New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
#10590
Labels
in: web
An issue in web modules (web, webmvc)
status: backported
An issue that has been backported to maintenance branches
type: enhancement
A general enhancement
Milestone
Comments
marcusdacoregio
added
in: web
An issue in web modules (web, webmvc)
type: enhancement
A general enhancement
labels
Dec 6, 2021
marcusdacoregio
added a commit
to marcusdacoregio/spring-security
that referenced
this issue
Dec 10, 2021
marcusdacoregio
added a commit
that referenced
this issue
Dec 13, 2021
Fixed via #10575 |
marcusdacoregio
added a commit
that referenced
this issue
Dec 13, 2021
marcusdacoregio
added a commit
that referenced
this issue
Jan 5, 2022
marcusdacoregio
added a commit
that referenced
this issue
Jan 5, 2022
This was referenced Jan 6, 2022
marcusdacoregio
added
the
status: backported
An issue that has been backported to maintenance branches
label
Jan 6, 2022
marcusdacoregio
added a commit
that referenced
this issue
Jan 6, 2022
marcusdacoregio
added a commit
that referenced
this issue
Jan 6, 2022
marcusdacoregio
added a commit
that referenced
this issue
Jan 6, 2022
marcusdacoregio
added a commit
that referenced
this issue
Jan 6, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
in: web
An issue in web modules (web, webmvc)
status: backported
An issue that has been backported to maintenance branches
type: enhancement
A general enhancement
In 5.5 the new
AuthorizationManager
API was introduced. One place that this API is being used is in theSecurityFilterChain
, in combination with theAuthorizationFilter
, replacing theFilterSecurityInterceptor
.The current default implementation of
WebInvocationPrivilegeEvaluator
,DefaultWebInvocationPrivilegeEvaluator
, only supports theAbstractSecurityInterceptor
.We should provide an implementation of the
WebInvocationPrivilegeEvaluator
which delegates the check to anAuthorizationManager
instance.Related:
WebInvocationPrivilegeEvaluator
Bean should support multipleSecurityFilterChain
s #10554The text was updated successfully, but these errors were encountered: