Examples of org.springframework.security.access.vote.RoleVoter

• org.springframework.security.access.vote.RoleVoter
  Votes if any {@link ConfigAttribute#getAttribute()} starts with a prefixindicating that it is a role. The default prefix string is ROLE_, but this may be overridden to any value. It may also be set to empty, which means that essentially any attribute will be voted on. As described further below, the effect of an empty prefix may not be quite desirable.

  Abstains from voting if no configuration attribute commences with the role prefix. Votes to grant access if there is an exact matching {@link org.springframework.security.core.GrantedAuthority} to a ConfigAttributestarting with the role prefix. Votes to deny access if there is no exact matching GrantedAuthority to a ConfigAttribute starting with the role prefix.

  An empty role prefix means that the voter will vote for every ConfigAttribute. When there are different categories of ConfigAttributes used, this will not be optimal since the voter will be voting for attributes which do not represent roles. However, this option may be of some use when using pre-existing role names without a prefix, and no ability exists to prefix them with a role prefix on reading them in, such as provided for example in {@link org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl}.

  All comparisons and prefixes are case sensitive. @author Ben Alex @author colin sampaleanu

        ExpressionBasedPreInvocationAdvice expressionAdvice = new ExpressionBasedPreInvocationAdvice();
        expressionAdvice.setExpressionHandler(getExpressionHandler());

        decisionVoters.add(new PreInvocationAuthorizationAdviceVoter(
                expressionAdvice));
        decisionVoters.add(new RoleVoter());
        decisionVoters.add(new AuthenticatedVoter());
        return new AffirmativeBased(decisionVoters);
    }

     */
    @Override
    @SuppressWarnings("rawtypes")
    final List<AccessDecisionVoter> getDecisionVoters() {
        List<AccessDecisionVoter> decisionVoters = new ArrayList<AccessDecisionVoter>();
        decisionVoters.add(new RoleVoter());
        decisionVoters.add(new AuthenticatedVoter());
        return decisionVoters;
    }

public class MyAppSpringConfiguration {


    @Bean
    public RoleVoter getRoleVoter() {
        RoleVoter roleVoter = new RoleVoter();
        roleVoter.setRolePrefix("ROLE _");
        return roleVoter;
    }

        FilterSecurityInterceptor filter = new FilterSecurityInterceptor();

        filter.setAuthenticationManager(getSecurityManager());

        List<AccessDecisionVoter> voters = new ArrayList<AccessDecisionVoter>();
        RoleVoter roleVoter = new RoleVoter();
        roleVoter.setRolePrefix("");
        voters.add(roleVoter);
        voters.add(new AuthenticatedVoter());
        AffirmativeBased accessDecisionManager = new AffirmativeBased(voters);
        accessDecisionManager.setAllowIfAllAbstainDecisions(siConfig.isAllowIfAllAbstainDecisions());
        filter.setAccessDecisionManager(accessDecisionManager);

    @Bean
    @Autowired
    public Filter filterSecurityInterceptor(AuthenticationManager authenticationManager) throws Exception {
        FilterSecurityInterceptor filter = new FilterSecurityInterceptor();
        filter.setAuthenticationManager(authenticationManager);
        filter.setAccessDecisionManager(new AffirmativeBased(asList((AccessDecisionVoter) new RoleVoter())));
        filter.setSecurityMetadataSource(securityMetadataSource());
        filter.afterPropertiesSet();
        return filter;
    }