org.springframework.security.access.SecurityMetadataSource Java Examples

The following examples show how to use org.springframework.security.access.SecurityMetadataSource. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: XWorkSecurityInterceptor.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 7 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource()
{
    SecurityMetadataSource definitionSource = definitionSourceTag.get();

    if ( definitionSource != null )
    {
        return definitionSource;
    }

    // ---------------------------------------------------------------------
    // ObjectDefinitionSource required, but we are not inside an
    // invocation. Returning an empty dummy.
    // ---------------------------------------------------------------------

    return new SingleSecurityMetadataSource( new ActionConfig.Builder( "", "", "" ).build() );
}
 
Example #2
Source File: ConfigAwareSecurityMetadataSource.java    From engine with GNU General Public License v3.0 5 votes vote down vote up
@Override
@SuppressWarnings("unchecked")
public Collection<ConfigAttribute> getAttributes(final Object object) throws IllegalArgumentException {
    Callback<SecurityMetadataSource> callback = () -> {
        HierarchicalConfiguration siteConfig = ConfigUtils.getCurrentConfig();
        if (siteConfig != null) {
            List<HierarchicalConfiguration> restrictionsConfig = siteConfig.configurationsAt(URL_RESTRICTION_KEY);
            if (CollectionUtils.isNotEmpty(restrictionsConfig)) {
                LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> map = new LinkedHashMap<>();
                for (HierarchicalConfiguration restrictionConfig : restrictionsConfig) {
                    String url = restrictionConfig.getString(URL_RESTRICTION_URL_KEY);
                    String expression = restrictionConfig.getString(URL_RESTRICTION_EXPRESSION_KEY);
                    if (StringUtils.isNotEmpty(url) && StringUtils.isNotEmpty(expression)) {
                        AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);
                        map.put(matcher, singleton(new SecurityConfig(expression)));
                    }
                }
                return new ExpressionBasedFilterInvocationSecurityMetadataSource(map,
                    new DefaultWebSecurityExpressionHandler());
            }
        }
        return new DefaultFilterInvocationSecurityMetadataSource(new LinkedHashMap<>());
    };

    SiteContext siteContext = SiteContext.getCurrent();
    if (siteContext != null) {
        SecurityMetadataSource metadataSource =
            cacheTemplate.getObject(siteContext.getContext(), callback, URL_RESTRICTIONS_CACHE_KEY);

        return metadataSource.getAttributes(object);
    }
    return null;
}
 
Example #3
Source File: DefaultRequiredAuthoritiesProvider.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
@Override
public SecurityMetadataSource createSecurityMetadataSource( ActionConfig actionConfig, Object object )
{
    Collection<ConfigAttribute> attributes = new ArrayList<>();
    attributes.addAll( StrutsAuthorityUtils.getConfigAttributes( getRequiredAuthorities( actionConfig ) ) );
    attributes.addAll( StrutsAuthorityUtils.getConfigAttributes( globalAttributes ) );

    return new SingleSecurityMetadataSource( object, attributes );
}
 
Example #4
Source File: SecurityDecisionManagerImpl.java    From bdf3 with Apache License 2.0 5 votes vote down vote up
@Override
public Collection<ConfigAttribute> findConfigAttributes(Resource resource) {
	Collection<ConfigAttribute> attributes = resource.getAttributes();
	if (CollectionUtils.isEmpty(attributes)) {
		for (SecurityMetadataSource securityMetadataSource : securityMetadataSources) {
			if (securityMetadataSource.supports(resource.getClass())) {
				attributes = securityMetadataSource.getAttributes(resource);
			}
		}
	} 
	return attributes;
}
 
Example #5
Source File: CustomSecurityFilter.java    From microservice-integration with MIT License 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return invocationSource;
}
 
Example #6
Source File: SecurityFilter.java    From hermes with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
	return securityMetadataSource;
}
 
Example #7
Source File: ResourceSecurityFilter.java    From zxl with Apache License 2.0 4 votes vote down vote up
public SecurityMetadataSource obtainSecurityMetadataSource() {
	return this.securityMetadataSource;
}
 
Example #8
Source File: MyFilterSecurityInterceptor.java    From maintain with MIT License 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
	return this.securityMetadataSource;
}
 
Example #9
Source File: DefaultRequiredAuthoritiesProvider.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 4 votes vote down vote up
@Override
public SecurityMetadataSource createSecurityMetadataSource( ActionConfig actionConfig )
{
    return createSecurityMetadataSource( actionConfig, actionConfig );
}
 
Example #10
Source File: AuthorizationCheckingServerInterceptor.java    From grpc-spring-boot-starter with MIT License 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #11
Source File: FilterSecurityInterceptor.java    From bdf3 with Apache License 2.0 4 votes vote down vote up
public SecurityMetadataSource obtainSecurityMetadataSource() {
	return this.securityMetadataSource;
}
 
Example #12
Source File: MyFilterSecurityInterceptor.java    From spring-boot-demo with MIT License 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {

    return this.securityMetadataSource;
}
 
Example #13
Source File: MyFilterSecurityInterceptor.java    From itweet-boot with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #14
Source File: CustomSecurityFilter.java    From Auth-service with MIT License 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return invocationSource;
}
 
Example #15
Source File: MyFilterSecurityInterceptor.java    From springboot-security-wechat with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #16
Source File: AuthorizationCheckingServerInterceptor.java    From grpc-spring-boot-starter with MIT License 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #17
Source File: MyFilterSecurityInterceptor.java    From demo-project with MIT License 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.mySecurityMetadataSource;
}
 
Example #18
Source File: DynamicSecurityFilter.java    From mall with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return dynamicSecurityMetadataSource;
}
 
Example #19
Source File: CustomFilterSecurityInterceptor.java    From bbs with GNU Affero General Public License v3.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource(){
	return this.securityMetadataSource;
}
 
Example #20
Source File: DynamicallyUrlInterceptor.java    From base-admin with MIT License 4 votes vote down vote up
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #21
Source File: DynamicSecurityFilter.java    From mall-swarm with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return dynamicSecurityMetadataSource;
}
 
Example #22
Source File: CustomFilterSecurityInterceptor.java    From spring-security with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #23
Source File: CustomFilterSecurityInterceptor.java    From spring-security with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #24
Source File: CustomFilterSecurityInterceptor.java    From spring-security with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #25
Source File: CustomFilterSecurityInterceptor.java    From spring-security with Apache License 2.0 4 votes vote down vote up
@Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
    return this.securityMetadataSource;
}
 
Example #26
Source File: RequiredAuthoritiesProvider.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 2 votes vote down vote up
/**
 * Creates an SecurityMetadataSource based on the required authorities for
 * the action config. The specified action config is set as the secure
 * object. The SecurityMetadataSource may include additional attributes if
 * needed.
 *
 * @param actionConfig the secure actionConfig to get required authorities
 *                     from.
 */
public SecurityMetadataSource createSecurityMetadataSource( ActionConfig actionConfig );
 
Example #27
Source File: RequiredAuthoritiesProvider.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 2 votes vote down vote up
/**
 * Creates an SecurityMetadataSource for a specified secure object based on
 * the required authorities for the action config. The
 * SecurityMetadataSource may include additional attributes if needed.
 *
 * @param actionConfig the actionConfig to get required authorities from.
 * @param object       the secure object.
 */
public SecurityMetadataSource createSecurityMetadataSource( ActionConfig actionConfig, Object object );
 
Example #28
Source File: SecurityFilter.java    From hermes with Apache License 2.0 2 votes vote down vote up
/**
 * 设置安全元数据
 * 
 * @param securityMetadataSource
 */
public void setSecurityMetadataSource(SecurityMetadataSource securityMetadataSource) {
	this.securityMetadataSource = securityMetadataSource;
}