Java Code Examples for org.springframework.security.access.ConfigAttribute#getAttribute()
The following examples show how to use
org.springframework.security.access.ConfigAttribute#getAttribute() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SecurityAccessDecisionManager.java From cola-cloud with MIT License | 6 votes |
|
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if(null== configAttributes || configAttributes.size() <=0) {
return;
}
ConfigAttribute c;
String needRole;
for (ConfigAttribute configAttribute : configAttributes) {
c = configAttribute;
needRole = c.getAttribute();
//authentication 为在注释1 中循环添加到 GrantedAuthority 对象中的权限信息集合
for (GrantedAuthority ga : authentication.getAuthorities()) {
if (needRole.trim().equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("访问被拒绝,权限不足");
}
Example 2
| Source File: DynamicAccessDecisionManager.java From mall with Apache License 2.0 | 6 votes |
|
@Override
public void decide(Authentication authentication, Object object,
Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
// 当接口未被配置资源时直接放行
if (CollUtil.isEmpty(configAttributes)) {
return;
}
Iterator<ConfigAttribute> iterator = configAttributes.iterator();
while (iterator.hasNext()) {
ConfigAttribute configAttribute = iterator.next();
//将访问所需资源或用户拥有资源进行比对
String needAuthority = configAttribute.getAttribute();
for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
if (needAuthority.trim().equals(grantedAuthority.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("抱歉,您没有访问权限");
}
Example 3
| Source File: SecurityAccessDecisionManager.java From Auth-service with MIT License | 6 votes |
|
/**
* @param authentication 用户权限
* @param o url
* @param collection 所需要的权限
* @throws AccessDeniedException
* @throws InsufficientAuthenticationException
*/
@Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
logger.info("decide url and permission");
if (collection == null) {
return;
}
Iterator<ConfigAttribute> ite = collection.iterator();
//判断用户所拥有的权限,是否符合对应的Url权限,如果实现了UserDetailsService,则用户权限是loadUserByUsername返回用户所对应的权限
while (ite.hasNext()) {
ConfigAttribute ca = ite.next();
String needRole = ca.getAttribute();
for (GrantedAuthority ga : authentication.getAuthorities()) {
logger.info("GrantedAuthority: {}", ga);
if (needRole.equals(ga.getAuthority())) {
return;
}
}
}
logger.error("AccessDecisionManager: no right!");
throw new AccessDeniedException("no right!");
}
Example 4
| Source File: MyAccessDecisionManager.java From itweet-boot with Apache License 2.0 | 6 votes |
|
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if(null== configAttributes || configAttributes.size() <=0) {
return;
}
ConfigAttribute c;
String needRole;
for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
c = iter.next();
needRole = c.getAttribute();
for(GrantedAuthority ga : authentication.getAuthorities()) {
if(needRole.trim().equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("no right");
}
Example 5
| Source File: SecurityAccessDecisionManager.java From microservice-integration with MIT License | 6 votes |
|
/**
* @param authentication 用户权限
* @param o url
* @param collection 所需要的权限
* @throws AccessDeniedException
* @throws InsufficientAuthenticationException
*/
@Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
logger.info("decide url and permission");
if (collection == null) {
return;
}
Iterator<ConfigAttribute> ite = collection.iterator();
//判断用户所拥有的权限,是否符合对应的Url权限,如果实现了UserDetailsService,则用户权限是loadUserByUsername返回用户所对应的权限
while (ite.hasNext()) {
ConfigAttribute ca = ite.next();
String needRole = ca.getAttribute();
for (GrantedAuthority ga : authentication.getAuthorities()) {
logger.info("GrantedAuthority: {}", ga);
if (needRole.equals(ga.getAuthority())) {
return;
}
}
}
logger.error("AccessDecisionManager: no right!");
throw new AccessDeniedException("no right!");
}
Example 6
| Source File: DynamicAccessDecisionManager.java From mall-swarm with Apache License 2.0 | 6 votes |
|
@Override
public void decide(Authentication authentication, Object object,
Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
// 当接口未被配置资源时直接放行
if (CollUtil.isEmpty(configAttributes)) {
return;
}
Iterator<ConfigAttribute> iterator = configAttributes.iterator();
while (iterator.hasNext()) {
ConfigAttribute configAttribute = iterator.next();
//将访问所需资源或用户拥有资源进行比对
String needAuthority = configAttribute.getAttribute();
for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
if (needAuthority.trim().equals(grantedAuthority.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("抱歉,您没有访问权限");
}
Example 7
| Source File: AccessDecisionManager.java From hermes with Apache License 2.0 | 6 votes |
|
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
// 判断目标是否在权限控制内
if (configAttributes == null) return;
// 遍历权限
for (ConfigAttribute configAttribute: configAttributes) {
// 将权限与用户角色进行匹配
String role = configAttribute.getAttribute();
for (GrantedAuthority grantedAuthority: authentication.getAuthorities()) {
Logger.debug("match between %s and %s.", role, grantedAuthority.getAuthority());
if (Strings.equals(role, grantedAuthority.getAuthority())) {
Logger.debug("matched! access allow.");
return;
}
}
}
// 无法匹配权限抛出异常
Logger.info("denied!");
throw new AccessDeniedException("no authority.");
}
Example 8
| Source File: ResourceAccessDecisionManager.java From zxl with Apache License 2.0 | 6 votes |
|
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if (configAttributes == null) {
return;
}
Iterator<ConfigAttribute> iterator = configAttributes.iterator();
while (iterator.hasNext()) {
ConfigAttribute configAttribute = iterator.next();
String needPermission = configAttribute.getAttribute();
for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
if (needPermission.equals(grantedAuthority.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("权限不足!");
}
Example 9
| Source File: MyAccessDecisionManager.java From maintain with MIT License | 6 votes |
|
@Override
public void decide(Authentication authentication, Object obj, Collection<ConfigAttribute> configAttributes)
throws AccessDeniedException, InsufficientAuthenticationException {
if (null == configAttributes || configAttributes.size() <= 0) {
logger.info("decide == return");
return;
}
ConfigAttribute c;
String needRole;
for (Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext();) {
c = iter.next();
needRole = c.getAttribute();
logger.info("need======" + needRole.trim() + " size=" + authentication.getAuthorities());
for (GrantedAuthority ga : authentication.getAuthorities()) {
logger.info("needRole==" + needRole.trim() + " [] = authority=" + ga.getAuthority());
// authentication 为在注释1 中循环添加到 GrantedAuthority 对象中的权限信息集合
if (needRole.trim().equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("no right");
}
Example 10
| Source File: UsernameAccessDecisionVoter.java From tutorials with MIT License | 5 votes |
|
@Override
public boolean supports(ConfigAttribute attribute) {
if ((attribute.getAttribute() != null)
&& !attribute.getAttribute().startsWith(rolePrefix)) {
return true;
}else {
return false;
}
}
Example 11
| Source File: AbstractPrefixedAccessDecisionVoter.java From dhis2-core with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
@Override
public boolean supports( ConfigAttribute configAttribute )
{
boolean result = configAttribute.getAttribute() != null
&& configAttribute.getAttribute().startsWith( attributePrefix );
log.debug( "Supports configAttribute: " + configAttribute + ", " + result + " (" + getClass().getSimpleName()
+ ")" );
return result;
}
Example 12
| Source File: UrlRoleVoter.java From bdf3 with Apache License 2.0 | 5 votes |
|
public boolean supports(ConfigAttribute attribute) {
if ((attribute.getAttribute() != null)
&& attribute.getAttribute().startsWith(getRolePrefix())) {
return true;
}
else {
return false;
}
}
Example 13
| Source File: ComponentRoleVoter.java From bdf3 with Apache License 2.0 | 5 votes |
|
public boolean supports(ConfigAttribute attribute) {
if ((attribute.getAttribute() != null)
&& attribute.getAttribute().startsWith(getRolePrefix())) {
return true;
}
else {
return false;
}
}
Example 14
| Source File: SimpleAccessVoter.java From dhis2-core with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
@Override
public boolean supports( ConfigAttribute configAttribute )
{
return configAttribute != null && configAttribute.getAttribute() != null
&& configAttribute.getAttribute().equals( requiredAuthority );
}
Example 15
| Source File: PermissionVoter.java From lemon with Apache License 2.0 | 4 votes |
|
public boolean supports(ConfigAttribute attribute) {
return attribute.getAttribute() != null;
}
Example 16
| Source File: PermissionVoter.java From lemon with Apache License 2.0 | 4 votes |
|
private String getPermission(ConfigAttribute configAttribute) {
return configAttribute.getAttribute();
}
Example 17
| Source File: AuthenticatedVoter.java From lemon with Apache License 2.0 | 4 votes |
|
public boolean supports(ConfigAttribute attribute) {
return (attribute.getAttribute() != null)
&& ALLOWED_ATTRIBUTES.contains(attribute.getAttribute());
}
