org.springframework.security.oauth2.provider.expression
类 OAuth2MethodSecurityExpressionHandler
java.lang.Object
org.springframework.security.access.expression.AbstractSecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler
- 所有已实现的接口:
- org.springframework.aop.framework.AopInfrastructureBean, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationContextAware, org.springframework.security.access.expression.method.MethodSecurityExpressionHandler, org.springframework.security.access.expression.SecurityExpressionHandler<org.aopalliance.intercept.MethodInvocation>
public class OAuth2MethodSecurityExpressionHandler
- extends org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler
A security expression handler that can handle default method security expressions plus the set provided by
OAuth2SecurityExpressionMethods using the variable oauth2 to access the methods. For example, the expression
#oauth2.clientHasRole('ROLE_ADMIN') would invoke OAuth2SecurityExpressionMethods.clientHasRole(java.lang.String)
- 作者:
- Dave Syer, Rob Winch
| 从类 org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler 继承的字段 |
logger |
|
方法摘要 |
org.springframework.expression.spel.support.StandardEvaluationContext |
createEvaluationContextInternal(org.springframework.security.core.Authentication authentication,
org.aopalliance.intercept.MethodInvocation mi)
|
void |
setThrowExceptionOnInvalidScope(boolean throwException)
Flag to determine the behaviour on access denied if the reason is . |
| 从类 org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler 继承的方法 |
createSecurityExpressionRoot, filter, setParameterNameDiscoverer, setPermissionCacheOptimizer, setReturnObject |
| 从类 org.springframework.security.access.expression.AbstractSecurityExpressionHandler 继承的方法 |
createEvaluationContext, getExpressionParser, getPermissionEvaluator, getRoleHierarchy, setApplicationContext, setExpressionParser, setPermissionEvaluator, setRoleHierarchy |
| 从类 java.lang.Object 继承的方法 |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| 从接口 org.springframework.security.access.expression.SecurityExpressionHandler 继承的方法 |
createEvaluationContext, getExpressionParser |
OAuth2MethodSecurityExpressionHandler
public OAuth2MethodSecurityExpressionHandler()
setThrowExceptionOnInvalidScope
public void setThrowExceptionOnInvalidScope(boolean throwException)
- Flag to determine the behaviour on access denied if the reason is . If set then we throw an
InvalidScopeException instead of returning true. This is unconventional for an access decision because it
vetos the other voters in the chain, but it enables us to pass a message to the caller with information about the
required scope.
- 参数:
throwException - the flag to set (default true)
createEvaluationContextInternal
public org.springframework.expression.spel.support.StandardEvaluationContext createEvaluationContextInternal(org.springframework.security.core.Authentication authentication,
org.aopalliance.intercept.MethodInvocation mi)
- 覆盖:
- 类
org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler 中的 createEvaluationContextInternal
Copyright © 2013. All rights reserved.