Spring Security
  1. Spring Security
  2. SEC-1245

Add role hierarchy support to expression handlers

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.0.0 RC1
    • Component/s: Core, Web
    • Labels:
      None

      Description

      role-based expressions should be able to automatically be able to make use of a role hierarchy. Allowing one to be injected into DefaultWebSecurityExpressionHandler et al and making use of it (if present) in the SecurityExpressionRoot hasRole() methods will make this possible.

        Activity

        Hide
        Luke Taylor added a comment -

        Both DefaultMethodSecurityExpressionHandler and DefaultWebSecurityExpressionHandler now support the injection of a RoleHierarchy implementation. This will be set on the SecurityExpressionRoot class and used during evaluation of the hasRole() and hasAnyRole() methods.

        Show
        Luke Taylor added a comment - Both DefaultMethodSecurityExpressionHandler and DefaultWebSecurityExpressionHandler now support the injection of a RoleHierarchy implementation. This will be set on the SecurityExpressionRoot class and used during evaluation of the hasRole() and hasAnyRole() methods.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Luke Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: