Class CurrentSecurityContextArgumentResolver

java.lang.Object
org.springframework.security.web.method.annotation.CurrentSecurityContextArgumentResolver
All Implemented Interfaces:
org.springframework.web.method.support.HandlerMethodArgumentResolver

public final class CurrentSecurityContextArgumentResolver extends Object implements org.springframework.web.method.support.HandlerMethodArgumentResolver
Allows resolving the SecurityContext using the CurrentSecurityContext annotation. For example, the following Controller:
 @Controller
 public class MyController {
     @RequestMapping("/im")
     public void security(@CurrentSecurityContext SecurityContext context) {
         // do something with context
     }
 }
 
it can also support the spring SPEL expression to get the value from SecurityContext
 @Controller
 public class MyController {
     @RequestMapping("/im")
     public void security(@CurrentSecurityContext(expression="authentication") Authentication authentication) {
         // do something with context
     }
 }
 

Will resolve the SecurityContext argument using SecurityContextHolder.getContext() from the SecurityContextHolder. If the SecurityContext is null, it will return null. If the types do not match, null will be returned unless CurrentSecurityContext.errorOnInvalidType() is true in which case a ClassCastException will be thrown.

Since:
5.2
  • Constructor Details

    • CurrentSecurityContextArgumentResolver

      public CurrentSecurityContextArgumentResolver()
  • Method Details

    • supportsParameter

      public boolean supportsParameter(org.springframework.core.MethodParameter parameter)
      Specified by:
      supportsParameter in interface org.springframework.web.method.support.HandlerMethodArgumentResolver
    • resolveArgument

      public Object resolveArgument(org.springframework.core.MethodParameter parameter, org.springframework.web.method.support.ModelAndViewContainer mavContainer, org.springframework.web.context.request.NativeWebRequest webRequest, org.springframework.web.bind.support.WebDataBinderFactory binderFactory)
      Specified by:
      resolveArgument in interface org.springframework.web.method.support.HandlerMethodArgumentResolver
    • setSecurityContextHolderStrategy

      public void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy)
      Sets the SecurityContextHolderStrategy to use. The default action is to use the SecurityContextHolderStrategy stored in SecurityContextHolder.
      Since:
      5.8
    • setBeanResolver

      public void setBeanResolver(org.springframework.expression.BeanResolver beanResolver)
      Set the BeanResolver to be used on the expressions
      Parameters:
      beanResolver - the BeanResolver to use
    • setTemplateDefaults

      public void setTemplateDefaults(AnnotationTemplateExpressionDefaults templateDefaults)
      Configure CurrentSecurityContext template resolution

      By default, this value is null, which indicates that templates should not be resolved.

      Parameters:
      templateDefaults - - whether to resolve CurrentSecurityContext templates parameters
      Since:
      6.4