org.springframework.security.oauth2.provider.expression
Class OAuth2MethodSecurityExpressionHandler
java.lang.Object
org.springframework.security.access.expression.AbstractSecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler
- All Implemented Interfaces:
- org.springframework.aop.framework.AopInfrastructureBean, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, org.springframework.security.access.expression.method.MethodSecurityExpressionHandler, org.springframework.security.access.expression.SecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
public class OAuth2MethodSecurityExpressionHandler
- extends org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
A security expression handler that can handle default method security expressions plus the set provided by
OAuth2SecurityExpressionMethods using the variable oauth2 to access the methods. For example, the expression
#oauth2.clientHasRole('ROLE_ADMIN') would invoke OAuth2SecurityExpressionMethods.clientHasRole(java.lang.String)
- Author:
- Dave Syer, Rob Winch
| Fields inherited from class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler |
logger |
|
Method Summary |
org.springframework.expression.spel.support.StandardEvaluationContext |
createEvaluationContextInternal(org.springframework.security.core.Authentication authentication,
org.aopalliance.intercept.MethodInvocation mi)
|
void |
setThrowExceptionOnInvalidScope(boolean throwException)
Flag to determine the behaviour on access denied if the reason is . |
| Methods inherited from class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler |
createSecurityExpressionRoot, filter, setParameterNameDiscoverer, setPermissionCacheOptimizer, setReturnObject |
| Methods inherited from class org.springframework.security.access.expression.AbstractSecurityExpressionHandler |
createEvaluationContext, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Methods inherited from interface org.springframework.security.access.expression.SecurityExpressionHandler |
createEvaluationContext, getExpressionParser |
OAuth2MethodSecurityExpressionHandler
public OAuth2MethodSecurityExpressionHandler()
setThrowExceptionOnInvalidScope
public void setThrowExceptionOnInvalidScope(boolean throwException)
- Flag to determine the behaviour on access denied if the reason is . If set then we throw an
InvalidScopeException instead of returning true. This is unconventional for an access decision because it
vetos the other voters in the chain, but it enables us to pass a message to the caller with information about the
required scope.
- Parameters:
throwException - the flag to set (default true)
createEvaluationContextInternal
public org.springframework.expression.spel.support.StandardEvaluationContext createEvaluationContextInternal(org.springframework.security.core.Authentication authentication,
org.aopalliance.intercept.MethodInvocation mi)
- Overrides:
createEvaluationContextInternal in class org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
Copyright © 2013. All rights reserved.