SEC-18: Class to verify authorization before invoking method #279
Labels
in: core
An issue in spring-security-core
type: enhancement
A general enhancement
type: jira
An issue that was migrated from JIRA
Milestone
Ben Alex(Migrated from SEC-18) said:
http://forum.springframework.org/viewtopic.php?t=6085
Provide a simple MethodInvocationPrivilegeEvaluator class that has the ObjectDefinitionSource and AccessDecisionManager as collaborators. It would have a single method:
public boolean allowed(MethodInvocation, Authentication);
This allows testing of privileges before calling a method – particularly useful in the case of domain object instance security.
See also SEC-113 for a related helper class.
The text was updated successfully, but these errors were encountered: