spring security WebInvocationPrivilegeEvaluator 源码

  • 2022-08-13
  • 浏览 (496)

spring security WebInvocationPrivilegeEvaluator 代码

文件路径:/web/src/main/java/org/springframework/security/web/access/WebInvocationPrivilegeEvaluator.java

/*
 * Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.security.web.access;

import org.springframework.security.core.Authentication;

/**
 * Allows users to determine whether they have privileges for a given web URI.
 *
 * @author Luke Taylor
 * @since 3.0
 */
public interface WebInvocationPrivilegeEvaluator {

	/**
	 * Determines whether the user represented by the supplied <tt>Authentication</tt>
	 * object is allowed to invoke the supplied URI.
	 * @param uri the URI excluding the context path (a default context path setting will
	 * be used)
	 */
	boolean isAllowed(String uri, Authentication authentication);

	/**
	 * Determines whether the user represented by the supplied <tt>Authentication</tt>
	 * object is allowed to invoke the supplied URI, with the given .
	 * <p>
	 * Note the default implementation of <tt>FilterInvocationSecurityMetadataSource</tt>
	 * disregards the <code>contextPath</code> when evaluating which secure object
	 * metadata applies to a given request URI, so generally the <code>contextPath</code>
	 * is unimportant unless you are using a custom
	 * <code>FilterInvocationSecurityMetadataSource</code>.
	 * @param uri the URI excluding the context path
	 * @param contextPath the context path (may be null).
	 * @param method the HTTP method (or null, for any method)
	 * @param authentication the <tt>Authentication</tt> instance whose authorities should
	 * be used in evaluation whether access should be granted.
	 * @return true if access is allowed, false if denied
	 */
	boolean isAllowed(String contextPath, String uri, String method, Authentication authentication);

}

相关信息

spring security 源码目录

相关文章

spring security AccessDeniedHandler 源码

spring security AccessDeniedHandlerImpl 源码

spring security AuthorizationManagerWebInvocationPrivilegeEvaluator 源码

spring security DefaultWebInvocationPrivilegeEvaluator 源码

spring security DelegatingAccessDeniedHandler 源码

spring security ExceptionTranslationFilter 源码

spring security RequestMatcherDelegatingAccessDeniedHandler 源码

spring security RequestMatcherDelegatingWebInvocationPrivilegeEvaluator 源码

spring security package-info 源码

0  赞
  • 所属分类: 后端技术
  • 本文标签: Java Spring
  • 版权声明: 原创文章如转载,请注明本文链接: https://m.seaxiang.com/blog/8c70849e26e247839e7967399a060852
热门推荐
标签云
Linux Java Spring Spring Boot docker 大数据 前端 生活 maven golang 软件 spring cloud fintech mac vscode 其他 区块链 以太坊 V神 开发者 技术 股票 git greenplum 分布式事务 chrome mysql flink kafka 设计模式 原理 鸿蒙 seo
最新文章
本文目录