Search in sources :

Example 1 with AccessDecisionManager

use of org.springframework.security.access.AccessDecisionManager in project dhis2-core by dhis2.

the class LogicalOrAccessDecisionManager method decide.

// -------------------------------------------------------------------------
// Interface implementation
// -------------------------------------------------------------------------
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
    AccessDeniedException ade = null;
    InsufficientAuthenticationException iae = null;
    for (AccessDecisionManager accessDecisionManager : accessDecisionManagers) {
        if (accessDecisionManager.supports(object.getClass())) {
            try {
                accessDecisionManager.decide(authentication, object, configAttributes);
                LOG.debug("ACCESS GRANTED [" + object.toString() + "]");
                return;
            } catch (AccessDeniedException e) {
                ade = e;
            } catch (InsufficientAuthenticationException e) {
                iae = e;
            }
        }
    }
    LOG.debug("ACCESS DENIED [" + object.toString() + "]");
    if (ade != null) {
        throw ade;
    }
    if (iae != null) {
        throw iae;
    }
}
Also used : AccessDeniedException(org.springframework.security.access.AccessDeniedException) AccessDecisionManager(org.springframework.security.access.AccessDecisionManager) InsufficientAuthenticationException(org.springframework.security.authentication.InsufficientAuthenticationException)

Aggregations

AccessDecisionManager (org.springframework.security.access.AccessDecisionManager)1 AccessDeniedException (org.springframework.security.access.AccessDeniedException)1 InsufficientAuthenticationException (org.springframework.security.authentication.InsufficientAuthenticationException)1