Examples with SecurityConfig org.springframework.security.access.SecurityConfig used on opensource projects

Search in sources :

Example 16 with SecurityConfig

use of org.springframework.security.access.SecurityConfig in project spring-security-oauth by spring-projects.

the class ScopeVoterTests method testExceptionThrownIfWrongScopesPresent.

@Test(expected = AccessDeniedException.class)
public void testExceptionThrownIfWrongScopesPresent() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(oAuth2Authentication, null, Collections.<ConfigAttribute>singleton(new SecurityConfig("SCOPE_WRITE"))));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 17 with SecurityConfig

use of org.springframework.security.access.SecurityConfig in project spring-security-oauth by spring-projects.

the class ScopeVoterTests method testAccessDeniedIfWrongScopesPresent.

@Test
public void testAccessDeniedIfWrongScopesPresent() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", false, Collections.singleton("read"));
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    voter.setThrowException(false);
    assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(oAuth2Authentication, null, Collections.<ConfigAttribute>singleton(new SecurityConfig("SCOPE_WRITE"))));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 18 with SecurityConfig

use of org.springframework.security.access.SecurityConfig in project midpoint by Evolveum.

the class AbstractModelIntegrationTest method createConfigAttributes.

protected Collection<ConfigAttribute> createConfigAttributes(String action) {
    Collection<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>();
    attrs.add(new SecurityConfig(action));
    return attrs;
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) ArrayList(java.util.ArrayList)

Example 19 with SecurityConfig

use of org.springframework.security.access.SecurityConfig in project spring-security by spring-projects.

the class ChannelSecurityConfigurer method addAttribute.

private ChannelRequestMatcherRegistry addAttribute(String attribute, List<? extends RequestMatcher> matchers) {
    for (RequestMatcher matcher : matchers) {
        Collection<ConfigAttribute> attrs = Arrays.<ConfigAttribute>asList(new SecurityConfig(attribute));
        requestMap.put(matcher, attrs);
    }
    return REGISTRY;
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) MvcRequestMatcher(org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher) ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig)

Example 20 with SecurityConfig

use of org.springframework.security.access.SecurityConfig in project spring-security by spring-projects.

the class GlobalMethodSecurityBeanDefinitionParser method parseProtectPointcuts.

private Map<String, List<ConfigAttribute>> parseProtectPointcuts(ParserContext parserContext, List<Element> protectPointcutElts) {
    Map<String, List<ConfigAttribute>> pointcutMap = new LinkedHashMap<String, List<ConfigAttribute>>();
    for (Element childElt : protectPointcutElts) {
        String accessConfig = childElt.getAttribute(ATT_ACCESS);
        String expression = childElt.getAttribute(ATT_EXPRESSION);
        if (!StringUtils.hasText(accessConfig)) {
            parserContext.getReaderContext().error("Access configuration required", parserContext.extractSource(childElt));
        }
        if (!StringUtils.hasText(expression)) {
            parserContext.getReaderContext().error("Pointcut expression required", parserContext.extractSource(childElt));
        }
        String[] attributeTokens = StringUtils.commaDelimitedListToStringArray(accessConfig);
        List<ConfigAttribute> attributes = new ArrayList<ConfigAttribute>(attributeTokens.length);
        for (String token : attributeTokens) {
            attributes.add(new SecurityConfig(token));
        }
        pointcutMap.put(expression, attributes);
    }
    return pointcutMap;
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) SecurityConfig(org.springframework.security.access.SecurityConfig) BeanMetadataElement(org.springframework.beans.BeanMetadataElement) Element(org.w3c.dom.Element) ArrayList(java.util.ArrayList) ManagedList(org.springframework.beans.factory.support.ManagedList) List(java.util.List) ArrayList(java.util.ArrayList) LinkedHashMap(java.util.LinkedHashMap)

Aggregations

SecurityConfig (org.springframework.security.access.SecurityConfig)39 Test (org.junit.Test)33 ConfigAttribute (org.springframework.security.access.ConfigAttribute)21 List (java.util.List)7 Vector (java.util.Vector)6 Authentication (org.springframework.security.core.Authentication)6 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)6 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)5 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)5 MethodInvocation (org.aopalliance.intercept.MethodInvocation)4 AccessDeniedException (org.springframework.security.access.AccessDeniedException)4 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)4 AuditApplicationEvent (org.springframework.boot.actuate.audit.listener.AuditApplicationEvent)3 ArrayList (java.util.ArrayList)2 AuthorizationFailureEvent (org.springframework.security.access.event.AuthorizationFailureEvent)2 DefaultFilterInvocationSecurityMetadataSource (org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource)2 Method (java.lang.reflect.Method)1 LinkedHashMap (java.util.LinkedHashMap)1 Before (org.junit.Before)1 BeanMetadataElement (org.springframework.beans.BeanMetadataElement)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial