Example 1 with AffirmativeBased
use of org.springframework.security.access.vote.AffirmativeBased in project spring-security by spring-projects.
the class PrePostSecured method setUp.
@Before
public final void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
interceptor = new AspectJMethodSecurityInterceptor();
AccessDecisionVoter[] voters = new AccessDecisionVoter[] { new RoleVoter(), new PreInvocationAuthorizationAdviceVoter(new ExpressionBasedPreInvocationAdvice()) };
adm = new AffirmativeBased(Arrays.<AccessDecisionVoter<? extends Object>>asList(voters));
interceptor.setAccessDecisionManager(adm);
interceptor.setAuthenticationManager(authman);
interceptor.setSecurityMetadataSource(new SecuredAnnotationSecurityMetadataSource());
AnnotationSecurityAspect secAspect = AnnotationSecurityAspect.aspectOf();
secAspect.setSecurityInterceptor(interceptor);
}
Also used :
SecuredAnnotationSecurityMetadataSource(org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource)
AspectJMethodSecurityInterceptor(org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor)
AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased)
RoleVoter(org.springframework.security.access.vote.RoleVoter)
AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter)
ExpressionBasedPreInvocationAdvice(org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice)
PreInvocationAuthorizationAdviceVoter(org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter)
Before(org.junit.Before)
Example 2 with AffirmativeBased
use of org.springframework.security.access.vote.AffirmativeBased in project faf-java-server by FAForever.
the class IntegrationSecurityConfig method channelSecurityInterceptor.
@Bean
public ChannelSecurityInterceptor channelSecurityInterceptor(AuthenticationManager authenticationManager) {
ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor();
channelSecurityInterceptor.setAuthenticationManager(authenticationManager);
channelSecurityInterceptor.setAccessDecisionManager(new AffirmativeBased(Collections.singletonList(new RoleVoter())));
return channelSecurityInterceptor;
}
Also used :
AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased)
RoleVoter(org.springframework.security.access.vote.RoleVoter)
ChannelSecurityInterceptor(org.springframework.integration.security.channel.ChannelSecurityInterceptor)
Bean(org.springframework.context.annotation.Bean)
Example 3 with AffirmativeBased
use of org.springframework.security.access.vote.AffirmativeBased in project tutorials by eugenp.
the class SecurityConfig method customAccessDecisionManager.
@Bean
public AccessDecisionManager customAccessDecisionManager() {
List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
decisionVoters.add(new RoleVoter());
decisionVoters.add(new UsernameAccessDecisionVoter());
AccessDecisionManager accessDecisionManager = new AffirmativeBased(decisionVoters);
return accessDecisionManager;
}
Also used :
AccessDecisionManager(org.springframework.security.access.AccessDecisionManager)
AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased)
ArrayList(java.util.ArrayList)
RoleVoter(org.springframework.security.access.vote.RoleVoter)
AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter)
Bean(org.springframework.context.annotation.Bean)
Example 4 with AffirmativeBased
use of org.springframework.security.access.vote.AffirmativeBased in project motech by motech.
the class SecurityRuleBuilder method addFilterSecurityInterceptor.
private void addFilterSecurityInterceptor(List<Filter> filters, MotechURLSecurityRule securityRule) {
Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
List<AccessDecisionVoter> voters = new ArrayList<>();
Collection<ConfigAttribute> configAtts = new ArrayList<>();
if (CollectionUtils.isEmpty(securityRule.getPermissionAccess()) && CollectionUtils.isEmpty(securityRule.getUserAccess())) {
configAtts.add(new SecurityConfig("IS_AUTHENTICATED_FULLY"));
AuthenticatedVoter authVoter = new AuthenticatedVoter();
voters.add(authVoter);
} else {
if (!CollectionUtils.isEmpty(securityRule.getPermissionAccess())) {
for (String permission : securityRule.getPermissionAccess()) {
configAtts.add(new SecurityConfig(permission));
}
}
if (!CollectionUtils.isEmpty(securityRule.getUserAccess())) {
for (String userAccess : securityRule.getUserAccess()) {
configAtts.add(new SecurityConfig(SecurityConfigConstants.USER_ACCESS_PREFIX + userAccess));
}
}
}
buildRequestMap(requestMap, configAtts, securityRule);
FilterInvocationSecurityMetadataSource metadataSource = new DefaultFilterInvocationSecurityMetadataSource((LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) requestMap);
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
interceptor.setSecurityMetadataSource(metadataSource);
RoleVoter roleVoter = new RoleVoter();
roleVoter.setRolePrefix(SecurityConfigConstants.ROLE_ACCESS_PREFIX);
voters.add(roleVoter);
voters.add(new MotechAccessVoter());
AccessDecisionManager decisionManager = new AffirmativeBased(voters);
interceptor.setAccessDecisionManager(decisionManager);
interceptor.setAuthenticationManager(authenticationManager);
filters.add(interceptor);
}
Also used :
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
AnyRequestMatcher(org.springframework.security.web.util.matcher.AnyRequestMatcher)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
AccessDecisionManager(org.springframework.security.access.AccessDecisionManager)
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
FilterSecurityInterceptor(org.springframework.security.web.access.intercept.FilterSecurityInterceptor)
ArrayList(java.util.ArrayList)
RoleVoter(org.springframework.security.access.vote.RoleVoter)
AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter)
DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource)
FilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource)
LinkedHashMap(java.util.LinkedHashMap)
AuthenticatedVoter(org.springframework.security.access.vote.AuthenticatedVoter)
SecurityConfig(org.springframework.security.access.SecurityConfig)
MotechAccessVoter(org.motechproject.security.authentication.MotechAccessVoter)
AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased)
Collection(java.util.Collection)
DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource)
Example 5 with AffirmativeBased
use of org.springframework.security.access.vote.AffirmativeBased in project molgenis by molgenis.
the class WebAppSecurityConfig method configureUrlAuthorization.
// TODO automate URL authorization configuration (ticket #2133)
@Override
protected void configureUrlAuthorization(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry expressionInterceptUrlRegistry) {
List<AccessDecisionVoter<?>> listOfVoters = new ArrayList<>();
listOfVoters.add(new WebExpressionVoter());
listOfVoters.add(new MolgenisAccessDecisionVoter());
expressionInterceptUrlRegistry.accessDecisionManager(new AffirmativeBased(listOfVoters));
expressionInterceptUrlRegistry.antMatchers("/").permitAll().antMatchers("/fdp/**").permitAll().antMatchers("/annotators/**").authenticated();
}
Also used :
MolgenisAccessDecisionVoter(org.molgenis.core.ui.security.MolgenisAccessDecisionVoter)
AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased)
ArrayList(java.util.ArrayList)
MolgenisAccessDecisionVoter(org.molgenis.core.ui.security.MolgenisAccessDecisionVoter)
AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter)
WebExpressionVoter(org.springframework.security.web.access.expression.WebExpressionVoter)
Aggregations
AffirmativeBased (org.springframework.security.access.vote.AffirmativeBased)14
ArrayList (java.util.ArrayList)9
AccessDecisionVoter (org.springframework.security.access.AccessDecisionVoter)9
RoleVoter (org.springframework.security.access.vote.RoleVoter)8
Bean (org.springframework.context.annotation.Bean)4
PreInvocationAuthorizationAdviceVoter (org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter)4
ExpressionBasedPreInvocationAdvice (org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice)3
List (java.util.List)2
AccessDecisionManager (org.springframework.security.access.AccessDecisionManager)2
ConfigAttribute (org.springframework.security.access.ConfigAttribute)2
SecurityConfig (org.springframework.security.access.SecurityConfig)2
SecuredAnnotationSecurityMetadataSource (org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource)2
AspectJMethodSecurityInterceptor (org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor)2
AuthenticatedVoter (org.springframework.security.access.vote.AuthenticatedVoter)2
MessageExpressionVoter (org.springframework.security.messaging.access.expression.MessageExpressionVoter)2
ChannelSecurityInterceptor (org.springframework.security.messaging.access.intercept.ChannelSecurityInterceptor)2
WebExpressionVoter (org.springframework.security.web.access.expression.WebExpressionVoter)2
InetAddress (java.net.InetAddress)1
Collection (java.util.Collection)1
LinkedHashMap (java.util.LinkedHashMap)1
