org.springframework.security.access.vote.AffirmativeBased Java Examples

The following examples show how to use org.springframework.security.access.vote.AffirmativeBased. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthenticationHandler.java    From blackduck-alert with Apache License 2.0 6 votes vote down vote up
private ObjectPostProcessor<AffirmativeBased> createRoleProcessor() {
    return new ObjectPostProcessor<>() {
        @Override
        public AffirmativeBased postProcess(AffirmativeBased affirmativeBased) {
            WebExpressionVoter webExpressionVoter = new WebExpressionVoter();
            DefaultWebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler();
            expressionHandler.setRoleHierarchy(authorities -> {
                String[] allAlertRoles = retrieveAllowedRoles();
                return AuthorityUtils.createAuthorityList(allAlertRoles);
            });
            webExpressionVoter.setExpressionHandler(expressionHandler);
            affirmativeBased.getDecisionVoters().add(webExpressionVoter);
            return affirmativeBased;
        }
    };
}
 
Example #2
Source File: JvueGlobalMethodSecurityConfiguration.java    From jvue-admin with MIT License 5 votes vote down vote up
@Override
public AccessDecisionManager accessDecisionManager() {

    List<AccessDecisionVoter<? extends Object>> decisionVoters =
            new ArrayList<AccessDecisionVoter<? extends Object>>();

    decisionVoters.add(jvueMethodAclVoter);// 启用自定义投票器
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new AuthenticatedVoter());

    return new AffirmativeBased(decisionVoters);
}
 
Example #3
Source File: ResourceServerConfiguration.java    From oauth2-resource with MIT License 5 votes vote down vote up
@Override
        public <O extends FilterSecurityInterceptor> O postProcess(O fsi) {
            fsi.setSecurityMetadataSource(new ExpressionFilterInvocationSecurityMetadataSource(fsi.getSecurityMetadataSource(), resourceEntityMapper));
            AffirmativeBased affirmativeBased = (AffirmativeBased) fsi.getAccessDecisionManager();
            affirmativeBased.getDecisionVoters().add(new ExpressionVoter());
///            affirmativeBased.getDecisionVoters().add(new RoleVoter());
            return fsi;
        }
 
Example #4
Source File: OpenApiSecurityConfigurer.java    From spring-backend-boilerplate with Apache License 2.0 5 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager() {
    List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new AuthenticatedVoter());
    decisionVoters.add(webExpressionVoter());
    return new AffirmativeBased(decisionVoters);
}
 
Example #5
Source File: AppSpringModuleConfig.java    From herd with Apache License 2.0 5 votes vote down vote up
/**
 * Overridden to remove role prefix for the role voter. The application does not require any other access decision voters in the default configuration.
 */
/*
 * rawtypes must be suppressed because AffirmativeBased constructor takes in a raw typed list of AccessDecisionVoters
 */
@SuppressWarnings("rawtypes")
@Override
protected AccessDecisionManager accessDecisionManager()
{
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    RoleVoter decisionVoter = new RoleVoter();
    decisionVoter.setRolePrefix("");
    decisionVoters.add(decisionVoter);
    return new AffirmativeBased(decisionVoters);
}
 
Example #6
Source File: StandaloneSecurityHandler.java    From ranger with Apache License 2.0 5 votes vote down vote up
public void login(String userName, String password,
		ApplicationContext context) throws Exception {
	// [1] Create AUTH Token
	Authentication token = new UsernamePasswordAuthenticationToken(
			userName, password);

	// [2] Authenticate User
	AuthenticationManager am = (AuthenticationManager) context
			.getBean(AUTH_MANAGER_BEAN_NAME);
	token = am.authenticate(token);

	// [3] Check User Access
	AffirmativeBased accessDecisionManager = (AffirmativeBased) context
			.getBean(ACCESS_DECISION_MANAGER_BEAN_NAME);
	Collection<ConfigAttribute> list = new ArrayList<ConfigAttribute>();
	SecurityConfig config = new SecurityConfig(RangerConstants.ROLE_SYS_ADMIN);
	list.add(config);
	accessDecisionManager.decide(token, null, list);

	// [4] set token in spring context
	SecurityContextHolder.getContext().setAuthentication(token);

	// [5] Process Success login
	InetAddress thisIp = InetAddress.getLocalHost();
	sessionMgr.processStandaloneSuccessLogin(
			XXAuthSession.AUTH_TYPE_PASSWORD, thisIp.getHostAddress());
}
 
Example #7
Source File: WebAppSecurityConfig.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
protected void configureUrlAuthorization(
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry
        expressionInterceptUrlRegistry) {
  List<AccessDecisionVoter<?>> listOfVoters = new ArrayList<>();
  listOfVoters.add(new WebExpressionVoter());
  listOfVoters.add(molgenisAccessDecisionVoter());
  expressionInterceptUrlRegistry.accessDecisionManager(new AffirmativeBased(listOfVoters));

  expressionInterceptUrlRegistry.antMatchers("/").permitAll();
}
 
Example #8
Source File: SecurityConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
public AccessDecisionManager customAccessDecisionManager() {
    List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new UsernameAccessDecisionVoter());
    AccessDecisionManager accessDecisionManager = new AffirmativeBased(decisionVoters);
    return accessDecisionManager;
}
 
Example #9
Source File: SpringAuthManager.java    From jdal with Apache License 2.0 5 votes vote down vote up
@PostConstruct
public void init() {
	if (this.accessDecisionManager == null) {
		if (log.isDebugEnabled())
			log.debug("Creating default AffirmativeBased AccesDecisionManager with RoleVoter");
		
		List<AccessDecisionVoter<? extends Object>> defaultVoters =
				new ArrayList<AccessDecisionVoter<? extends Object>>();
		defaultVoters.add(new RoleVoter());
		this.accessDecisionManager = new AffirmativeBased(defaultVoters);
	}
}
 
Example #10
Source File: SecurityConfiguration.java    From grpc-spring-security-demo with MIT License 4 votes vote down vote up
@Bean
public AffirmativeBased accessDecisionManager() {
    return new AffirmativeBased(Collections.singletonList(webExpressionVoter()));
}
 
Example #11
Source File: SecurityConfiguration.java    From haven-platform with Apache License 2.0 4 votes vote down vote up
@Bean
AccessDecisionManager accessDecisionManager() {
    ImmutableList.Builder<AccessDecisionVoter<?>> lb = ImmutableList.builder();
    lb.add(new AdminRoleVoter());
    return new AffirmativeBased(lb.build());
}
 
Example #12
Source File: UrlBasedSecurityConfig.java    From onetwo with Apache License 2.0 4 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager(){
	AffirmativeBased affirmative = new AffirmativeBased(Arrays.asList(multiWebExpressionVoter(), new WebExpressionVoter(), new AuthenticatedVoter()));
	return affirmative;
}