Spring Security
  1. Spring Security
  2. SEC-1570

GrantedAuthoritiesContainerImpl should take a Collection of GrantedAuthorities.

    Details

    • Type: Refactoring Refactoring
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Won't Fix
    • Affects Version/s: 3.0.3
    • Fix Version/s: 3.1.0.M2
    • Component/s: Core
    • Labels:
      None

      Description

      the signature today is public void setGrantedAuthorities(List<GrantedAuthority> newAuthorities)
      IMHO public void setGrantedAuthorities(Collection<GrantedAuthority> newAuthorities)
      would be better.

      If having to choose a specific type it would probably be a Set as the authorities should be a distinct set of grants.

        Activity

        Hide
        Luke Taylor added a comment - - edited

        GrantedAuthoritiesContainerImpl is an artifact of the pre-authentication code and is deprecated in 3.1 M1, so I don't really see any need for this going forward.

        Show
        Luke Taylor added a comment - - edited GrantedAuthoritiesContainerImpl is an artifact of the pre-authentication code and is deprecated in 3.1 M1, so I don't really see any need for this going forward.
        Hide
        David J. M. Karlsen added a comment -

        I see - I'm in a preauth setting and only need spring sec for authorizations (method level) based on my apps authz. knowledge of the preauthenticated user.
        Any info on how I do this in 3.1?

        Show
        David J. M. Karlsen added a comment - I see - I'm in a preauth setting and only need spring sec for authorizations (method level) based on my apps authz. knowledge of the preauthenticated user. Any info on how I do this in 3.1?
        Hide
        David J. M. Karlsen added a comment -

        Aha! Found the solution to my problem.
        Basically I'll follow this: http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#d0e1922 (and i couldn't do that in a Filter - as the resolution is done early in my servlet request processing - after any Filters have been applied).

        So is it right to understand that the artifacts described in http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#preauth will disappear but this hasn't reached the reference guide yet?

        Show
        David J. M. Karlsen added a comment - Aha! Found the solution to my problem. Basically I'll follow this: http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#d0e1922 (and i couldn't do that in a Filter - as the resolution is done early in my servlet request processing - after any Filters have been applied). So is it right to understand that the artifacts described in http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html#preauth will disappear but this hasn't reached the reference guide yet?
        Hide
        Luke Taylor added a comment -

        Good point. The section on AbstractPreAuthenticatedAuthenticationDetailsSource needs to be rewritten, since this has been deleted. The basic approach should still be the same, it's just that the class structure has been pruned a bit.

        Show
        Luke Taylor added a comment - Good point. The section on AbstractPreAuthenticatedAuthenticationDetailsSource needs to be rewritten, since this has been deleted. The basic approach should still be the same, it's just that the class structure has been pruned a bit.
        Hide
        Luke Taylor added a comment -

        I updated the docs retrospectively as part of the work for SEC-1538.

        Show
        Luke Taylor added a comment - I updated the docs retrospectively as part of the work for SEC-1538 .

          People

          • Assignee:
            Luke Taylor
            Reporter:
            David J. M. Karlsen
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: