Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager#isAuthorized #11188
Description
Currently AuthorityAuthorizationManager#isAuthorized uses an inner loop to determine if user has required authority:
private boolean isAuthorized(Authentication authentication) {
for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
for (GrantedAuthority authority : this.authorities) {
if (authority.getAuthority().equals(grantedAuthority.getAuthority())) {
return true;
}
}
}
return false;
}
It can be replaced with a Set of authority strings which will be more efficient because HashSet has constant lookup time O(1).