Skip to content

SecurityExpressionHandler#createEvaluationContext should defer lookup of Authentication #9667

New issue
New issue
Closed
#11187
Closed
SecurityExpressionHandler#createEvaluationContext should defer lookup of Authentication#9667
#11187
Assignees
evgeniycheban
Labels
in: coreAn issue in spring-security-coretype: breaks-passivityA change that breaks passivity with the previous releasetype: enhancementA general enhancement
Milestone
 
5.8.0-M1
@jzheaux

Description

@jzheaux
jzheaux
opened on Apr 21, 2021

Like AuthorizationManager, it would be nice to be able to defer the looking up Authentication in SecurityExpressionHandler.

A default createEvaluationContext method could be added:

default EvaluationContext createEvaluationContext(Supplier<Authentication> authentication, T invocation) {
    return createEvaluationContext(authentication.get(), invocation);
}

And then DefaultXXXSecurityExpressionHandlers would be updated to defer evaluation until the authentication was inspected.

Metadata

Metadata

Assignees

Labels

in: coreAn issue in spring-security-coretype: breaks-passivityA change that breaks passivity with the previous releasetype: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions