Package org.springframework.security.web.access.expression

Class DefaultWebSecurityExpressionHandler

java.lang.Object
org.springframework.security.access.expression.AbstractSecurityExpressionHandler<FilterInvocation>
org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler
All Implemented Interfaces:
org.springframework.aop.framework.AopInfrastructureBean, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, org.springframework.security.access.expression.SecurityExpressionHandler<FilterInvocation>
public class DefaultWebSecurityExpressionHandler extends org.springframework.security.access.expression.AbstractSecurityExpressionHandler<FilterInvocation> implements org.springframework.security.access.expression.SecurityExpressionHandler<FilterInvocation>
Since:
3.0

  • Constructor Summary

    Constructors
    Constructor
    Description
    DefaultWebSecurityExpressionHandler()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected org.springframework.security.access.expression.SecurityExpressionOperations
    createSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, FilterInvocation fi)
     
    void
    setDefaultRolePrefix(String defaultRolePrefix)
    Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String).
    void
    setTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)
    Sets the AuthenticationTrustResolver to be used.

    Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler

    createEvaluationContext, createEvaluationContextInternal, getBeanResolver, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler

    createEvaluationContext, createEvaluationContext, getExpressionParser

  • Constructor Details

    • DefaultWebSecurityExpressionHandler

      public DefaultWebSecurityExpressionHandler()

  • Method Details

    • createSecurityExpressionRoot

      protected org.springframework.security.access.expression.SecurityExpressionOperations createSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, FilterInvocation fi)
      Specified by:
      createSecurityExpressionRoot in class org.springframework.security.access.expression.AbstractSecurityExpressionHandler<FilterInvocation>

    • setTrustResolver

      public void setTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver trustResolver)
      Sets the AuthenticationTrustResolver to be used. The default is AuthenticationTrustResolverImpl.
      Parameters:
      trustResolver - the AuthenticationTrustResolver to use. Cannot be null.

    • setDefaultRolePrefix

      public void setDefaultRolePrefix(String defaultRolePrefix)

      Sets the default prefix to be added to SecurityExpressionRoot.hasAnyRole(String...) or SecurityExpressionRoot.hasRole(String). For example, if hasRole("ADMIN") or hasRole("ROLE_ADMIN") is passed in, then the role ROLE_ADMIN will be used when the defaultRolePrefix is "ROLE_" (default).

      If null or empty, then no default role prefix is used.

      Parameters:
      defaultRolePrefix - the default prefix to add to roles. Default "ROLE_".