Class DefaultHttpSecurityExpressionHandler
- java.lang.Object
-
- org.springframework.security.access.expression.AbstractSecurityExpressionHandler<RequestAuthorizationContext>
-
- org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler
-
- All Implemented Interfaces:
org.springframework.aop.framework.AopInfrastructureBean
,org.springframework.beans.factory.Aware
,org.springframework.context.ApplicationContextAware
,org.springframework.security.access.expression.SecurityExpressionHandler<RequestAuthorizationContext>
public class DefaultHttpSecurityExpressionHandler extends org.springframework.security.access.expression.AbstractSecurityExpressionHandler<RequestAuthorizationContext> implements org.springframework.security.access.expression.SecurityExpressionHandler<RequestAuthorizationContext>
ASecurityExpressionHandler
that uses aRequestAuthorizationContext
to create aWebSecurityExpressionRoot
.- Since:
- 5.8
-
-
Constructor Summary
Constructors Constructor Description DefaultHttpSecurityExpressionHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description org.springframework.expression.EvaluationContext
createEvaluationContext(java.util.function.Supplier<org.springframework.security.core.Authentication> authentication, RequestAuthorizationContext context)
protected org.springframework.security.access.expression.SecurityExpressionOperations
createSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, RequestAuthorizationContext context)
void
setDefaultRolePrefix(java.lang.String defaultRolePrefix)
Sets the default prefix to be added toSecurityExpressionRoot.hasAnyRole(String...)
orSecurityExpressionRoot.hasRole(String)
.void
setTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)
Sets theAuthenticationTrustResolver
to be used.-
Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
createEvaluationContext, createEvaluationContextInternal, getBeanResolver, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy
-
-
-
-
Method Detail
-
createEvaluationContext
public org.springframework.expression.EvaluationContext createEvaluationContext(java.util.function.Supplier<org.springframework.security.core.Authentication> authentication, RequestAuthorizationContext context)
- Specified by:
createEvaluationContext
in interfaceorg.springframework.security.access.expression.SecurityExpressionHandler<RequestAuthorizationContext>
-
createSecurityExpressionRoot
protected org.springframework.security.access.expression.SecurityExpressionOperations createSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, RequestAuthorizationContext context)
- Specified by:
createSecurityExpressionRoot
in classorg.springframework.security.access.expression.AbstractSecurityExpressionHandler<RequestAuthorizationContext>
-
setTrustResolver
public void setTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)
Sets theAuthenticationTrustResolver
to be used. The default isAuthenticationTrustResolverImpl
.- Parameters:
trustResolver
- theAuthenticationTrustResolver
to use
-
setDefaultRolePrefix
public void setDefaultRolePrefix(java.lang.String defaultRolePrefix)
Sets the default prefix to be added toSecurityExpressionRoot.hasAnyRole(String...)
orSecurityExpressionRoot.hasRole(String)
. For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN") is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is "ROLE_" (default).- Parameters:
defaultRolePrefix
- the default prefix to add to roles. The default is "ROLE_".
-
-