Java Code Examples for org.springframework.security.access.AccessDecisionManager

The following examples show how to use org.springframework.security.access.AccessDecisionManager. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: jvue-admin   Source File: JvueGlobalMethodSecurityConfiguration.java    License: MIT License 5 votes vote down vote up
@Override
public AccessDecisionManager accessDecisionManager() {

    List<AccessDecisionVoter<? extends Object>> decisionVoters =
            new ArrayList<AccessDecisionVoter<? extends Object>>();

    decisionVoters.add(jvueMethodAclVoter);// 启用自定义投票器
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new AuthenticatedVoter());

    return new AffirmativeBased(decisionVoters);
}
 
Example 2
Source Project: feast   Source File: SecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Creates an AccessDecisionManager if authorization is enabled. This object determines the policy
 * used to make authorization decisions.
 *
 * @return AccessDecisionManager
 */
@Bean
@ConditionalOnProperty(prefix = "feast.security.authorization", name = "enabled")
AccessDecisionManager accessDecisionManager() {
  final List<AccessDecisionVoter<?>> voters = new ArrayList<>();
  voters.add(new AccessPredicateVoter());
  return new UnanimousBased(voters);
}
 
Example 3
/**
 * The security interceptor that handles the authorization of requests.
 *
 * @param accessDecisionManager The access decision manager used to check the requesting user.
 * @param securityMetadataSource The source for the security metadata (access constraints).
 * @return The authorizationCheckingServerInterceptor bean.
 */
@Bean
@ConditionalOnMissingBean
@ConditionalOnBean({AccessDecisionManager.class, GrpcSecurityMetadataSource.class})
public AuthorizationCheckingServerInterceptor authorizationCheckingServerInterceptor(
        final AccessDecisionManager accessDecisionManager,
        final GrpcSecurityMetadataSource securityMetadataSource) {
    return new AuthorizationCheckingServerInterceptor(accessDecisionManager, securityMetadataSource);
}
 
Example 4
@Bean
public AccessDecisionManager accessDecisionManager() {
    List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new AuthenticatedVoter());
    decisionVoters.add(webExpressionVoter());
    return new AffirmativeBased(decisionVoters);
}
 
Example 5
@Description("ConsensusBased AccessDecisionManager for Authorization voting")
    @Bean
    public AccessDecisionManager accessDecisionManager(
            CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
        List<AccessDecisionVoter<? extends Object>> decisionVoters
                = Arrays.asList(
//                new AuthenticatedVoter(),
//                new RoleVoter(),
                new WebExpressionVoter(){{
                    setExpressionHandler(customWebSecurityExpressionHandler);
                }}
        );
        return new ConsensusBased(decisionVoters);
    }
 
Example 6
public AccessDecisionManager accessDecisionManager2(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new AuthenticatedVoter(),
            new RoleVoter(),
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new UnanimousBased(decisionVoters);
}
 
Example 7
@Description("AccessDecisionManager for Authorization voting")
@Bean
public AccessDecisionManager accessDecisionManager(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new ConsensusBased(decisionVoters);
}
 
Example 8
@Description("ConsensusBased AccessDecisionManager for Authorization voting")
@Bean
public AccessDecisionManager accessDecisionManager(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new ConsensusBased(decisionVoters);
}
 
Example 9
public AccessDecisionManager accessDecisionManager2(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new AuthenticatedVoter(),
            new RoleVoter(),
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new UnanimousBased(decisionVoters);
}
 
Example 10
/**
 * The security interceptor that handles the authorization of requests.
 *
 * @param accessDecisionManager The access decision manager used to check the requesting user.
 * @param securityMetadataSource The source for the security metadata (access constraints).
 * @return The authorizationCheckingServerInterceptor bean.
 */
@Bean
@ConditionalOnMissingBean
@ConditionalOnBean({AccessDecisionManager.class, GrpcSecurityMetadataSource.class})
public AuthorizationCheckingServerInterceptor authorizationCheckingServerInterceptor(
        final AccessDecisionManager accessDecisionManager,
        final GrpcSecurityMetadataSource securityMetadataSource) {
    return new AuthorizationCheckingServerInterceptor(accessDecisionManager, securityMetadataSource);
}
 
Example 11
Source Project: haven-platform   Source File: UsersStorage.java    License: Apache License 2.0 5 votes vote down vote up
@Autowired
public UsersStorage(KvMapperFactory mapperFactory, AccessDecisionManager accessDecisionManager) {
    this.adm = accessDecisionManager;
    String prefix = KvUtils.join(mapperFactory.getStorage().getPrefix(), "users");
    this.map = KvMap.builder(UserRegistration.class, ExtendedUserDetailsImpl.class)
      .mapper(mapperFactory)
      .path(prefix)
      .passDirty(true)
      .adapter(new KvMapAdapterImpl())
      .build();
}
 
Example 12
@Override
public boolean supports( ConfigAttribute configAttribute )
{
    for ( AccessDecisionManager accessDecisionManager : accessDecisionManagers )
    {
        if ( accessDecisionManager.supports( configAttribute ) )
        {
            return true;
        }
    }

    return false;
}
 
Example 13
@Override
public boolean supports( Class<?> clazz )
{
    for ( AccessDecisionManager accessDecisionManager : accessDecisionManagers )
    {
        if ( accessDecisionManager.supports( clazz ) )
        {
            return true;
        }
    }

    return false;
}
 
Example 14
Source Project: herd   Source File: AppSpringModuleConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Overridden to remove role prefix for the role voter. The application does not require any other access decision voters in the default configuration.
 */
/*
 * rawtypes must be suppressed because AffirmativeBased constructor takes in a raw typed list of AccessDecisionVoters
 */
@SuppressWarnings("rawtypes")
@Override
protected AccessDecisionManager accessDecisionManager()
{
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    RoleVoter decisionVoter = new RoleVoter();
    decisionVoter.setRolePrefix("");
    decisionVoters.add(decisionVoter);
    return new AffirmativeBased(decisionVoters);
}
 
Example 15
Source Project: onetwo   Source File: UrlBasedSecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
//	@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
//	@ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class)
	@Autowired
	public DefaultUrlSecurityConfigurer defaultSecurityConfigurer(AccessDecisionManager accessDecisionManager){
		return new DefaultUrlSecurityConfigurer(accessDecisionManager);
	}
 
Example 16
Source Project: onetwo   Source File: MethodBasedSecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
/***
 * 对应的方法决策器
 */
@Override
protected AccessDecisionManager accessDecisionManager() {
	AccessDecisionManager decisionManager = super.accessDecisionManager();
	@SuppressWarnings("unchecked")
	List<AccessDecisionVoter<? extends Object>> decisionVoters = (List<AccessDecisionVoter<? extends Object>>)ReflectUtils.getFieldValue(decisionManager, "decisionVoters");
	decisionVoters.add(new MethodWebExpressionVoter());
	return decisionManager;
}
 
Example 17
Source Project: onetwo   Source File: BootUrlBasedSecurityConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@ConditionalOnMissingBean(DefaultUrlSecurityConfigurer.class)
@Autowired
public DefaultUrlSecurityConfigurer defaultSecurityConfigurer(AccessDecisionManager accessDecisionManager){
	return super.defaultSecurityConfigurer(accessDecisionManager);
}
 
Example 18
@Override
public boolean isAccessGranted(String beanName, UI ui) {
	
	final PreAuthorize viewSecured = applicationContext.findAnnotationOnBean(beanName, PreAuthorize.class);
				
	if (viewSecured != null) {

		final Class<?> targetClass = AopUtils.getTargetClass(applicationContext.getBean(beanName));
		final Method method = ClassUtils.getMethod(AopUtils.getTargetClass(applicationContext.getBean(beanName)), "enter", com.vaadin.navigator.ViewChangeListener.ViewChangeEvent.class);								
		final MethodInvocation methodInvocation = MethodInvocationUtils.createFromClass(targetClass, method.getName());
								
		final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		final AccessDecisionManager accessDecisionManager = applicationContext.getBean(AccessDecisionManager.class);			        	        	        	       	        	       
        final ExpressionBasedAnnotationAttributeFactory attributeFactory = new ExpressionBasedAnnotationAttributeFactory(new DefaultMethodSecurityExpressionHandler());
        
		Collection<ConfigAttribute> atributi = new ArrayList<ConfigAttribute>();
		atributi.add(attributeFactory.createPreInvocationAttribute(null, null, viewSecured.value()));
		
        try {
            accessDecisionManager.decide(authentication, methodInvocation, atributi);
            return true;
        } catch (AccessDeniedException | InsufficientAuthenticationException ex) {
            return false;
        }
		
	} else {
		return true;
	}
	
}
 
Example 19
Source Project: tutorials   Source File: WebSecurityConfig.java    License: MIT License 5 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager() {
    // @formatter: off
    List<AccessDecisionVoter<? extends Object>> decisionVoters = Arrays.asList(new WebExpressionVoter(), new RoleVoter(), new AuthenticatedVoter(), new MinuteBasedVoter());
    // @formatter: on
    return new UnanimousBased(decisionVoters);
}
 
Example 20
Source Project: tutorials   Source File: SecurityConfig.java    License: MIT License 5 votes vote down vote up
@Bean
public AccessDecisionManager customAccessDecisionManager() {
    List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new UsernameAccessDecisionVoter());
    AccessDecisionManager accessDecisionManager = new AffirmativeBased(decisionVoters);
    return accessDecisionManager;
}
 
Example 21
@Override
protected AccessDecisionManager accessDecisionManager() {
	AbstractAccessDecisionManager superManager = (AbstractAccessDecisionManager) super.accessDecisionManager();
	superManager.getDecisionVoters().add(voter);
	return superManager;
}
 
Example 22
Source Project: base-admin   Source File: DynamicallyUrlInterceptor.java    License: MIT License 4 votes vote down vote up
@Override
public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager) {
    super.setAccessDecisionManager(accessDecisionManager);
}
 
Example 23
@Bean
AccessDecisionManager accessDecisionManager() {
    final List<AccessDecisionVoter<?>> voters = new ArrayList<>();
    voters.add(new AccessPredicateVoter());
    return new UnanimousBased(voters);
}
 
Example 24
public ReactiveAccessDecisionManagerAdapter(AccessDecisionManager accessDecisionManager) {
	super();
	this.accessDecisionManager = accessDecisionManager;
}
 
Example 25
@Bean
AccessDecisionManager accessDecisionManager() {
    final List<AccessDecisionVoter<?>> voters = new ArrayList<>();
    voters.add(new AccessPredicateVoter());
    return new UnanimousBased(voters);
}
 
Example 26
Source Project: haven-platform   Source File: UsersStorage.java    License: Apache License 2.0 4 votes vote down vote up
AccessDecisionManager getAdm() {
    return adm;
}
 
Example 27
Source Project: haven-platform   Source File: SecurityConfiguration.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
AccessDecisionManager accessDecisionManager() {
    ImmutableList.Builder<AccessDecisionVoter<?>> lb = ImmutableList.builder();
    lb.add(new AdminRoleVoter());
    return new AffirmativeBased(lb.build());
}
 
Example 28
public void setAccessDecisionManagers( List<AccessDecisionManager> accessDecisionManagers )
{
    this.accessDecisionManagers = accessDecisionManagers;
}
 
Example 29
public void setAccessDecisionManager( AccessDecisionManager accessDecisionManager )
{
    this.accessDecisionManager = accessDecisionManager;
}
 
Example 30
Source Project: onetwo   Source File: AppContextConfig.java    License: Apache License 2.0 4 votes vote down vote up
public AppContextConfig(AccessDecisionManager accessDecisionManager) {
	super(accessDecisionManager);
}