Skip to content

Commit ac63cf4

Browse files
jzheauxjzheaux
committed
Polish CustomAuthorizationManager Docs
Issue gh-13967 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 parent f6bb55e commit ac63cf4

1 file changed

Lines changed: 15 additions & 17 deletions

File tree

docs/modules/ROOT/pages/servlet/authorization/method-security.adoc

Lines changed: 15 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1428,15 +1428,13 @@ Java::
14281428
class MethodSecurityConfig {
14291429
@Bean
14301430
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1431-
Advisor preAuthorize() {
1432-
MyPreAuthorizeAuthorizationManager manager = new MyPreAuthorizeAuthorizationManager();
1431+
Advisor preAuthorize(MyPreAuthorizeAuthorizationManager manager) {
14331432
return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager);
14341433
}
14351434
14361435
@Bean
14371436
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1438-
Advisor postAuthorize() {
1439-
MyPostAuthorizeAuthorizationManager manager = new MyPostAuthorizeAuthorizationManager();
1437+
Advisor postAuthorize(MyPostAuthorizeAuthorizationManager manager) {
14401438
return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager);
14411439
}
14421440
}
@@ -1449,19 +1447,17 @@ Kotlin::
14491447
@Configuration
14501448
@EnableMethodSecurity(prePostEnabled = false)
14511449
class MethodSecurityConfig {
1452-
@Bean
1453-
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1454-
fun preAuthorize(): Advisor {
1455-
val manager = MyPreAuthorizeAuthorizationManager()
1456-
return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager)
1457-
}
1450+
@Bean
1451+
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1452+
fun preAuthorize(manager: MyPreAuthorizeAuthorizationManager): Advisor {
1453+
return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager)
1454+
}
14581455
1459-
@Bean
1460-
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1461-
fun postAuthorize(): Advisor {
1462-
val manager = MyPostAuthorizeAuthorizationManager()
1463-
return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager)
1464-
}
1456+
@Bean
1457+
@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1458+
fun postAuthorize(manager: MyPostAuthorizeAuthorizationManager): Advisor {
1459+
return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager)
1460+
}
14651461
}
14661462
----
14671463
@@ -1476,11 +1472,13 @@ Xml::
14761472
<bean id="preAuthorize"
14771473
class="org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor"
14781474
factory-method="preAuthorize">
1475+
<constructor-arg ref="myPreAuthorizeAuthorizationManager"/>
14791476
</bean>
14801477
14811478
<bean id="postAuthorize"
14821479
class="org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor"
14831480
factory-method="postAuthorize">
1481+
<constructor-arg ref="myPostAuthorizeAuthorizationManager"/>
14841482
</bean>
14851483
----
14861484
======
@@ -1490,7 +1488,7 @@ Xml::
14901488
You can place your interceptor in between Spring Security method interceptors using the order constants specified in `AuthorizationInterceptorsOrder`.
14911489
====
14921490

1493-
Additionally, you can also implement `MethodAuthorizationDeniedHandler` by the same manager, to override default exception handling behavior.
1491+
You can also implement `MethodAuthorizationDeniedHandler` in the same manager class to override the default exception-handling behavior.
14941492

14951493
[[customizing-expression-handling]]
14961494
=== Customizing Expression Handling

0 commit comments

Comments
 (0)