Support Expressions in Method Authorization Denied Handlers #14857

marcusdacoregio · 2024-04-05T17:55:02Z

We should consider supporting expressions in method authorization handlers for simple setups. Currently, if you want to handle authorization denied and map the return value to null, you must create a MethodAuthorizationDeniedHandler/PostProcessor class and expose it as a bean:

@HandleAuthorizationDenied(handlerClass = Null.class)
public String getUserEmail() {
    // ...
}

@Component
public class Null implements MethodAuthorizationDeniedHandler {
    @Override
    public Object handle(MethodInvocation methodInvocation, AuthorizationResult result) {
        return null;
    }
}

That is a little bit too complicated to just return null. A simpler setup could be:

@HandleAuthorizationDenied(handlerExpression = "null")
public String getUserEmail() {
    // ...
}

@HandleAuthorizationDenied(handlerExpression = "***")
public String getUserEmail() {
    // ...
}

Closes spring-projectsgh-14857

marcusdacoregio added in: core An issue in spring-security-core type: enhancement A general enhancement labels Apr 5, 2024

marcusdacoregio self-assigned this Apr 5, 2024

marcusdacoregio mentioned this issue Apr 5, 2024

Method Security Enhancements #14595

Open

13 tasks

marcusdacoregio changed the title ~~Support Expressions in Method Authorization Handlers~~ Support Expressions in Method Authorization Denied Handlers Apr 9, 2024

CrazyParanoid pushed a commit to CrazyParanoid/spring-security that referenced this issue Apr 15, 2024

Add support expressions in MethodAuthorizationDeniedHandler

c42d175

Closes spring-projectsgh-14857

CrazyParanoid linked a pull request Apr 15, 2024 that will close this issue

Support expressions in MethodAuthorizationDeniedHandler #14912

Open

CrazyParanoid pushed a commit to CrazyParanoid/spring-security that referenced this issue Apr 15, 2024

Add support expressions in MethodAuthorizationDeniedHandler

905324f

Closes spring-projectsgh-14857

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support Expressions in Method Authorization Denied Handlers #14857

Support Expressions in Method Authorization Denied Handlers #14857

marcusdacoregio commented Apr 5, 2024 •

edited by jzheaux

Support Expressions in Method Authorization Denied Handlers #14857

Support Expressions in Method Authorization Denied Handlers #14857

Comments

marcusdacoregio commented Apr 5, 2024 • edited by jzheaux

marcusdacoregio commented Apr 5, 2024 •

edited by jzheaux