org.springframework.security.web.access.expression.WebExpressionVoter Java Examples

The following examples show how to use org.springframework.security.web.access.expression.WebExpressionVoter. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthenticationHandler.java    From blackduck-alert with Apache License 2.0 6 votes vote down vote up
private ObjectPostProcessor<AffirmativeBased> createRoleProcessor() {
    return new ObjectPostProcessor<>() {
        @Override
        public AffirmativeBased postProcess(AffirmativeBased affirmativeBased) {
            WebExpressionVoter webExpressionVoter = new WebExpressionVoter();
            DefaultWebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler();
            expressionHandler.setRoleHierarchy(authorities -> {
                String[] allAlertRoles = retrieveAllowedRoles();
                return AuthorityUtils.createAuthorityList(allAlertRoles);
            });
            webExpressionVoter.setExpressionHandler(expressionHandler);
            affirmativeBased.getDecisionVoters().add(webExpressionVoter);
            return affirmativeBased;
        }
    };
}
 
Example #2
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Description("ConsensusBased AccessDecisionManager for Authorization voting")
    @Bean
    public AccessDecisionManager accessDecisionManager(
            CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
        List<AccessDecisionVoter<? extends Object>> decisionVoters
                = Arrays.asList(
//                new AuthenticatedVoter(),
//                new RoleVoter(),
                new WebExpressionVoter(){{
                    setExpressionHandler(customWebSecurityExpressionHandler);
                }}
        );
        return new ConsensusBased(decisionVoters);
    }
 
Example #3
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
public AccessDecisionManager accessDecisionManager2(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new AuthenticatedVoter(),
            new RoleVoter(),
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new UnanimousBased(decisionVoters);
}
 
Example #4
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Description("AccessDecisionManager for Authorization voting")
@Bean
public AccessDecisionManager accessDecisionManager(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new ConsensusBased(decisionVoters);
}
 
Example #5
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Description("ConsensusBased AccessDecisionManager for Authorization voting")
@Bean
public AccessDecisionManager accessDecisionManager(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new ConsensusBased(decisionVoters);
}
 
Example #6
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
public AccessDecisionManager accessDecisionManager2(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new AuthenticatedVoter(),
            new RoleVoter(),
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new UnanimousBased(decisionVoters);
}
 
Example #7
Source File: WebAppSecurityConfig.java    From molgenis with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
protected void configureUrlAuthorization(
    ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry
        expressionInterceptUrlRegistry) {
  List<AccessDecisionVoter<?>> listOfVoters = new ArrayList<>();
  listOfVoters.add(new WebExpressionVoter());
  listOfVoters.add(molgenisAccessDecisionVoter());
  expressionInterceptUrlRegistry.accessDecisionManager(new AffirmativeBased(listOfVoters));

  expressionInterceptUrlRegistry.antMatchers("/").permitAll();
}
 
Example #8
Source File: WebSecurityConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager() {
    // @formatter: off
    List<AccessDecisionVoter<? extends Object>> decisionVoters = Arrays.asList(new WebExpressionVoter(), new RoleVoter(), new AuthenticatedVoter(), new MinuteBasedVoter());
    // @formatter: on
    return new UnanimousBased(decisionVoters);
}
 
Example #9
Source File: SecurityConfiguration.java    From multiapps-controller with Apache License 2.0 4 votes vote down vote up
@Inject
@Bean
public UnanimousBased accessDecisionManager(WebExpressionVoter webExpressionVoter, AuthenticatedVoter authenticatedVoter) {
    return new UnanimousBased(Arrays.asList(webExpressionVoter, authenticatedVoter));
}
 
Example #10
Source File: OpenApiSecurityConfigurer.java    From spring-backend-boilerplate with Apache License 2.0 4 votes vote down vote up
@Bean
public WebExpressionVoter webExpressionVoter() {
    WebExpressionVoter result = new WebExpressionVoter();
    result.setExpressionHandler(rbacWebSecurityExpressionHandler());
    return result;
}
 
Example #11
Source File: UrlBasedSecurityConfig.java    From onetwo with Apache License 2.0 4 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager(){
	AffirmativeBased affirmative = new AffirmativeBased(Arrays.asList(multiWebExpressionVoter(), new WebExpressionVoter(), new AuthenticatedVoter()));
	return affirmative;
}