Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Add Principal -> Granted Authority Collection Abstraction #17962

Open
Assignees
Labels
for: team-attentionThis ticket should be discussed as a team before proceeding in: coreAn issue in spring-security-core type: enhancementA general enhancement
@jzheaux

Description

There are a number of places in Spring Security that issue granted authorities based on the principal, or loosely based on the principal. Here are a few:

  • AuthoritiesPopulator
  • GrantedAuthoritiesMapper
  • AuthorityGranter
  • JwtGrantedAuthoritiesConverter
  • OpaqueTokenAuthenticationProvider

It would be nice to create a common abstraction that each of these could adapt to and that each authentication provider can be easily configured with:

interface GrantedAuthoritiesProvider<P> extends Converter<P, Collection<GrantedAuthority>>

This will allow for configuring each authentication provider to issue authorities dynamically and independently from the user itself, since not all authorities are direct properties of the user.

Metadata

Metadata

Assignees

Labels

for: team-attentionThis ticket should be discussed as a team before proceeding in: coreAn issue in spring-security-core type: enhancementA general enhancement

Type

No type

Projects

No projects

Milestone

No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      AltStyle によって変換されたページ (->オリジナル) /