Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix documentation for Custom Authorization Manager

Browse Source 
Closes gh-13967

Signed-off-by: as1605 <1605.aditya.singh@gmail.com>
This commit is contained in:
as1605
2025-12-26 09:32:45 +05:30
committed by Josh Cummings
parent 85b756cb74
commit f6bb55effb
1 changed files with 30 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/modules/ROOT/pages/servlet/authorization/method-security.adoc
+30 -20
View File
@@ -1377,14 +1377,17 @@ Java::
[source,java,role="primary"] [source,java,role="primary"]
---- ----
@Component @Component
public class MyAuthorizationManager implements AuthorizationManager<MethodInvocation>, AuthorizationManager<MethodInvocationResult> { public class MyPreAuthorizeAuthorizationManager implements AuthorizationManager<MethodInvocation> {
@Override @Override
public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocation invocation) { public AuthorizationResult authorize(Supplier<Authentication> authentication, MethodInvocation invocation) {
// ... authorization logic // ... authorization logic
} }
}
@Component
public class MyPostAuthorizeAuthorizationManager implements AuthorizationManager<MethodInvocationResult> {
@Override @Override
public AuthorizationDecision check(Supplier<Authentication> authentication, MethodInvocationResult invocation) { public AuthorizationResult authorize(Supplier<Authentication> authentication, MethodInvocationResult invocation) {
// ... authorization logic // ... authorization logic
} }
} }
@@ -1395,12 +1398,15 @@ Kotlin::
[source,kotlin,role="secondary"] [source,kotlin,role="secondary"]
---- ----
@Component @Component
class MyAuthorizationManager : AuthorizationManager<MethodInvocation>, AuthorizationManager<MethodInvocationResult> { class MyPreAuthorizeAuthorizationManager : AuthorizationManager<MethodInvocation> {
override fun check(authentication: Supplier<Authentication>, invocation: MethodInvocation): AuthorizationDecision { override fun authorize(authentication: Supplier<Authentication>, invocation: MethodInvocation): AuthorizationResult {
// ... authorization logic // ... authorization logic
} }
}
override fun check(authentication: Supplier<Authentication>, invocation: MethodInvocationResult): AuthorizationDecision { @Component
class MyPostAuthorizeAuthorizationManager : AuthorizationManager<MethodInvocationResult> {
override fun authorize(authentication: Supplier<Authentication>, invocation: MethodInvocationResult): AuthorizationResult {
// ... authorization logic // ... authorization logic
} }
} }
@@ -1422,13 +1428,15 @@ Java::
class MethodSecurityConfig { class MethodSecurityConfig {
@Bean @Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE) @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
Advisor preAuthorize(MyAuthorizationManager manager) { Advisor preAuthorize() {
MyPreAuthorizeAuthorizationManager manager = new MyPreAuthorizeAuthorizationManager();
return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager); return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager);
} }
@Bean @Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE) @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
Advisor postAuthorize(MyAuthorizationManager manager) { Advisor postAuthorize() {
MyPostAuthorizeAuthorizationManager manager = new MyPostAuthorizeAuthorizationManager();
return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager); return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager);
} }
} }
@@ -1441,17 +1449,19 @@ Kotlin::
@Configuration @Configuration
@EnableMethodSecurity(prePostEnabled = false) @EnableMethodSecurity(prePostEnabled = false)
class MethodSecurityConfig { class MethodSecurityConfig {
@Bean @Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE) @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
fun preAuthorize(manager: MyAuthorizationManager) : Advisor { fun preAuthorize(): Advisor {
return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager) val manager = MyPreAuthorizeAuthorizationManager()
} return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager)
}
@Bean @Bean
@Role(BeanDefinition.ROLE_INFRASTRUCTURE) @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
fun postAuthorize(manager: MyAuthorizationManager) : Advisor { fun postAuthorize(): Advisor {
return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager) val manager = MyPostAuthorizeAuthorizationManager()
} return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager)
}
} }
---- ----
@@ -1466,13 +1476,11 @@ Xml::
<bean id="preAuthorize" <bean id="preAuthorize"
class="org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor" class="org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor"
factory-method="preAuthorize"> factory-method="preAuthorize">
<constructor-arg ref="myAuthorizationManager"/>
</bean> </bean>
<bean id="postAuthorize" <bean id="postAuthorize"
class="org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor" class="org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor"
factory-method="postAuthorize"> factory-method="postAuthorize">
<constructor-arg ref="myAuthorizationManager"/>
</bean> </bean>
---- ----
====== ======
@@ -1482,6 +1490,8 @@ Xml::
You can place your interceptor in between Spring Security method interceptors using the order constants specified in `AuthorizationInterceptorsOrder`. You can place your interceptor in between Spring Security method interceptors using the order constants specified in `AuthorizationInterceptorsOrder`.
==== ====
Additionally, you can also implement `MethodAuthorizationDeniedHandler` by the same manager, to override default exception handling behavior.
[[customizing-expression-handling]] [[customizing-expression-handling]]
=== Customizing Expression Handling === Customizing Expression Handling