Jsr250AuthorizationManager (spring-security-core 5.7.1 API)

java.lang.Object
- org.springframework.security.authorization.method.Jsr250AuthorizationManager

All Implemented Interfaces:

AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
```
public final class Jsr250AuthorizationManager
extends java.lang.Object
implements AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
```
An AuthorizationManager which can determine if an Authentication may invoke the MethodInvocation by evaluating if the Authentication contains a specified authority from the JSR-250 security annotations.

Since:

5.6

Constructor Summary

Constructors
Constructor Description

Jsr250AuthorizationManager()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`AuthorizationDecision`	`check(java.util.function.Supplier<Authentication> authentication, org.aopalliance.intercept.MethodInvocation methodInvocation)`	Determine if an `Authentication` has access to a method by evaluating the `DenyAll`, `PermitAll`, and `RolesAllowed` annotations that `MethodInvocation` specifies.
`void`	`setRolePrefix(java.lang.String rolePrefix)`	Sets the role prefix.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify

- Constructor Detail
  - Jsr250AuthorizationManager
```
public Jsr250AuthorizationManager()
```
- Method Detail
  - setRolePrefix
```
public void setRolePrefix(java.lang.String rolePrefix)
```
    Sets the role prefix. Defaults to "ROLE_".
    
    Parameters:
    
    rolePrefix - the role prefix to use
  - check
```
public AuthorizationDecision check(java.util.function.Supplier<Authentication> authentication,
                                   org.aopalliance.intercept.MethodInvocation methodInvocation)
```
    Determine if an Authentication has access to a method by evaluating the DenyAll, PermitAll, and RolesAllowed annotations that MethodInvocation specifies.
    
    Specified by:
    
    check in interface AuthorizationManager<org.aopalliance.intercept.MethodInvocation>
    
    Parameters:
    
    authentication - the Supplier of the Authentication to check
    
    methodInvocation - the MethodInvocation to check
    
    Returns:
    
    an AuthorizationDecision or null if the JSR-250 security annotations is not present