Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Retrieving Authorized Proxy Target Object #15747

Closed
Tracked by #14595
jzheaux opened this issue Sep 5, 2024 · 0 comments
Closed
Tracked by #14595

Support Retrieving Authorized Proxy Target Object #15747

jzheaux opened this issue Sep 5, 2024 · 0 comments
Assignees
@jzheaux
Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Milestone
6.4.x

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Sep 5, 2024
edited
Loading

Related to #15746

Given that authorized objects use setOpaque, there isn't a straightforward way to get the underlying object, in case that is needed.

A way to address this is to add a marker interface, say AuthorizationProxy, that has a JSON-ignored method to retrieve the underlying object, like so:

public interface AuthorizationProxy extends RawTargetAccess {
    Object toAuthorizedTarget();
}

Then other AOP components could retrieve the underlying object of anything that implements AuthorizationProxy.

Spring Data has done this in another way with its TargetAware interface, though if Security were to go this route, it would likely apply the @JsonIngore values through a mixin.
@jzheaux jzheaux added in: core An issue in spring-security-core type: enhancement A general enhancement labels Sep 5, 2024
@jzheaux jzheaux added this to the 6.4.x milestone Sep 5, 2024
@jzheaux jzheaux self-assigned this Sep 5, 2024
@jzheaux jzheaux closed this as completed in fce2eb1 Sep 9, 2024
jzheaux added a commit that referenced this issue Sep 10, 2024
@jzheaux
Use AuthorizationProxy Interface for Class Proxying
927de0d 
Issue gh-15747
@jzheaux jzheaux mentioned this issue Sep 13, 2024
Open
16 tasks
jzheaux added a commit to jzheaux/spring-security that referenced this issue Sep 16, 2024
@jzheaux
Test Meta-Annotation Class Type Support in Reactive
5f1028d 
Issue spring-projectsgh-15747
jzheaux added a commit that referenced this issue Sep 16, 2024
@jzheaux
Test Meta-Annotation Class Type Support in Reactive
2d4c498 
Issue gh-15747
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Projects
None yet
Milestone
6.4.x
Development

No branches or pull requests
1 participant
@jzheaux