Spring Security
  1. Spring Security
  2. SEC-1149

Refactor WebInvocationPrivilegeEvaluator API and remove FilterInvocationUtils

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: Core
    • Labels:
      None

      Description

      The API for WebInvocationPrivilegeEvaluator requires a FilterInvocation, which in turn requires use of the FilterInvocationUtils class. It would be better if FilterInvocation regarded as an internal concept and the API took the requestURI and HTTP method directly. FilterInvocationUtils could then be dropped as unnecessary.

        Activity

        Hide
        Luke Taylor added a comment -

        WebInvocationPrivilegeEvaluator now contains isAllowed() methods which take the uri (and optionally context path and http method directly). FilterInvocationUtils has been deleted.

        Show
        Luke Taylor added a comment - WebInvocationPrivilegeEvaluator now contains isAllowed() methods which take the uri (and optionally context path and http method directly). FilterInvocationUtils has been deleted.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Luke Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: