java.lang.Object | |
↳ | org.springframework.security.taglibs.authz.AbstractAuthorizeTag |
Known Direct Subclasses |
A base class for an <authorize> tag that is independent of the tag rendering technology (JSP, Facelets). It treats tag attributes as simple strings rather than strings that may contain expressions with the exception of the "access" attribute, which is always expected to contain a Spring EL expression.
Subclasses are expected to extract tag attribute values from the specific rendering technology, evaluate them as expressions if necessary, and set the String-based attributes of this class.Public Constructors | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Make an authorization decision by considering all <authorize> tag attributes.
| |||||||||||
Make an authorization decision based on a Spring EL expression.
| |||||||||||
Make an authorization decision by considering ifAllGranted, ifAnyGranted, and ifNotGranted.
| |||||||||||
Make an authorization decision based on the URL and HTTP method attributes.
| |||||||||||
Protected Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Allows the
EvaluationContext to be customized for variable lookup etc. | |||||||||||
This method allows subclasses to provide a way to access the ServletRequest according to the rendering
technology.
| |||||||||||
This method allows subclasses to provide a way to access the ServletResponse according to the rendering
technology.
| |||||||||||
This method allows subclasses to provide a way to access the ServletContext according to the rendering
technology.
|
[Expand]
Inherited Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
|
Make an authorization decision by considering all <authorize> tag attributes. The following are valid combinations of attributes:
IOException |
---|
Make an authorization decision based on a Spring EL expression. See the "Expression-Based Access Control" chapter in Spring Security for details on what expressions can be used.
IOException |
---|
Make an authorization decision by considering ifAllGranted, ifAnyGranted, and ifNotGranted. All 3 or any combination can be provided. All provided attributes must evaluate to true.
Make an authorization decision based on the URL and HTTP method attributes. True is returned if the user is allowed to access the given URL as defined.
IOException |
---|
Allows the EvaluationContext
to be customized for variable lookup etc.
This method allows subclasses to provide a way to access the ServletRequest according to the rendering technology.
This method allows subclasses to provide a way to access the ServletResponse according to the rendering technology.
This method allows subclasses to provide a way to access the ServletContext according to the rendering technology.