public abstract class AnnotationsAuthorizingMethodInterceptor extends AuthorizingMethodInterceptor
This allows multiple annotations on a method to be processed before the method executes, and if any of the AuthorizingAnnotationMethodInterceptors indicate that the method should not be executed, an AuthorizationException will be thrown, otherwise the method will be invoked as expected.
It is essentially a convenience mechanism to allow multiple annotations to be processed in a single method interceptor.
Modifier and Type | Field and Description |
---|---|
protected Collection<AuthorizingAnnotationMethodInterceptor> |
methodInterceptors
The method interceptors to execute for the annotated method.
|
Constructor and Description |
---|
AnnotationsAuthorizingMethodInterceptor()
Default no-argument constructor that defaults the
methodInterceptors attribute to contain two interceptors by default - the
RoleAnnotationMethodInterceptor and the
PermissionAnnotationMethodInterceptor to
support role and permission annotations. |
Modifier and Type | Method and Description |
---|---|
protected void |
assertAuthorized(MethodInvocation methodInvocation)
Iterates over the internal
methodInterceptors collection, and for each one,
ensures that if the interceptor
supports
the invocation, that the interceptor
asserts
that the invocation is authorized to proceed. |
Collection<AuthorizingAnnotationMethodInterceptor> |
getMethodInterceptors()
Returns the method interceptors to execute for the annotated method.
|
void |
setMethodInterceptors(Collection<AuthorizingAnnotationMethodInterceptor> methodInterceptors)
Sets the method interceptors to execute for the annotated method.
|
invoke
getSubject
protected Collection<AuthorizingAnnotationMethodInterceptor> methodInterceptors
public AnnotationsAuthorizingMethodInterceptor()
methodInterceptors
attribute to contain two interceptors by default - the
RoleAnnotationMethodInterceptor
and the
PermissionAnnotationMethodInterceptor
to
support role and permission annotations.public Collection<AuthorizingAnnotationMethodInterceptor> getMethodInterceptors()
setMethodInterceptors(java.util.Collection)
method, the default collection
contains a
RoleAnnotationMethodInterceptor
and a
PermissionAnnotationMethodInterceptor
to
support role and permission annotations automatically.public void setMethodInterceptors(Collection<AuthorizingAnnotationMethodInterceptor> methodInterceptors)
methodInterceptors
- the method interceptors to execute for the annotated method.getMethodInterceptors()
protected void assertAuthorized(MethodInvocation methodInvocation) throws AuthorizationException
methodInterceptors
collection, and for each one,
ensures that if the interceptor
supports
the invocation, that the interceptor
asserts
that the invocation is authorized to proceed.assertAuthorized
in class AuthorizingMethodInterceptor
methodInvocation
- the MethodInvocation
to invoke.AuthorizationException
- if the methodInvocation
should not be allowed to continue/execute.Copyright © 2004–2019 The Apache Software Foundation. All rights reserved.