Class ServletSecurityAuthorizationManager
java.lang.Object
cn.herodotus.engine.oauth2.authorization.servlet.ServletSecurityAuthorizationManager
- All Implemented Interfaces:
org.springframework.security.authorization.AuthorizationManager<org.springframework.security.web.access.intercept.RequestAuthorizationContext>
public class ServletSecurityAuthorizationManager
extends Object
implements org.springframework.security.authorization.AuthorizationManager<org.springframework.security.web.access.intercept.RequestAuthorizationContext>
Description: Spring Security 6 授权管理器
Spring Security 6 授权管理
1. 由原来的 AccessDecisionManager 和 AccessDecisionVoter,变更为使用 AuthorizationManager
2. 原来的 SecurityMetadataSource 已经不再使用。其实想要自己扩展,基本逻辑还是一致。只不过给使用者更大的扩展度和灵活度。
3. 原来的 FilterSecurityInterceptor,已经不再使用。改为使用 AuthorizationFilter
- Author:
- : gengwei.zheng
- Date:
- : 2022/11/8 14:57
-
Constructor Summary
ConstructorsConstructorDescriptionServletSecurityAuthorizationManager(SecurityAttributeStorage securityAttributeStorage, ServletOAuth2ResourceMatcherConfigurer servletOAuth2ResourceMatcherConfigurer) -
Method Summary
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.springframework.security.authorization.AuthorizationManager
authorize, verify
-
Constructor Details
-
ServletSecurityAuthorizationManager
public ServletSecurityAuthorizationManager(SecurityAttributeStorage securityAttributeStorage, ServletOAuth2ResourceMatcherConfigurer servletOAuth2ResourceMatcherConfigurer)
-
-
Method Details
-
check
public org.springframework.security.authorization.AuthorizationDecision check(Supplier<org.springframework.security.core.Authentication> authentication, org.springframework.security.web.access.intercept.RequestAuthorizationContext object) - Specified by:
checkin interfaceorg.springframework.security.authorization.AuthorizationManager<org.springframework.security.web.access.intercept.RequestAuthorizationContext>
-