org.springframework.security.acl.basic
Interface EffectiveAclsResolver

All Known Implementing Classes:

GrantedAuthorityEffectiveAclsResolver

Deprecated. Use new spring-security-acl module instead

public interface EffectiveAclsResolver

Determines the ACLs that are effective for a given Authentication object.

Implementations will vary depending on their ability to interpret the "recipient" object types contained in BasicAclEntry instances, and how those recipient object types correspond to Authentication-presented principals and granted authorities.

Implementations should not filter the resulting ACL list from lower-order permissions. So if a resulting ACL list grants a "read" permission, an "unlimited" permission and a "zero" permission (due to the effective ACLs for different granted authorities held by the Authentication object), all three permissions would be returned as distinct BasicAclEntry instances. It is the responsibility of the relying classes (voters and business methods) to ignore or handle lower-order permissions in a business logic dependent manner.

Version:

$Id$

Author:

Ben Alex

Method Summary

AclEntry[]

resolveEffectiveAcls(AclEntry[] allAcls, Authentication filteredBy) Deprecated. Determines the ACLs that apply to the presented Authentication object.

Method Detail

resolveEffectiveAcls

AclEntry[] resolveEffectiveAcls(AclEntry[] allAcls,
                                Authentication filteredBy)

Deprecated.

Determines the ACLs that apply to the presented Authentication object.

Parameters:

allAcls - every ACL assigned to a domain object instance

filteredBy - the principal (populated with GrantedAuthoritys along with any other members that relate to role or group membership) that effective ACLs should be returned for

Returns:

the ACLs that apply to the presented principal, or null if there are none after filtering