Package org.springframework.security.web.access.intercept

Class DefaultFilterInvocationSecurityMetadataSource

java.lang.Object
org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
All Implemented Interfaces:
org.springframework.aop.framework.AopInfrastructureBean, org.springframework.security.access.SecurityMetadataSource, FilterInvocationSecurityMetadataSource
Direct Known Subclasses:
ExpressionBasedFilterInvocationSecurityMetadataSource
@Deprecated public class DefaultFilterInvocationSecurityMetadataSource extends Object implements FilterInvocationSecurityMetadataSource
Deprecated.
In modern Spring Security APIs, each API manages its own configuration context. As such there is no direct replacement for this interface. In the case of method security, please see SecurityAnnotationScanner and AuthorizationManager. In the case of channel security, please see HttpsRedirectFilter. In the case of web security, please see AuthorizationManager.
Default implementation of FilterInvocationDefinitionSource.

Stores an ordered map of RequestMatchers to ConfigAttribute collections and provides matching of FilterInvocations against the items stored in the map.

The order of the RequestMatchers in the map is very important. The first one which matches the request will be used. Later matchers in the map will not be invoked if a match has already been found. Accordingly, the most specific matchers should be registered first, with the most general matches registered last.

The most common method creating an instance is using the Spring Security namespace. For example, the pattern and access attributes of the <intercept-url> elements defined as children of the <http> element are combined to build the instance used by the FilterSecurityInterceptor.

  • Field Details

    • logger

      protected final org.apache.commons.logging.Log logger
      Deprecated.

  • Constructor Details

    • DefaultFilterInvocationSecurityMetadataSource

      public DefaultFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher,Collection<org.springframework.security.access.ConfigAttribute>> requestMap)
      Deprecated.
      Sets the internal request map from the supplied map. The key elements should be of type RequestMatcher, which. The path stored in the key will depend on the type of the supplied UrlMatcher.
      Parameters:
      requestMap - order-preserving map of request definitions to attribute lists

  • Method Details

    • getAllConfigAttributes

      public Collection<org.springframework.security.access.ConfigAttribute> getAllConfigAttributes()
      Deprecated.
      Specified by:
      getAllConfigAttributes in interface org.springframework.security.access.SecurityMetadataSource

    • getAttributes

      public Collection<org.springframework.security.access.ConfigAttribute> getAttributes(Object object)
      Deprecated.
      Specified by:
      getAttributes in interface org.springframework.security.access.SecurityMetadataSource

    • supports

      public boolean supports(Class<?> clazz)
      Deprecated.
      Specified by:
      supports in interface org.springframework.security.access.SecurityMetadataSource