Examples with InterceptorStatusToken net.sf.acegisecurity.intercept.InterceptorStatusToken used on opensource projects

Example 1 with InterceptorStatusToken

use of net.sf.acegisecurity.intercept.InterceptorStatusToken in project records-management by Alfresco.

the class RMMethodSecurityInterceptor method invoke.

/**
 * @see net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor#invoke(org.aopalliance.intercept.MethodInvocation)
 */
@Override
public Object invoke(MethodInvocation mi) throws Throwable {
    Object result = null;
    InterceptorStatusToken token = beforeInvocation(mi);
    try {
        result = mi.proceed();
    } finally {
        result = super.afterInvocation(token, result);
    }
    return result;
}

Example 2 with InterceptorStatusToken

use of net.sf.acegisecurity.intercept.InterceptorStatusToken in project records-management by Alfresco.

the class RMMethodSecurityInterceptor method beforeInvocation.

/**
 * @see net.sf.acegisecurity.intercept.AbstractSecurityInterceptor#beforeInvocation(java.lang.Object)
 */
@Override
protected InterceptorStatusToken beforeInvocation(Object object) {
    InterceptorStatusToken result = null;
    try {
        // clear the capability report information
        RMMethodSecurityInterceptor.CAPABILITIES.remove();
        RMMethodSecurityInterceptor.IS_RM_SECURITY_CHECK.remove();
        RMMethodSecurityInterceptor.MESSAGES.remove();
        // before invocation (where method security check takes place)
        result = super.beforeInvocation(object);
    } catch (AccessDeniedException exception) {
        if (LOGGER.isDebugEnabled()) {
            MethodInvocation mi = (MethodInvocation) object;
            StringBuilder methodDetails = new StringBuilder("\n");
            if (RMMethodSecurityInterceptor.IS_RM_SECURITY_CHECK.get()) {
                methodDetails.append("RM method security check was performed.\n");
            } else {
                methodDetails.append("Standard DM method security check was performed.\n");
            }
            boolean first = true;
            methodDetails.append("Failed on method:  ").append(mi.getMethod().getName()).append("(");
            for (Object arg : mi.getArguments()) {
                if (first) {
                    first = false;
                } else {
                    methodDetails.append(", ");
                }
                if (arg != null) {
                    methodDetails.append(arg.toString());
                } else {
                    methodDetails.append("null");
                }
            }
            methodDetails.append(")\n");
            List<String> messages = RMMethodSecurityInterceptor.MESSAGES.get();
            for (String message : messages) {
                methodDetails.append(message).append("\n");
            }
            String failureReport = getFailureReport();
            if (failureReport == null) {
                // rethrow with additional information
                throw new AccessDeniedException(exception.getMessage() + methodDetails, exception);
            } else {
                // rethrow with additional information
                throw new AccessDeniedException(exception.getMessage() + methodDetails + getFailureReport(), exception);
            }
        } else {
            throw exception;
        }
    }
    return result;
}