java.lang.Object | |
↳ | org.springframework.security.access.expression.AbstractSecurityExpressionHandler<T> |
Known Direct Subclasses |
Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects.
Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Invokes the internal template methods to create
StandardEvaluationContext and SecurityExpressionRoot
objects. | |||||||||||
Protected Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Override to create a custom instance of
StandardEvaluationContext . | |||||||||||
Implement in order to create a root object of the correct type for the supported invocation type.
| |||||||||||
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
From interface
org.springframework.context.ApplicationContextAware
| |||||||||||
From interface
org.springframework.security.access.expression.SecurityExpressionHandler
|
Invokes the internal template methods to create StandardEvaluationContext
and SecurityExpressionRoot
objects. The root object will be injected with references to the application context, the roleHierarchy
if set, and an AuthenticationTrustResolver
.
authentication | the current authentication object |
---|---|
invocation | the invocation (filter, method, channel) |
Override to create a custom instance of StandardEvaluationContext
.
The returned object will have a SecurityExpressionRootPropertyAccessor
added, allowing beans in
the ApplicationContext
to be accessed via expression properties.
authentication | the current authentication object |
---|---|
invocation | the invocation (filter, method, channel) |
StandardEvaluationContext
or potentially a custom subclass if overridden.
Implement in order to create a root object of the correct type for the supported invocation type.
authentication | the current authentication object |
---|---|
invocation | the invocation (filter, method, channel) |