org.springframework.security.access.AccessDecisionManager Java Examples

The following examples show how to use org.springframework.security.access.AccessDecisionManager. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Description("ConsensusBased AccessDecisionManager for Authorization voting")
@Bean
public AccessDecisionManager accessDecisionManager(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new ConsensusBased(decisionVoters);
}
 
Example #2
Source File: LogicalOrAccessDecisionManager.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
@Override
public boolean supports( ConfigAttribute configAttribute )
{
    for ( AccessDecisionManager accessDecisionManager : accessDecisionManagers )
    {
        if ( accessDecisionManager.supports( configAttribute ) )
        {
            return true;
        }
    }

    return false;
}
 
Example #3
Source File: LogicalOrAccessDecisionManager.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
@Override
public boolean supports( Class<?> clazz )
{
    for ( AccessDecisionManager accessDecisionManager : accessDecisionManagers )
    {
        if ( accessDecisionManager.supports( clazz ) )
        {
            return true;
        }
    }

    return false;
}
 
Example #4
Source File: BootUrlBasedSecurityConfig.java    From onetwo with Apache License 2.0 5 votes vote down vote up
@Bean
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@ConditionalOnMissingBean(DefaultUrlSecurityConfigurer.class)
@Autowired
public DefaultUrlSecurityConfigurer defaultSecurityConfigurer(AccessDecisionManager accessDecisionManager){
	return super.defaultSecurityConfigurer(accessDecisionManager);
}
 
Example #5
Source File: MethodBasedSecurityConfig.java    From onetwo with Apache License 2.0 5 votes vote down vote up
/***
 * 对应的方法决策器
 */
@Override
protected AccessDecisionManager accessDecisionManager() {
	AccessDecisionManager decisionManager = super.accessDecisionManager();
	@SuppressWarnings("unchecked")
	List<AccessDecisionVoter<? extends Object>> decisionVoters = (List<AccessDecisionVoter<? extends Object>>)ReflectUtils.getFieldValue(decisionManager, "decisionVoters");
	decisionVoters.add(new MethodWebExpressionVoter());
	return decisionManager;
}
 
Example #6
Source File: UsersStorage.java    From haven-platform with Apache License 2.0 5 votes vote down vote up
@Autowired
public UsersStorage(KvMapperFactory mapperFactory, AccessDecisionManager accessDecisionManager) {
    this.adm = accessDecisionManager;
    String prefix = KvUtils.join(mapperFactory.getStorage().getPrefix(), "users");
    this.map = KvMap.builder(UserRegistration.class, ExtendedUserDetailsImpl.class)
      .mapper(mapperFactory)
      .path(prefix)
      .passDirty(true)
      .adapter(new KvMapAdapterImpl())
      .build();
}
 
Example #7
Source File: AppSpringModuleConfig.java    From herd with Apache License 2.0 5 votes vote down vote up
/**
 * Overridden to remove role prefix for the role voter. The application does not require any other access decision voters in the default configuration.
 */
/*
 * rawtypes must be suppressed because AffirmativeBased constructor takes in a raw typed list of AccessDecisionVoters
 */
@SuppressWarnings("rawtypes")
@Override
protected AccessDecisionManager accessDecisionManager()
{
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    RoleVoter decisionVoter = new RoleVoter();
    decisionVoter.setRolePrefix("");
    decisionVoters.add(decisionVoter);
    return new AffirmativeBased(decisionVoters);
}
 
Example #8
Source File: GrpcServerSecurityAutoConfiguration.java    From grpc-spring-boot-starter with MIT License 5 votes vote down vote up
/**
 * The security interceptor that handles the authorization of requests.
 *
 * @param accessDecisionManager The access decision manager used to check the requesting user.
 * @param securityMetadataSource The source for the security metadata (access constraints).
 * @return The authorizationCheckingServerInterceptor bean.
 */
@Bean
@ConditionalOnMissingBean
@ConditionalOnBean({AccessDecisionManager.class, GrpcSecurityMetadataSource.class})
public AuthorizationCheckingServerInterceptor authorizationCheckingServerInterceptor(
        final AccessDecisionManager accessDecisionManager,
        final GrpcSecurityMetadataSource securityMetadataSource) {
    return new AuthorizationCheckingServerInterceptor(accessDecisionManager, securityMetadataSource);
}
 
Example #9
Source File: PreAuthorizeSpringViewProviderAccessDelegate.java    From Vaadin4Spring-MVP-Sample-SpringSecurity with Apache License 2.0 5 votes vote down vote up
@Override
public boolean isAccessGranted(String beanName, UI ui) {
	
	final PreAuthorize viewSecured = applicationContext.findAnnotationOnBean(beanName, PreAuthorize.class);
				
	if (viewSecured != null) {

		final Class<?> targetClass = AopUtils.getTargetClass(applicationContext.getBean(beanName));
		final Method method = ClassUtils.getMethod(AopUtils.getTargetClass(applicationContext.getBean(beanName)), "enter", com.vaadin.navigator.ViewChangeListener.ViewChangeEvent.class);								
		final MethodInvocation methodInvocation = MethodInvocationUtils.createFromClass(targetClass, method.getName());
								
		final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		final AccessDecisionManager accessDecisionManager = applicationContext.getBean(AccessDecisionManager.class);			        	        	        	       	        	       
        final ExpressionBasedAnnotationAttributeFactory attributeFactory = new ExpressionBasedAnnotationAttributeFactory(new DefaultMethodSecurityExpressionHandler());
        
		Collection<ConfigAttribute> atributi = new ArrayList<ConfigAttribute>();
		atributi.add(attributeFactory.createPreInvocationAttribute(null, null, viewSecured.value()));
		
        try {
            accessDecisionManager.decide(authentication, methodInvocation, atributi);
            return true;
        } catch (AccessDeniedException | InsufficientAuthenticationException ex) {
            return false;
        }
		
	} else {
		return true;
	}
	
}
 
Example #10
Source File: WebSecurityConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager() {
    // @formatter: off
    List<AccessDecisionVoter<? extends Object>> decisionVoters = Arrays.asList(new WebExpressionVoter(), new RoleVoter(), new AuthenticatedVoter(), new MinuteBasedVoter());
    // @formatter: on
    return new UnanimousBased(decisionVoters);
}
 
Example #11
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
public AccessDecisionManager accessDecisionManager2(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new AuthenticatedVoter(),
            new RoleVoter(),
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new UnanimousBased(decisionVoters);
}
 
Example #12
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Description("AccessDecisionManager for Authorization voting")
@Bean
public AccessDecisionManager accessDecisionManager(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new ConsensusBased(decisionVoters);
}
 
Example #13
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
public AccessDecisionManager accessDecisionManager2(
        CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
    List<AccessDecisionVoter<? extends Object>> decisionVoters
            = Arrays.asList(
            new AuthenticatedVoter(),
            new RoleVoter(),
            new WebExpressionVoter(){{
                setExpressionHandler(customWebSecurityExpressionHandler);
            }}
    );
    return new UnanimousBased(decisionVoters);
}
 
Example #14
Source File: CustomAuthorizationConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Description("ConsensusBased AccessDecisionManager for Authorization voting")
    @Bean
    public AccessDecisionManager accessDecisionManager(
            CustomWebSecurityExpressionHandler customWebSecurityExpressionHandler) {
        List<AccessDecisionVoter<? extends Object>> decisionVoters
                = Arrays.asList(
//                new AuthenticatedVoter(),
//                new RoleVoter(),
                new WebExpressionVoter(){{
                    setExpressionHandler(customWebSecurityExpressionHandler);
                }}
        );
        return new ConsensusBased(decisionVoters);
    }
 
Example #15
Source File: OpenApiSecurityConfigurer.java    From spring-backend-boilerplate with Apache License 2.0 5 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager() {
    List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new AuthenticatedVoter());
    decisionVoters.add(webExpressionVoter());
    return new AffirmativeBased(decisionVoters);
}
 
Example #16
Source File: SecurityConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
public AccessDecisionManager customAccessDecisionManager() {
    List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new UsernameAccessDecisionVoter());
    AccessDecisionManager accessDecisionManager = new AffirmativeBased(decisionVoters);
    return accessDecisionManager;
}
 
Example #17
Source File: GrpcServerSecurityAutoConfiguration.java    From grpc-spring-boot-starter with MIT License 5 votes vote down vote up
/**
 * The security interceptor that handles the authorization of requests.
 *
 * @param accessDecisionManager The access decision manager used to check the requesting user.
 * @param securityMetadataSource The source for the security metadata (access constraints).
 * @return The authorizationCheckingServerInterceptor bean.
 */
@Bean
@ConditionalOnMissingBean
@ConditionalOnBean({AccessDecisionManager.class, GrpcSecurityMetadataSource.class})
public AuthorizationCheckingServerInterceptor authorizationCheckingServerInterceptor(
        final AccessDecisionManager accessDecisionManager,
        final GrpcSecurityMetadataSource securityMetadataSource) {
    return new AuthorizationCheckingServerInterceptor(accessDecisionManager, securityMetadataSource);
}
 
Example #18
Source File: UrlBasedSecurityConfig.java    From onetwo with Apache License 2.0 5 votes vote down vote up
@Bean
//	@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
//	@ConditionalOnMissingBean(WebSecurityConfigurerAdapter.class)
	@Autowired
	public DefaultUrlSecurityConfigurer defaultSecurityConfigurer(AccessDecisionManager accessDecisionManager){
		return new DefaultUrlSecurityConfigurer(accessDecisionManager);
	}
 
Example #19
Source File: SecurityConfig.java    From feast with Apache License 2.0 5 votes vote down vote up
/**
 * Creates an AccessDecisionManager if authorization is enabled. This object determines the policy
 * used to make authorization decisions.
 *
 * @return AccessDecisionManager
 */
@Bean
@ConditionalOnProperty(prefix = "feast.security.authorization", name = "enabled")
AccessDecisionManager accessDecisionManager() {
  final List<AccessDecisionVoter<?>> voters = new ArrayList<>();
  voters.add(new AccessPredicateVoter());
  return new UnanimousBased(voters);
}
 
Example #20
Source File: JvueGlobalMethodSecurityConfiguration.java    From jvue-admin with MIT License 5 votes vote down vote up
@Override
public AccessDecisionManager accessDecisionManager() {

    List<AccessDecisionVoter<? extends Object>> decisionVoters =
            new ArrayList<AccessDecisionVoter<? extends Object>>();

    decisionVoters.add(jvueMethodAclVoter);// 启用自定义投票器
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new AuthenticatedVoter());

    return new AffirmativeBased(decisionVoters);
}
 
Example #21
Source File: UrlBasedSecurityConfig.java    From onetwo with Apache License 2.0 4 votes vote down vote up
@Bean
public AccessDecisionManager accessDecisionManager(){
	AffirmativeBased affirmative = new AffirmativeBased(Arrays.asList(multiWebExpressionVoter(), new WebExpressionVoter(), new AuthenticatedVoter()));
	return affirmative;
}
 
Example #22
Source File: SecurityConfiguration.java    From haven-platform with Apache License 2.0 4 votes vote down vote up
@Bean
AccessDecisionManager accessDecisionManager() {
    ImmutableList.Builder<AccessDecisionVoter<?>> lb = ImmutableList.builder();
    lb.add(new AdminRoleVoter());
    return new AffirmativeBased(lb.build());
}
 
Example #23
Source File: BootUrlBasedSecurityConfig.java    From onetwo with Apache License 2.0 4 votes vote down vote up
@ConditionalOnMissingBean(AccessDecisionManager.class)
@Bean
public AccessDecisionManager accessDecisionManager(){
	return super.accessDecisionManager();
}
 
Example #24
Source File: BootMethodBasedSecurityConfig.java    From onetwo with Apache License 2.0 4 votes vote down vote up
@ConditionalOnMissingBean(AccessDecisionManager.class)
@Bean
public AccessDecisionManager accessDecisionManager(){
	return super.accessDecisionManager();
}
 
Example #25
Source File: SecurityConfig.java    From Vaadin4Spring-MVP-Sample-SpringSecurity with Apache License 2.0 4 votes vote down vote up
@Bean
@Override
protected AccessDecisionManager accessDecisionManager() {
	return super.accessDecisionManager();
}
 
Example #26
Source File: SpringAuthManager.java    From jdal with Apache License 2.0 4 votes vote down vote up
/**
 * @return the accessDecisionManager
 */
public AccessDecisionManager getAccessDecisionManager() {
	return accessDecisionManager;
}
 
Example #27
Source File: SpringAuthManager.java    From jdal with Apache License 2.0 4 votes vote down vote up
/**
 * @param accessDecisionManager the accessDecisionManager to set
 */
public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager) {
	this.accessDecisionManager = accessDecisionManager;
}
 
Example #28
Source File: DefaultUrlSecurityConfigurer.java    From onetwo with Apache License 2.0 4 votes vote down vote up
public DefaultUrlSecurityConfigurer(AccessDecisionManager accessDecisionManager) {
	super();
	this.accessDecisionManager = accessDecisionManager;
}
 
Example #29
Source File: AppContextConfig.java    From onetwo with Apache License 2.0 4 votes vote down vote up
public AppContextConfig(AccessDecisionManager accessDecisionManager) {
	super(accessDecisionManager);
}
 
Example #30
Source File: SpringSecurityActionAccessResolver.java    From dhis2-core with BSD 3-Clause "New" or "Revised" License 4 votes vote down vote up
public void setAccessDecisionManager( AccessDecisionManager accessDecisionManager )
{
    this.accessDecisionManager = accessDecisionManager;
}