Class DefaultHttpSecurityExpressionHandler
- java.lang.Object
-
- org.springframework.security.access.expression.AbstractSecurityExpressionHandler<RequestAuthorizationContext>
-
- org.springframework.security.web.access.expression.DefaultHttpSecurityExpressionHandler
-
- All Implemented Interfaces:
org.springframework.aop.framework.AopInfrastructureBean,org.springframework.beans.factory.Aware,org.springframework.context.ApplicationContextAware,org.springframework.security.access.expression.SecurityExpressionHandler<RequestAuthorizationContext>
public class DefaultHttpSecurityExpressionHandler extends org.springframework.security.access.expression.AbstractSecurityExpressionHandler<RequestAuthorizationContext> implements org.springframework.security.access.expression.SecurityExpressionHandler<RequestAuthorizationContext>
ASecurityExpressionHandlerthat uses aRequestAuthorizationContextto create aWebSecurityExpressionRoot.- Since:
- 5.8
-
-
Constructor Summary
Constructors Constructor Description DefaultHttpSecurityExpressionHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description org.springframework.expression.EvaluationContextcreateEvaluationContext(java.util.function.Supplier<org.springframework.security.core.Authentication> authentication, RequestAuthorizationContext context)protected org.springframework.security.access.expression.SecurityExpressionOperationscreateSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, RequestAuthorizationContext context)voidsetDefaultRolePrefix(java.lang.String defaultRolePrefix)Sets the default prefix to be added toSecurityExpressionRoot.hasAnyRole(String...)orSecurityExpressionRoot.hasRole(String).voidsetTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)Sets theAuthenticationTrustResolverto be used.-
Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler
createEvaluationContext, createEvaluationContextInternal, getBeanResolver, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy
-
-
-
-
Method Detail
-
createEvaluationContext
public org.springframework.expression.EvaluationContext createEvaluationContext(java.util.function.Supplier<org.springframework.security.core.Authentication> authentication, RequestAuthorizationContext context)- Specified by:
createEvaluationContextin interfaceorg.springframework.security.access.expression.SecurityExpressionHandler<RequestAuthorizationContext>
-
createSecurityExpressionRoot
protected org.springframework.security.access.expression.SecurityExpressionOperations createSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, RequestAuthorizationContext context)- Specified by:
createSecurityExpressionRootin classorg.springframework.security.access.expression.AbstractSecurityExpressionHandler<RequestAuthorizationContext>
-
setTrustResolver
public void setTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)
Sets theAuthenticationTrustResolverto be used. The default isAuthenticationTrustResolverImpl.- Parameters:
trustResolver- theAuthenticationTrustResolverto use
-
setDefaultRolePrefix
public void setDefaultRolePrefix(java.lang.String defaultRolePrefix)
Sets the default prefix to be added toSecurityExpressionRoot.hasAnyRole(String...)orSecurityExpressionRoot.hasRole(String). For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN") is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is "ROLE_" (default).- Parameters:
defaultRolePrefix- the default prefix to add to roles. The default is "ROLE_".
-
-