Reputation: 7367
What does secured object mean?
I need to implement my custom SecurityMetadataSource (docs).
So, I'm reading Spring Security and have some misunderstanding about secured object meaning using there. the documentation provides the following:
Collection<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException
Accesses the ConfigAttributes that apply to a given secure object.
and doesn't say anything about what the secure object mean. Couldn't you point me out to the definition of this term, if any in the documentation? To me, it sounds too broad and not clear what particular object could be a secure object. For instance, if we created an object like Object o = new Object() could it be the secure object?
Upvotes: 1
Views: 1255
Answers (1)
Reputation: 188
The Spring Security documentation has a section on this topic:
So what is a "secure object" anyway? Spring Security uses the term to refer to any object that can have security (such as an authorization decision) applied to it. The most common examples are method invocations and web requests.
I've found that this reference explains the concepts and ideas in Spring Security quite well, so take a look.
Upvotes: 2
Related Questions
- What's the "principal" in Spring Security?
- Spring Security and() method
- What does @Secured({ "ROLE_USER", "ROLE_ADMIN" }) exactly means
- Understanding Spring's Authentication-object and the context of its creation
- Spring Security, secured and none secured access
- Insecure Object Reference in java web application
- How exactly works this Spring Security example?
- Simple Spring Security requirement
- Securing Methods with Spring Security
- Spring Security basics