Expected Behavior
The hasAuthority method of a provided custom AuthorizationManagerFactory should be called when using @PreAuthorize("hasAuthority('foobar')" on a method.
Current Behavior
the hasAnyAuthority method of AuthorizationManagerFactory is called by SecurityExpressionRoot f@PreAuthorize("hasAuthority('foobar')"
Context
I added a Custom AuthorizationManagerFactory as described here.
But instead of handling hasRole as in the example i tried to override hasAuthority. But my method wasn't called.
Using the debugger I found out that SecurityExpressionRoot is actually calling hasAnyAuthority on the AuthorizationManagerFactory.
Expected Behavior
The
hasAuthoritymethod of a provided custom AuthorizationManagerFactory should be called when using@PreAuthorize("hasAuthority('foobar')"on a method.Current Behavior
the
hasAnyAuthoritymethod of AuthorizationManagerFactory is called bySecurityExpressionRootf@PreAuthorize("hasAuthority('foobar')"Context
I added a Custom
AuthorizationManagerFactoryas described here.But instead of handling
hasRoleas in the example i tried to overridehasAuthority. But my method wasn't called.Using the debugger I found out that
SecurityExpressionRootis actually callinghasAnyAuthorityon theAuthorizationManagerFactory.