Package org.springframework.security

Examples of org.springframework.security.ConfigAttributeDefinition

97
98
99
100
101
102
103
104
105
106
107
        }
       
        boolean result = true;
       
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[] {Authority.ROLE_FOUSER});
        try {
            _accessDecisionManager.decide(authentication, page, config);
        } catch (AccessDeniedException ex) {
            result = false;
        }
View Full Code Here
43
44
45
46
47
48
49
50
51
52
53
        if (((null == _roles) || "".equals(_roles))) {
            return (authentication != null)? true : false;
        }

        String[] attributeTokens = StringUtils.delimitedListToStringArray(_roles, ",", " \t\r\n\f");
        ConfigAttributeDefinition config = new ConfigAttributeDefinition(attributeTokens);
        boolean result = true;
        try {
            _accessDecisionManager.decide(authentication, _resources.getContainer(), config);
        } catch (AccessDeniedException ex) {
            result = false;
View Full Code Here
46
47
48
49
50
51
52
53
54
55
56
                if (className.length() != 0) {
                    Class clazz = Class.forName(className);
                    Object annotation = clazz.getAnnotation(Secured.class);
                    if (annotation != null) {
                        String[] values = ((Secured) annotation).value();
                        ConfigAttributeDefinition attributeDef = new ConfigAttributeDefinition(values);
                        _securityChecker.checkBeforeInvocation(attributeDef);
                    }
                }
            } catch (ClassNotFoundException e) {
                // no-op
View Full Code Here
55
56
57
58
59
60
61
62
63
64
65
        // wrap the processor with authorizeDelegateProcessor
        return new AuthorizeDelegateProcess(processor);
    }
   
    protected void beforeProcess(Exchange exchange) throws Exception {
        ConfigAttributeDefinition attributes = accessPolicy.getConfigAttributeDefinition();
       
        try {
            Authentication authToken = getAuthentication(exchange.getIn());
            if (authToken == null) {
                CamelAuthorizationException authorizationException =
View Full Code Here
29
30
31
32
33
34
35
36
        String[] accessValues = StringUtils.trimArrayElements(StringUtils
            .commaDelimitedListToStringArray(access));

        this.configAttributeDefinition = (accessValues.length > 0)
            ? new ConfigAttributeDefinition(accessValues) : null;

    }
View Full Code Here
239
240
241
242
243
244
245
246
247
248
249
        Assert.state( getAccessDecisionManager() != null, "The AccessDecisionManager can not be null!" );
        boolean authorize = false;
        try {
            if( authentication != null ) {
                Object securedObject = getSecuredObject();
                ConfigAttributeDefinition cad = getConfigAttributeDefinition( securedObject );
                getAccessDecisionManager().decide( authentication, getSecuredObject(), cad );
                authorize = true;
            }
        } catch( AccessDeniedException e ) {
            // This means the secured objects should not be authorized
View Full Code Here
34
35
36
37
38
39
40
41
42
43
44
45
46
47
     * Test that the role string is properly parsed
     */
    public void testSetAuthorizingRoles() {
        controller.setAuthorizingRoles( "ROLE_1,ROLE_2" );

        ConfigAttributeDefinition cad = controller.getParsedConfigs();
        assertTrue( "Should be 2 roles", cad.getConfigAttributes().size() == 2 );

        Iterator iter = cad.getConfigAttributes().iterator();
        ConfigAttribute attr1 = (ConfigAttribute) iter.next();
        ConfigAttribute attr2 = (ConfigAttribute) iter.next();

        assertEquals( "Should be ROLE_1", attr1.getAttribute(), "ROLE_1" );
        assertEquals( "Should be ROLE_2", attr2.getAttribute(), "ROLE_2" );
View Full Code Here
88
89
90
91
92
93
94
95
96
97
98
   * @param rule the rule to base the decision
   * @param object the execution listener phase
   */
  protected void decide(SecurityRule rule, Object object) {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    ConfigAttributeDefinition config = new ConfigAttributeDefinition(getConfigAttributes(rule));
    if (accessDecisionManager != null) {
      accessDecisionManager.decide(authentication, object, config);
    } else {
      AbstractAccessDecisionManager abstractAccessDecisionManager;
      List voters = new ArrayList();
View Full Code Here
57
58
59
60
61
62
63
64
65
66
67
    FilterInvocation filterInvocation = (FilterInvocation)object;

    String url = determineUrl(filterInvocation);

    ConfigAttributeDefinition configAttribute = findConfigAttribute(url);
    if (configAttribute == null && _rejectIfNoRule) {
      return DENY;
    }

    return configAttribute;
View Full Code Here
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
  private ConfigAttributeDefinition findConfigAttribute(final String url) {

    initialize();

    ConfigAttributeDefinition configAttribute = null;
    Object configAttributePattern = null;

    for (Map.Entry<Object, ConfigAttributeDefinition> entry : _compiled.entrySet()) {
      Object pattern = entry.getKey();
      if (_urlMatcher.pathMatchesUrl(pattern, url)) {
        // TODO  this assumes Ant matching, not valid for regex
        if (configAttribute == null || _urlMatcher.pathMatchesUrl(configAttributePattern, (String)pattern)) {
          configAttribute = entry.getValue();
          configAttributePattern = pattern;
          if (_log.isTraceEnabled()) {
            _log.trace("new candidate for '" + url + "': '" + pattern
                + "':" + configAttribute.getConfigAttributes());
          }
        }
      }
    }

    if (_log.isTraceEnabled()) {
      if (configAttribute == null) {
        _log.trace("no config for '" + url + "'");
      }
      else {
        _log.trace("config for '" + url + "' is '" + configAttributePattern
            + "':" + configAttribute.getConfigAttributes());
      }
    }

    return configAttribute;
  }
View Full Code Here
TOP

Related Classes of org.springframework.security.ConfigAttributeDefinition

  • org.apache.camel.component.spring.security.SpringSecurityAccessPolicy
  • org.apache.camel.component.spring.security.SpringSecurityAuthorizationPolicy
  • org.codehaus.groovy.grails.plugins.springsecurity.AbstractFilterInvocationDefinition
  • org.codehaus.groovy.grails.plugins.springsecurity.AnnotationFilterInvocationDefinition
  • org.codehaus.groovy.grails.plugins.springsecurity.RequestmapFilterInvocationDefinition
  • org.geoserver.security.RESTfulDefinitionSource
  • org.geoserver.xacml.geoxacml.XACMLURLMatchingTest
  • org.springframework.richclient.security.support.AbstractSecurityController
  • org.springframework.richclient.security.support.UserRoleSecurityControllerTests
  • org.springframework.webflow.security.SecurityFlowExecutionListener
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.