Search in sources :

Example 1 with Jsr250Voter

use of org.springframework.security.access.annotation.Jsr250Voter in project spring-security by spring-projects.

the class GlobalMethodSecurityConfiguration method accessDecisionManager.

/**
 * Allows subclasses to provide a custom {@link AccessDecisionManager}. The default is
 * a {@link AffirmativeBased} with the following voters:
 *
 * <ul>
 * <li>{@link PreInvocationAuthorizationAdviceVoter}</li>
 * <li>{@link RoleVoter}</li>
 * <li>{@link AuthenticatedVoter}</li>
 * </ul>
 * @return the {@link AccessDecisionManager} to use
 */
protected AccessDecisionManager accessDecisionManager() {
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    if (prePostEnabled()) {
        ExpressionBasedPreInvocationAdvice expressionAdvice = new ExpressionBasedPreInvocationAdvice();
        expressionAdvice.setExpressionHandler(getExpressionHandler());
        decisionVoters.add(new PreInvocationAuthorizationAdviceVoter(expressionAdvice));
    }
    if (jsr250Enabled()) {
        decisionVoters.add(new Jsr250Voter());
    }
    RoleVoter roleVoter = new RoleVoter();
    GrantedAuthorityDefaults grantedAuthorityDefaults = getSingleBeanOrNull(GrantedAuthorityDefaults.class);
    if (grantedAuthorityDefaults != null) {
        roleVoter.setRolePrefix(grantedAuthorityDefaults.getRolePrefix());
    }
    decisionVoters.add(roleVoter);
    decisionVoters.add(new AuthenticatedVoter());
    return new AffirmativeBased(decisionVoters);
}
Also used : AuthenticatedVoter(org.springframework.security.access.vote.AuthenticatedVoter) Jsr250Voter(org.springframework.security.access.annotation.Jsr250Voter) GrantedAuthorityDefaults(org.springframework.security.config.core.GrantedAuthorityDefaults) AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) ArrayList(java.util.ArrayList) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter) ExpressionBasedPreInvocationAdvice(org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice) PreInvocationAuthorizationAdviceVoter(org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter)

Aggregations

ArrayList (java.util.ArrayList)1 AccessDecisionVoter (org.springframework.security.access.AccessDecisionVoter)1 Jsr250Voter (org.springframework.security.access.annotation.Jsr250Voter)1 ExpressionBasedPreInvocationAdvice (org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice)1 PreInvocationAuthorizationAdviceVoter (org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter)1 AffirmativeBased (org.springframework.security.access.vote.AffirmativeBased)1 AuthenticatedVoter (org.springframework.security.access.vote.AuthenticatedVoter)1 RoleVoter (org.springframework.security.access.vote.RoleVoter)1 GrantedAuthorityDefaults (org.springframework.security.config.core.GrantedAuthorityDefaults)1