Search in sources :

Example 1 with ChannelAccessPolicy

use of org.springframework.integration.security.channel.ChannelAccessPolicy in project spring-integration by spring-projects.

the class ChannelSecurityInterceptorBeanPostProcessor method postProcessBeforeInitialization.

@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) {
    if (this.accessPolicyMapping != null && bean instanceof ChannelSecurityInterceptor && this.accessPolicyMapping.containsKey(beanName)) {
        Map<Pattern, ChannelAccessPolicy> accessPolicies = this.accessPolicyMapping.get(beanName);
        ChannelSecurityMetadataSource securityMetadataSource = (ChannelSecurityMetadataSource) ((ChannelSecurityInterceptor) bean).obtainSecurityMetadataSource();
        for (Map.Entry<Pattern, ChannelAccessPolicy> entry : accessPolicies.entrySet()) {
            securityMetadataSource.addPatternMapping(entry.getKey(), entry.getValue());
        }
    }
    return bean;
}
Also used : Pattern(java.util.regex.Pattern) ChannelAccessPolicy(org.springframework.integration.security.channel.ChannelAccessPolicy) ChannelSecurityMetadataSource(org.springframework.integration.security.channel.ChannelSecurityMetadataSource) ChannelSecurityInterceptor(org.springframework.integration.security.channel.ChannelSecurityInterceptor) Map(java.util.Map)

Example 2 with ChannelAccessPolicy

use of org.springframework.integration.security.channel.ChannelAccessPolicy in project spring-integration by spring-projects.

the class SecuredChannelsParserTests method testAdminOrUserRequiredForReceive.

@Test
public void testAdminOrUserRequiredForReceive() {
    String beanName = "adminOrUserRequiredForReceive";
    messageChannel.setBeanName(beanName);
    MessageChannel proxy = (MessageChannel) applicationContext.getAutowireCapableBeanFactory().applyBeanPostProcessorsAfterInitialization(messageChannel, beanName);
    assertTrue("Channel was not proxied", AopUtils.isAopProxy(proxy));
    Advisor[] advisors = ((Advised) proxy).getAdvisors();
    assertEquals("Wrong number of interceptors", 1, advisors.length);
    ChannelSecurityInterceptor interceptor = (ChannelSecurityInterceptor) advisors[0].getAdvice();
    ChannelAccessPolicy policy = this.retrievePolicyForPatternString(beanName, interceptor);
    assertNotNull("Pattern '" + beanName + "' is not included in mappings", policy);
    Collection<ConfigAttribute> sendDefinition = policy.getConfigAttributesForSend();
    Collection<ConfigAttribute> receiveDefinition = policy.getConfigAttributesForReceive();
    Collection<String> receiveRoles = this.getRolesFromDefintion(receiveDefinition);
    assertTrue("ROLE_ADMIN not found as receive attribute", receiveRoles.contains("ROLE_ADMIN"));
    assertTrue("ROLE_USER not found as receive attribute", receiveRoles.contains("ROLE_USER"));
    assertTrue("Policy applies to receive", sendDefinition.size() == 0);
}
Also used : MessageChannel(org.springframework.messaging.MessageChannel) ChannelAccessPolicy(org.springframework.integration.security.channel.ChannelAccessPolicy) Advised(org.springframework.aop.framework.Advised) ConfigAttribute(org.springframework.security.access.ConfigAttribute) Advisor(org.springframework.aop.Advisor) ChannelSecurityInterceptor(org.springframework.integration.security.channel.ChannelSecurityInterceptor) Test(org.junit.Test)

Example 3 with ChannelAccessPolicy

use of org.springframework.integration.security.channel.ChannelAccessPolicy in project spring-integration by spring-projects.

the class SecuredChannelsParserTests method testAdminRequiredForReceive.

@Test
public void testAdminRequiredForReceive() {
    String beanName = "adminRequiredForReceive";
    messageChannel.setBeanName(beanName);
    MessageChannel proxy = (MessageChannel) applicationContext.getAutowireCapableBeanFactory().applyBeanPostProcessorsAfterInitialization(messageChannel, beanName);
    assertTrue("Channel was not proxied", AopUtils.isAopProxy(proxy));
    Advisor[] advisors = ((Advised) proxy).getAdvisors();
    assertEquals("Wrong number of interceptors", 1, advisors.length);
    ChannelSecurityInterceptor interceptor = (ChannelSecurityInterceptor) advisors[0].getAdvice();
    ChannelAccessPolicy policy = this.retrievePolicyForPatternString(beanName, interceptor);
    assertNotNull("Pattern '" + beanName + "' is not included in mappings", policy);
    Collection<ConfigAttribute> sendDefinition = policy.getConfigAttributesForSend();
    Collection<ConfigAttribute> receiveDefinition = policy.getConfigAttributesForReceive();
    Collection<String> receiveRoles = this.getRolesFromDefintion(receiveDefinition);
    assertTrue("ROLE_ADMIN not found as receive attribute", receiveRoles.contains("ROLE_ADMIN"));
    assertTrue("Policy applies to receive", sendDefinition.size() == 0);
}
Also used : MessageChannel(org.springframework.messaging.MessageChannel) ChannelAccessPolicy(org.springframework.integration.security.channel.ChannelAccessPolicy) Advised(org.springframework.aop.framework.Advised) ConfigAttribute(org.springframework.security.access.ConfigAttribute) Advisor(org.springframework.aop.Advisor) ChannelSecurityInterceptor(org.springframework.integration.security.channel.ChannelSecurityInterceptor) Test(org.junit.Test)

Example 4 with ChannelAccessPolicy

use of org.springframework.integration.security.channel.ChannelAccessPolicy in project spring-integration by spring-projects.

the class SecuredChannelsParserTests method testAdminRequiredForSend.

@Test
public void testAdminRequiredForSend() {
    String beanName = "adminRequiredForSend";
    messageChannel.setBeanName(beanName);
    MessageChannel proxy = (MessageChannel) applicationContext.getAutowireCapableBeanFactory().applyBeanPostProcessorsAfterInitialization(messageChannel, beanName);
    assertTrue("Channel was not proxied", AopUtils.isAopProxy(proxy));
    Advisor[] advisors = ((Advised) proxy).getAdvisors();
    assertEquals("Wrong number of interceptors", 1, advisors.length);
    ChannelSecurityInterceptor interceptor = (ChannelSecurityInterceptor) advisors[0].getAdvice();
    ChannelAccessPolicy policy = this.retrievePolicyForPatternString(beanName, interceptor);
    assertNotNull("Pattern '" + beanName + "' is not included in mappings", policy);
    Collection<ConfigAttribute> sendDefinition = policy.getConfigAttributesForSend();
    Collection<ConfigAttribute> receiveDefinition = policy.getConfigAttributesForReceive();
    assertTrue("ROLE_ADMIN not found as send attribute", this.getRolesFromDefintion(sendDefinition).contains("ROLE_ADMIN"));
    assertTrue("Policy applies to receive", receiveDefinition.size() == 0);
}
Also used : MessageChannel(org.springframework.messaging.MessageChannel) ChannelAccessPolicy(org.springframework.integration.security.channel.ChannelAccessPolicy) Advised(org.springframework.aop.framework.Advised) ConfigAttribute(org.springframework.security.access.ConfigAttribute) Advisor(org.springframework.aop.Advisor) ChannelSecurityInterceptor(org.springframework.integration.security.channel.ChannelSecurityInterceptor) Test(org.junit.Test)

Example 5 with ChannelAccessPolicy

use of org.springframework.integration.security.channel.ChannelAccessPolicy in project spring-integration by spring-projects.

the class SecuredChannelsParserTests method testAdminOrUserRequiredForSend.

@Test
public void testAdminOrUserRequiredForSend() {
    String beanName = "adminOrUserRequiredForSend";
    messageChannel.setBeanName(beanName);
    MessageChannel proxy = (MessageChannel) applicationContext.getAutowireCapableBeanFactory().applyBeanPostProcessorsAfterInitialization(messageChannel, beanName);
    assertTrue("Channel was not proxied", AopUtils.isAopProxy(proxy));
    Advisor[] advisors = ((Advised) proxy).getAdvisors();
    assertEquals("Wrong number of interceptors", 1, advisors.length);
    ChannelSecurityInterceptor interceptor = (ChannelSecurityInterceptor) advisors[0].getAdvice();
    ChannelAccessPolicy policy = this.retrievePolicyForPatternString(beanName, interceptor);
    assertNotNull("Pattern '" + beanName + "' is not included in mappings", policy);
    Collection<ConfigAttribute> sendDefinition = policy.getConfigAttributesForSend();
    Collection<ConfigAttribute> receiveDefinition = policy.getConfigAttributesForReceive();
    Collection<String> sendRoles = this.getRolesFromDefintion(sendDefinition);
    assertTrue("ROLE_ADMIN not found as send attribute", sendRoles.contains("ROLE_ADMIN"));
    assertTrue("ROLE_USER not found as send attribute", sendRoles.contains("ROLE_USER"));
    assertTrue("Policy applies to receive", receiveDefinition.size() == 0);
}
Also used : MessageChannel(org.springframework.messaging.MessageChannel) ChannelAccessPolicy(org.springframework.integration.security.channel.ChannelAccessPolicy) Advised(org.springframework.aop.framework.Advised) ConfigAttribute(org.springframework.security.access.ConfigAttribute) Advisor(org.springframework.aop.Advisor) ChannelSecurityInterceptor(org.springframework.integration.security.channel.ChannelSecurityInterceptor) Test(org.junit.Test)

Aggregations

ChannelAccessPolicy (org.springframework.integration.security.channel.ChannelAccessPolicy)8 ChannelSecurityInterceptor (org.springframework.integration.security.channel.ChannelSecurityInterceptor)7 Test (org.junit.Test)5 Advisor (org.springframework.aop.Advisor)5 Advised (org.springframework.aop.framework.Advised)5 MessageChannel (org.springframework.messaging.MessageChannel)5 ConfigAttribute (org.springframework.security.access.ConfigAttribute)5 Map (java.util.Map)3 Pattern (java.util.regex.Pattern)3 HashMap (java.util.HashMap)1 DirectFieldAccessor (org.springframework.beans.DirectFieldAccessor)1 AnnotatedBeanDefinition (org.springframework.beans.factory.annotation.AnnotatedBeanDefinition)1 BeanDefinition (org.springframework.beans.factory.config.BeanDefinition)1 BeanDefinitionBuilder (org.springframework.beans.factory.support.BeanDefinitionBuilder)1 BeanDefinitionRegistry (org.springframework.beans.factory.support.BeanDefinitionRegistry)1 ManagedMap (org.springframework.beans.factory.support.ManagedMap)1 ManagedSet (org.springframework.beans.factory.support.ManagedSet)1 MethodMetadata (org.springframework.core.type.MethodMetadata)1 ChannelSecurityMetadataSource (org.springframework.integration.security.channel.ChannelSecurityMetadataSource)1 DefaultChannelAccessPolicy (org.springframework.integration.security.channel.DefaultChannelAccessPolicy)1