Examples of org.acegisecurity.ConfigAttributeDefinition

org.acegisecurity.ConfigAttributeDefinition
Holds a group of {@link ConfigAttribute}s that are associated with a given secure object target.
All the ConfigAttributeDefinitions associated with a given {@link org.acegisecurity.intercept.AbstractSecurityInterceptor} are stored in an {@link org.acegisecurity.intercept.ObjectDefinitionSource}.
@author Ben Alex @version $Id: ConfigAttributeDefinition.java 1496 2006-05-23 13:38:33Z benalex $

    protected Filter[] obtainAllDefinedFilters() {
        Iterator cads = this.filterInvocationDefinitionSource.getConfigAttributeDefinitions();
        Set list = new LinkedHashSet();


        while (cads.hasNext()) {
            ConfigAttributeDefinition attribDef = (ConfigAttributeDefinition) cads.next();
            Filter[] filters = obtainAllDefinedFilters(attribDef);


            for (int i = 0; i < filters.length; i++) {
                list.add(filters[i]);
            }

View Full Code Here


        this.mappings = mappings;
        Iterator it = mappings.iterator();
        while (it.hasNext()) {
            FilterInvocationDefinitionSourceMapping mapping = (FilterInvocationDefinitionSourceMapping) it.next();
            ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition();


            Iterator configAttributesIt = mapping.getConfigAttributes().iterator();
            while (configAttributesIt.hasNext()) {
                String s = (String) configAttributesIt.next();
                configDefinition.addConfigAttribute(new SecurityConfig(s));
            }


            decorated.addSecureUrl(mapping.getUrl(), configDefinition);
        }
    }

View Full Code Here

    }


    public boolean isAllowed(FilterInvocation fi, Authentication authentication) {
        Assert.notNull(fi, "FilterInvocation required");


        ConfigAttributeDefinition attrs = securityInterceptor.obtainObjectDefinitionSource().getAttributes(fi);


        if (attrs == null) {
            if (securityInterceptor.isRejectPublicInvocations()) {
                return false;
            }

View Full Code Here

      }


      Set unsupportedAttrs = new HashSet();


      while (iter.hasNext()) {
        ConfigAttributeDefinition def = (ConfigAttributeDefinition) iter.next();
        Iterator attributes = def.getConfigAttributes();


        while (attributes.hasNext()) {
          ConfigAttribute attr = (ConfigAttribute) attributes.next();


          if (!this.runAsManager.supports(attr) && !this.accessDecisionManager.supports(attr)

View Full Code Here

          + object.getClass().getName()
          + " but AbstractSecurityInterceptor only configured to support secure objects of type: "
          + getSecureObjectClass());
    }


    ConfigAttributeDefinition attr = this.obtainObjectDefinitionSource().getAttributes(object);


    if (attr == null) {
      if (rejectPublicInvocations) {
        throw new IllegalArgumentException(
            "No public invocations are allowed via this AbstractSecurityInterceptor. "
                + "This indicates a configuration error because the "
                + "AbstractSecurityInterceptor.rejectPublicInvocations property is set to 'true'");
      }


      if (logger.isDebugEnabled()) {
        logger.debug("Public object - authentication not attempted");
      }


      publishEvent(new PublicInvocationEvent(object));


      return null; // no further work post-invocation
    }


    if (logger.isDebugEnabled()) {
      logger.debug("Secure object: " + object.toString() + "; ConfigAttributes: " + attr.toString());
    }


    if (SecurityContextHolder.getContext().getAuthentication() == null) {
      credentialsNotFound(messages.getMessage("AbstractSecurityInterceptor.authenticationNotFound",
          "An Authentication object was not found in the SecurityContext"), object, attr);

View Full Code Here

  public ConfigAttributeDefinition lookupAttributes(String url) {


    Set<String> authorities = authorizeSupport.getRequiredAuthorities(url);


    if (authorities.size() > 0) {
      ConfigAttributeDefinition definition = new ConfigAttributeDefinition();
      for (String authority : authorities) {
        definition.addConfigAttribute(new SecurityConfig(authority));
      }
      return definition;
    }


    return null;

View Full Code Here

    public Iterator getConfigAttributeDefinitions() {
        return null;
    }


    protected ConfigAttributeDefinition lookupAttributes(Method method) {
        ConfigAttributeDefinition definition = new ConfigAttributeDefinition();


        Class interceptedClass = method.getDeclaringClass();


        // add the class level attributes for the implementing class
        addClassAttributes(definition, interceptedClass);


        // add the class level attributes for the implemented interfaces
        addClassAttributes(definition, interceptedClass.getInterfaces());


        // add the method level attributes for the implemented method
        addMethodAttributes(definition, method);


        // add the method level attributes for the implemented intreface methods
        addInterfaceMethodAttributes(definition, method);


        if (definition.size() == 0) {
            return null;
        } else {
            return definition;
        }
    }

View Full Code Here

    public boolean isAllowed(MethodInvocation mi, Authentication authentication) {
        Assert.notNull(mi, "MethodInvocation required");
        Assert.notNull(mi.getMethod(),
            "MethodInvocation must provide a non-null getMethod()");


        ConfigAttributeDefinition attrs = securityInterceptor.obtainObjectDefinitionSource()
                                                             .getAttributes(mi);


        if (attrs == null) {
            if (securityInterceptor.isRejectPublicInvocations()) {
                return false;

View Full Code Here


    public void doFilter(ServletRequest request, ServletResponse response,
        FilterChain chain) throws IOException, ServletException {
        FilterInvocation fi = new FilterInvocation(request, response, chain);


        ConfigAttributeDefinition cad = this.filterInvocationDefinitionSource
            .getAttributes(fi);


        if (cad == null) {
            if (logger.isDebugEnabled()) {
                logger.debug(fi.getRequestUrl() + " has no matching filters");

View Full Code Here

        Iterator cads = this.filterInvocationDefinitionSource
            .getConfigAttributeDefinitions();
        Set list = new LinkedHashSet();


        while (cads.hasNext()) {
            ConfigAttributeDefinition attribDef = (ConfigAttributeDefinition) cads
                .next();
            Filter[] filters = obtainAllDefinedFilters(attribDef);


            for (int i = 0; i < filters.length; i++) {
                list.add(filters[i]);

View Full Code Here

0 1 2

TOP

Related Classes of org.acegisecurity.ConfigAttributeDefinition

$.DBFilterInvocationDefinitionSource

org.acegisecurity.intercept.AbstractSecurityInterceptor

org.acegisecurity.intercept.method.MethodDefinitionAttributes

org.acegisecurity.intercept.method.MethodDefinitionMap

org.acegisecurity.intercept.method.MethodDefinitionSourceEditor

org.acegisecurity.intercept.method.MethodInvocationPrivilegeEvaluator

org.acegisecurity.intercept.web.FilterInvocationDefinitionDecorator

org.acegisecurity.intercept.web.FilterInvocationDefinitionSourceEditor

org.acegisecurity.intercept.web.WebInvocationPrivilegeEvaluator

org.acegisecurity.securechannel.ChannelProcessingFilter

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.