Examples with ChannelSecurityInterceptor org.springframework.integration.security.channel.ChannelSecurityInterceptor used on opensource projects

Example 1 with ChannelSecurityInterceptor

use of org.springframework.integration.security.channel.ChannelSecurityInterceptor in project tutorials by eugenp.

the class SecuredDirectChannel method channelSecurityInterceptor.

@Autowired
@Bean
public ChannelSecurityInterceptor channelSecurityInterceptor(AuthenticationManager authenticationManager, AccessDecisionManager customAccessDecisionManager) {
    ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor();
    channelSecurityInterceptor.setAuthenticationManager(authenticationManager);
    channelSecurityInterceptor.setAccessDecisionManager(customAccessDecisionManager);
    return channelSecurityInterceptor;
}

Example 2 with ChannelSecurityInterceptor

use of org.springframework.integration.security.channel.ChannelSecurityInterceptor in project tutorials by eugenp.

the class SecurityConfig method channelSecurityInterceptor.

@Autowired
@Bean
public ChannelSecurityInterceptor channelSecurityInterceptor(AuthenticationManager authenticationManager, AccessDecisionManager customAccessDecisionManager) {
    ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor();
    channelSecurityInterceptor.setAuthenticationManager(authenticationManager);
    channelSecurityInterceptor.setAccessDecisionManager(customAccessDecisionManager);
    return channelSecurityInterceptor;
}

Example 3 with ChannelSecurityInterceptor

use of org.springframework.integration.security.channel.ChannelSecurityInterceptor in project spring-integration by spring-projects.

the class ChannelSecurityInterceptorBeanPostProcessor method postProcessBeforeInitialization.

@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) {
    if (this.accessPolicyMapping != null && bean instanceof ChannelSecurityInterceptor && this.accessPolicyMapping.containsKey(beanName)) {
        Map<Pattern, ChannelAccessPolicy> accessPolicies = this.accessPolicyMapping.get(beanName);
        ChannelSecurityMetadataSource securityMetadataSource = (ChannelSecurityMetadataSource) ((ChannelSecurityInterceptor) bean).obtainSecurityMetadataSource();
        for (Map.Entry<Pattern, ChannelAccessPolicy> entry : accessPolicies.entrySet()) {
            securityMetadataSource.addPatternMapping(entry.getKey(), entry.getValue());
        }
    }
    return bean;
}

Example 4 with ChannelSecurityInterceptor

use of org.springframework.integration.security.channel.ChannelSecurityInterceptor in project spring-integration by spring-projects.

the class SecuredChannelsParserTests method testAdminOrUserRequiredForReceive.

@Test
public void testAdminOrUserRequiredForReceive() {
    String beanName = "adminOrUserRequiredForReceive";
    messageChannel.setBeanName(beanName);
    MessageChannel proxy = (MessageChannel) applicationContext.getAutowireCapableBeanFactory().applyBeanPostProcessorsAfterInitialization(messageChannel, beanName);
    assertTrue("Channel was not proxied", AopUtils.isAopProxy(proxy));
    Advisor[] advisors = ((Advised) proxy).getAdvisors();
    assertEquals("Wrong number of interceptors", 1, advisors.length);
    ChannelSecurityInterceptor interceptor = (ChannelSecurityInterceptor) advisors[0].getAdvice();
    ChannelAccessPolicy policy = this.retrievePolicyForPatternString(beanName, interceptor);
    assertNotNull("Pattern '" + beanName + "' is not included in mappings", policy);
    Collection<ConfigAttribute> sendDefinition = policy.getConfigAttributesForSend();
    Collection<ConfigAttribute> receiveDefinition = policy.getConfigAttributesForReceive();
    Collection<String> receiveRoles = this.getRolesFromDefintion(receiveDefinition);
    assertTrue("ROLE_ADMIN not found as receive attribute", receiveRoles.contains("ROLE_ADMIN"));
    assertTrue("ROLE_USER not found as receive attribute", receiveRoles.contains("ROLE_USER"));
    assertTrue("Policy applies to receive", sendDefinition.size() == 0);
}

Example 5 with ChannelSecurityInterceptor

use of org.springframework.integration.security.channel.ChannelSecurityInterceptor in project spring-integration by spring-projects.

the class SecuredChannelsParserTests method testAdminRequiredForReceive.

@Test
public void testAdminRequiredForReceive() {
    String beanName = "adminRequiredForReceive";
    messageChannel.setBeanName(beanName);
    MessageChannel proxy = (MessageChannel) applicationContext.getAutowireCapableBeanFactory().applyBeanPostProcessorsAfterInitialization(messageChannel, beanName);
    assertTrue("Channel was not proxied", AopUtils.isAopProxy(proxy));
    Advisor[] advisors = ((Advised) proxy).getAdvisors();
    assertEquals("Wrong number of interceptors", 1, advisors.length);
    ChannelSecurityInterceptor interceptor = (ChannelSecurityInterceptor) advisors[0].getAdvice();
    ChannelAccessPolicy policy = this.retrievePolicyForPatternString(beanName, interceptor);
    assertNotNull("Pattern '" + beanName + "' is not included in mappings", policy);
    Collection<ConfigAttribute> sendDefinition = policy.getConfigAttributesForSend();
    Collection<ConfigAttribute> receiveDefinition = policy.getConfigAttributesForReceive();
    Collection<String> receiveRoles = this.getRolesFromDefintion(receiveDefinition);
    assertTrue("ROLE_ADMIN not found as receive attribute", receiveRoles.contains("ROLE_ADMIN"));
    assertTrue("Policy applies to receive", sendDefinition.size() == 0);
}