public abstract class

AbstractSecurityExpressionHandler

extends Object
implements ApplicationContextAware SecurityExpressionHandler<T>
java.lang.Object
   ↳ org.springframework.security.access.expression.AbstractSecurityExpressionHandler<T>
Known Direct Subclasses

Class Overview

Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions from the implementation of the underlying expression objects.

Summary

Public Constructors
AbstractSecurityExpressionHandler()
Public Methods
final EvaluationContext createEvaluationContext(Authentication authentication, T invocation)
Invokes the internal template methods to create StandardEvaluationContext and SecurityExpressionRoot objects.
final ExpressionParser getExpressionParser()
void setApplicationContext(ApplicationContext applicationContext)
void setPermissionEvaluator(PermissionEvaluator permissionEvaluator)
void setRoleHierarchy(RoleHierarchy roleHierarchy)
Protected Methods
StandardEvaluationContext createEvaluationContextInternal(Authentication authentication, T invocation)
Override to create a custom instance of StandardEvaluationContext.
abstract SecurityExpressionRoot createSecurityExpressionRoot(Authentication authentication, T invocation)
Implement in order to create a root object of the correct type for the supported invocation type.
PermissionEvaluator getPermissionEvaluator()
[Expand]
Inherited Methods
From class java.lang.Object
From interface org.springframework.context.ApplicationContextAware
From interface org.springframework.security.access.expression.SecurityExpressionHandler

Public Constructors

public AbstractSecurityExpressionHandler ()

Public Methods

public final EvaluationContext createEvaluationContext (Authentication authentication, T invocation)

Invokes the internal template methods to create StandardEvaluationContext and SecurityExpressionRoot objects. The root object will be injected with references to the application context, the roleHierarchy if set, and an AuthenticationTrustResolver.

Parameters
authentication the current authentication object
invocation the invocation (filter, method, channel)
Returns
  • the context object for use in evaluating the expression, populated with a suitable root object.

public final ExpressionParser getExpressionParser ()

public void setApplicationContext (ApplicationContext applicationContext)

public void setPermissionEvaluator (PermissionEvaluator permissionEvaluator)

public void setRoleHierarchy (RoleHierarchy roleHierarchy)

Protected Methods

protected StandardEvaluationContext createEvaluationContextInternal (Authentication authentication, T invocation)

Override to create a custom instance of StandardEvaluationContext.

The returned object will have a SecurityExpressionRootPropertyAccessor added, allowing beans in the ApplicationContext to be accessed via expression properties.

Parameters
authentication the current authentication object
invocation the invocation (filter, method, channel)
Returns
  • A StandardEvaluationContext or potentially a custom subclass if overridden.

protected abstract SecurityExpressionRoot createSecurityExpressionRoot (Authentication authentication, T invocation)

Implement in order to create a root object of the correct type for the supported invocation type.

Parameters
authentication the current authentication object
invocation the invocation (filter, method, channel)
Returns
  • the object wh

protected PermissionEvaluator getPermissionEvaluator ()