SEC-1149: Refactor WebInvocationPrivilegeEvaluator API and remove FilterInvocationUtils #1397

spring-issuemaster opened this Issue Apr 30, 2009 · 1 comment


None yet

1 participant


Luke Taylor (Migrated from SEC-1149) said:

The API for WebInvocationPrivilegeEvaluator requires a FilterInvocation, which in turn requires use of the FilterInvocationUtils class. It would be better if FilterInvocation regarded as an internal concept and the API took the requestURI and HTTP method directly. FilterInvocationUtils could then be dropped as unnecessary.


Luke Taylor said:

WebInvocationPrivilegeEvaluator now contains isAllowed() methods which take the uri (and optionally context path and http method directly). FilterInvocationUtils has been deleted.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment