Examples with InterceptorStatusToken - org.springframework.security.access.intercept.InterceptorStatusToken

Example 6 with InterceptorStatusToken

use of org.springframework.security.access.intercept.InterceptorStatusToken in project spring-security by spring-projects.

the class FilterSecurityInterceptor method invoke.

public void invoke(FilterInvocation fi) throws IOException, ServletException {
    if ((fi.getRequest() != null) && (fi.getRequest().getAttribute(FILTER_APPLIED) != null) && observeOncePerRequest) {
        // filter already applied to this request and user wants us to observe
        // once-per-request handling, so don't re-do security checking
        fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
    } else {
        // first time this request being called, so perform security checking
        if (fi.getRequest() != null) {
            fi.getRequest().setAttribute(FILTER_APPLIED, Boolean.TRUE);
        }
        InterceptorStatusToken token = super.beforeInvocation(fi);
        try {
            fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
        } finally {
            super.finallyInvocation(token);
        }
        super.afterInvocation(token, null);
    }
}

Also used : InterceptorStatusToken(org.springframework.security.access.intercept.InterceptorStatusToken)

Example 7 with InterceptorStatusToken

use of org.springframework.security.access.intercept.InterceptorStatusToken in project dhis2-core by dhis2.

the class XWorkSecurityInterceptor method intercept.

@Override
public String intercept(ActionInvocation invocation) throws Exception {
    ActionConfig actionConfig = invocation.getProxy().getConfig();
    definitionSourceTag.set(requiredAuthoritiesProvider.createSecurityMetadataSource(actionConfig));
    InterceptorStatusToken token = beforeInvocation(actionConfig);
    addActionAccessResolver(invocation);
    Object result = null;
    try {
        result = invocation.invoke();
    } finally {
        result = afterInvocation(token, result);
        definitionSourceTag.remove();
    }
    if (result != null) {
        return result.toString();
    }
    return null;
}

Also used : ActionConfig(com.opensymphony.xwork2.config.entities.ActionConfig) InterceptorStatusToken(org.springframework.security.access.intercept.InterceptorStatusToken)

Aggregations

InterceptorStatusToken (org.springframework.security.access.intercept.InterceptorStatusToken)7 ActionConfig (com.opensymphony.xwork2.config.entities.ActionConfig)1