org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource Java Examples
The following examples show how to use
org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SecurityFilterConfig.java From cosmo with Apache License 2.0 | 6 votes |
|
@Bean
public FilterRegistrationBean<?> securityFilterChain() {
FilterSecurityInterceptor securityFilter = new FilterSecurityInterceptor();
securityFilter.setAuthenticationManager(this.authManager);
securityFilter.setAccessDecisionManager(this.davDecisionManager);
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> metadata = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
metadata.put(AnyRequestMatcher.INSTANCE, SecurityConfig.createList(ROLES));
securityFilter.setSecurityMetadataSource(new DefaultFilterInvocationSecurityMetadataSource(metadata));
/*
* Note that the order in which filters are defined is highly important.
*/
SecurityFilterChain filterChain = new DefaultSecurityFilterChain(AnyRequestMatcher.INSTANCE,
this.cosmoExceptionFilter, this.extraTicketFilter, this.ticketFilter,
new BasicAuthenticationFilter(authManager, this.authEntryPoint), securityFilter);
FilterChainProxy proxy = new FilterChainProxy(filterChain);
proxy.setFirewall(this.httpFirewall);
FilterRegistrationBean<?> filterBean = new FilterRegistrationBean<>(proxy);
filterBean.addUrlPatterns(PATH_DAV);
return filterBean;
}
Example #2
| Source File: TestUrlResourcePopulator.java From lemon with Apache License 2.0 | 6 votes |
|
public void execute(Map<String, String> resourceMap) {
Assert.notNull(filterSecurityInterceptor);
Assert.notNull(resourceMap);
logger.info("refresh url resource");
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = null;
requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
String key = entry.getKey();
String value = entry.getValue();
requestMap.put(new AntPathRequestMatcher(key),
SecurityConfig.createListFromCommaDelimitedString(value));
}
FilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource(
requestMap);
filterSecurityInterceptor.setSecurityMetadataSource(source);
}
Example #3
| Source File: UrlResourcePopulator.java From lemon with Apache License 2.0 | 6 votes |
|
public void execute(FilterSecurityInterceptor filterSecurityInterceptor,
Map<String, String> resourceMap) {
Assert.notNull(filterSecurityInterceptor);
Assert.notNull(resourceMap);
logger.info("refresh url resource");
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = null;
requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
String key = entry.getKey();
String value = entry.getValue();
requestMap.put(new AntPathRequestMatcher(key),
SecurityConfig.createListFromCommaDelimitedString(value));
}
FilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource(
requestMap);
filterSecurityInterceptor.setSecurityMetadataSource(source);
}
Example #4
| Source File: SecurityConfig.java From Spring with Apache License 2.0 | 5 votes |
|
@Bean
public FilterSecurityInterceptor filterSecurityInterceptor() throws Exception {
final FilterSecurityInterceptor fSecInterceptor = new FilterSecurityInterceptor();
//fSecInterceptor.setAccessDecisionManager(------);
fSecInterceptor.setAuthenticationManager(super.authenticationManager());
fSecInterceptor.setSecurityMetadataSource(
new DefaultFilterInvocationSecurityMetadataSource(
(LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) new LinkedHashMap().put(
new AntPathMatcher("/chief**"), new ArrayList().add("ROLE_CHIEF"))));
return fSecInterceptor;
}
Example #5
| Source File: DatabaseSecurityMetadataSource.java From onetwo with Apache License 2.0 | 5 votes |
|
/****
* 基于url匹配拦截时,转换为ExpressionBasedFilterInvocationSecurityMetadataSource
* @param source
* @return
*/
@Override
public void buildSecurityMetadataSource(){
Assert.notNull(filterSecurityInterceptor, "filterSecurityInterceptor can not be null");
this.buildRequestMap();
Map<RequestMatcher, Collection<ConfigAttribute>> originRequestMap = getDefaultRequestMap();
if(originRequestMap!=null && !originRequestMap.isEmpty()){
this.requestMap.putAll(originRequestMap);
}
DefaultFilterInvocationSecurityMetadataSource fism = new DefaultFilterInvocationSecurityMetadataSource(requestMap);
this.filterSecurityInterceptor.setSecurityMetadataSource(fism);
}
Example #6
| Source File: DatabaseSecurityMetadataSource.java From onetwo with Apache License 2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
protected final Map<RequestMatcher, Collection<ConfigAttribute>> getDefaultRequestMap() {
Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = this.defaultRequestMap;
if (requestMap==null) {
DefaultFilterInvocationSecurityMetadataSource originMetadata = (DefaultFilterInvocationSecurityMetadataSource)filterSecurityInterceptor.getSecurityMetadataSource();
//这个内置实现不支持一个url映射到多个表达式
// ExpressionBasedFilterInvocationSecurityMetadataSource fism = new ExpressionBasedFilterInvocationSecurityMetadataSource(requestMap, securityExpressionHandler);
requestMap = (Map<RequestMatcher, Collection<ConfigAttribute>>)ReflectUtils.getFieldValue(originMetadata, "requestMap", false);
this.defaultRequestMap = requestMap;
}
return requestMap;
}
Example #7
| Source File: UrlSourceBuilder.java From lemon with Apache License 2.0 | 5 votes |
|
public void refresh() {
if ((filterSecurityInterceptor == null) || (urlSourceFetcher == null)) {
logger.info(
"filterSecurityInterceptor : {}, urlSourceFetcher : {}",
filterSecurityInterceptor, urlSourceFetcher);
return;
}
logger.info("execute refresh");
Map<String, String> resourceMap = urlSourceFetcher.getSource(null);
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = null;
requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
String key = entry.getKey();
String value = entry.getValue();
requestMap.put(new AntPathRequestMatcher(key),
SecurityConfig.createListFromCommaDelimitedString(value));
}
FilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource(
requestMap);
filterSecurityInterceptor.setSecurityMetadataSource(source);
}
Example #8
| Source File: ConfigAwareSecurityMetadataSource.java From engine with GNU General Public License v3.0 | 5 votes |
|
@Override
@SuppressWarnings("unchecked")
public Collection<ConfigAttribute> getAttributes(final Object object) throws IllegalArgumentException {
Callback<SecurityMetadataSource> callback = () -> {
HierarchicalConfiguration siteConfig = ConfigUtils.getCurrentConfig();
if (siteConfig != null) {
List<HierarchicalConfiguration> restrictionsConfig = siteConfig.configurationsAt(URL_RESTRICTION_KEY);
if (CollectionUtils.isNotEmpty(restrictionsConfig)) {
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> map = new LinkedHashMap<>();
for (HierarchicalConfiguration restrictionConfig : restrictionsConfig) {
String url = restrictionConfig.getString(URL_RESTRICTION_URL_KEY);
String expression = restrictionConfig.getString(URL_RESTRICTION_EXPRESSION_KEY);
if (StringUtils.isNotEmpty(url) && StringUtils.isNotEmpty(expression)) {
AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);
map.put(matcher, singleton(new SecurityConfig(expression)));
}
}
return new ExpressionBasedFilterInvocationSecurityMetadataSource(map,
new DefaultWebSecurityExpressionHandler());
}
}
return new DefaultFilterInvocationSecurityMetadataSource(new LinkedHashMap<>());
};
SiteContext siteContext = SiteContext.getCurrent();
if (siteContext != null) {
SecurityMetadataSource metadataSource =
cacheTemplate.getObject(siteContext.getContext(), callback, URL_RESTRICTIONS_CACHE_KEY);
return metadataSource.getAttributes(object);
}
return null;
}
