@@ -1433,15 +1433,13 @@ Java::
14331433class MethodSecurityConfig {
14341434 @Bean
14351435 @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1436- Advisor preAuthorize() {
1437- MyPreAuthorizeAuthorizationManager manager = new MyPreAuthorizeAuthorizationManager();
1436+ Advisor preAuthorize(MyPreAuthorizeAuthorizationManager manager) {
14381437 return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager);
14391438 }
14401439
14411440 @Bean
14421441 @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1443- Advisor postAuthorize() {
1444- MyPostAuthorizeAuthorizationManager manager = new MyPostAuthorizeAuthorizationManager();
1442+ Advisor postAuthorize(MyPostAuthorizeAuthorizationManager manager) {
14451443 return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager);
14461444 }
14471445}
@@ -1454,19 +1452,17 @@ Kotlin::
14541452@Configuration
14551453@EnableMethodSecurity(prePostEnabled = false)
14561454class MethodSecurityConfig {
1457- @Bean
1458- @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1459- fun preAuthorize(): Advisor {
1460- val manager = MyPreAuthorizeAuthorizationManager()
1461- return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager)
1462- }
1455+ @Bean
1456+ @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1457+ fun preAuthorize(manager: MyPreAuthorizeAuthorizationManager): Advisor {
1458+ return AuthorizationManagerBeforeMethodInterceptor.preAuthorize(manager)
1459+ }
14631460
1464- @Bean
1465- @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1466- fun postAuthorize(): Advisor {
1467- val manager = MyPostAuthorizeAuthorizationManager()
1468- return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager)
1469- }
1461+ @Bean
1462+ @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
1463+ fun postAuthorize(manager: MyPostAuthorizeAuthorizationManager): Advisor {
1464+ return AuthorizationManagerAfterMethodInterceptor.postAuthorize(manager)
1465+ }
14701466}
14711467----
14721468
@@ -1481,11 +1477,13 @@ Xml::
14811477<bean id="preAuthorize"
14821478 class="org.springframework.security.authorization.method.AuthorizationManagerBeforeMethodInterceptor"
14831479 factory-method="preAuthorize">
1480+ <constructor-arg ref="myPreAuthorizeAuthorizationManager"/>
14841481</bean>
14851482
14861483<bean id="postAuthorize"
14871484 class="org.springframework.security.authorization.method.AuthorizationManagerAfterMethodInterceptor"
14881485 factory-method="postAuthorize">
1486+ <constructor-arg ref="myPostAuthorizeAuthorizationManager"/>
14891487</bean>
14901488----
14911489======
@@ -1495,7 +1493,7 @@ Xml::
14951493You can place your interceptor in between Spring Security method interceptors using the order constants specified in `AuthorizationInterceptorsOrder`.
14961494====
14971495
1498- Additionally, you can also implement `MethodAuthorizationDeniedHandler` by the same manager, to override default exception handling behavior.
1496+ You can also implement `MethodAuthorizationDeniedHandler` in the same manager class to override the default exception- handling behavior.
14991497
15001498[[customizing-expression-handling]]
15011499=== Customizing Expression Handling
0 commit comments