public class

AfterInvocationProviderManager

extends Object
implements InitializingBean AfterInvocationManager
java.lang.Object
   ↳ org.springframework.security.access.intercept.AfterInvocationProviderManager

Class Overview

Provider-based implementation of AfterInvocationManager.

Handles configuration of a bean context defined list of AfterInvocationProviders.

Every AfterInvocationProvider will be polled when the decide(Authentication, Object, Collection, Object) method is called. The Object returned from each provider will be presented to the successive provider for processing. This means each provider must ensure they return the Object, even if they are not interested in the "after invocation" decision (perhaps as the secure object invocation did not include a configuration attribute a given provider is configured to respond to).

Summary

Fields
protected static final Log logger
Public Constructors
AfterInvocationProviderManager()
Public Methods
void afterPropertiesSet()
Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject)
Given the details of a secure object invocation including its returned Object, make an access control decision or optionally modify the returned Object.
List<AfterInvocationProvider> getProviders()
void setProviders(List<?> newList)
boolean supports(Class<?> clazz)
Iterates through all AfterInvocationProviders and ensures each can support the presented class.
boolean supports(ConfigAttribute attribute)
Indicates whether this AfterInvocationManager is able to process "after invocation" requests presented with the passed ConfigAttribute.
[Expand]
Inherited Methods
From class java.lang.Object
From interface org.springframework.beans.factory.InitializingBean
From interface org.springframework.security.access.intercept.AfterInvocationManager

Fields

protected static final Log logger

Public Constructors

public AfterInvocationProviderManager ()

Public Methods

public void afterPropertiesSet ()

Throws
Exception

public Object decide (Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject)

Given the details of a secure object invocation including its returned Object, make an access control decision or optionally modify the returned Object.

Parameters
authentication the caller that invoked the method
object the secured object that was called
config the configuration attributes associated with the secured object that was invoked
returnedObject the Object that was returned from the secure object invocation
Returns
  • the Object that will ultimately be returned to the caller (if an implementation does not wish to modify the object to be returned to the caller, the implementation should simply return the same object it was passed by the returnedObject method argument)
Throws
AccessDeniedException

public List<AfterInvocationProvider> getProviders ()

public void setProviders (List<?> newList)

public boolean supports (Class<?> clazz)

Iterates through all AfterInvocationProviders and ensures each can support the presented class.

If one or more providers cannot support the presented class, false is returned.

Parameters
clazz the secure object class being queries
Returns
  • if the AfterInvocationProviderManager can support the secure object class, which requires every one of its AfterInvocationProviders to support the secure object class

public boolean supports (ConfigAttribute attribute)

Indicates whether this AfterInvocationManager is able to process "after invocation" requests presented with the passed ConfigAttribute.

This allows the AbstractSecurityInterceptor to check every configuration attribute can be consumed by the configured AccessDecisionManager and/or RunAsManager and/or AfterInvocationManager.

Parameters
attribute a configuration attribute that has been configured against the AbstractSecurityInterceptor
Returns
  • true if this AfterInvocationManager can support the passed configuration attribute