Spring preAuthorize log result of the SpEL query?

Question

I have a method that can be executed when either of the authentication methods return true.

@PreAuthorize("canExec('ROLE_A') || canExec('ROLE_B')")
public String getSomething() {
    return "Something";
}

How can I log whether the authentication failed or succeeded, meaning the result of the whole SpEL query is true or false?

The following is not a possible solution, since it can be called multiple times in the same SpEL, and the multiple logged results would not reflect the actual result of the authorization.

public boolean canExec(String role) {
    boolean result = ...acutal evaluation...;
    log.info("auth result for role {}: {}", role, result);
    return result;
}

score 0 · Answer 1 · answered Jun 17 '19 at 18:35

0

public boolean canExecOr(String roleA, String RoleB) {
    boolean canA = canExec(roleA);
    boolean canB = canExec(roleB);
    // log...
   return canA || canB;
}

@PreAuthorize("canExecComposite('ROLE_A','ROLE_B')")

??

answered Jun 17 '19 at 18:35

Gary Russell

166,535
14
146
179

Updated so the roles can be logged. – Gary Russell Jun 17 '19 at 18:38

Spring preAuthorize log result of the SpEL query?

1 Answers1