default role prefix is used.

        Parameters:
        defaultRolePrefix - the default prefix to add to roles. Default "ROLE_".