Examples with AffirmativeBased org.springframework.security.access.vote.AffirmativeBased used on opensource projects

Example 11 with AffirmativeBased

use of org.springframework.security.access.vote.AffirmativeBased in project spring-integration by spring-projects.

the class ChannelSecurityInterceptorTests method createInterceptor.

@SuppressWarnings("rawtypes")
private static ChannelSecurityInterceptor createInterceptor(String role) throws Exception {
    ChannelSecurityMetadataSource securityMetadataSource = new ChannelSecurityMetadataSource();
    securityMetadataSource.addPatternMapping(Pattern.compile("secured.*"), new DefaultChannelAccessPolicy(role, null));
    ChannelSecurityInterceptor interceptor = new ChannelSecurityInterceptor(securityMetadataSource);
    AffirmativeBased accessDecisionManager = AffirmativeBased.class.getConstructor(List.class).newInstance(Collections.singletonList(new RoleVoter()));
    accessDecisionManager.afterPropertiesSet();
    interceptor.setAccessDecisionManager(accessDecisionManager);
    interceptor.setAuthenticationManager(new MockAuthenticationManager(true));
    interceptor.afterPropertiesSet();
    return interceptor;
}

Example 12 with AffirmativeBased

use of org.springframework.security.access.vote.AffirmativeBased in project spring-security by spring-projects.

the class AbstractSecurityWebSocketMessageBrokerConfigurer method inboundChannelSecurity.

@Bean
public ChannelSecurityInterceptor inboundChannelSecurity(MessageSecurityMetadataSource messageSecurityMetadataSource) {
    ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor(messageSecurityMetadataSource);
    MessageExpressionVoter<Object> voter = new MessageExpressionVoter<>();
    voter.setExpressionHandler(getMessageExpressionHandler());
    List<AccessDecisionVoter<?>> voters = new ArrayList<>();
    voters.add(voter);
    AffirmativeBased manager = new AffirmativeBased(voters);
    channelSecurityInterceptor.setAccessDecisionManager(manager);
    return channelSecurityInterceptor;
}

Example 13 with AffirmativeBased

use of org.springframework.security.access.vote.AffirmativeBased in project spring-security by spring-projects.

the class GlobalMethodSecurityConfiguration method accessDecisionManager.

/**
 * Allows subclasses to provide a custom {@link AccessDecisionManager}. The default is
 * a {@link AffirmativeBased} with the following voters:
 *
 * <ul>
 * <li>{@link PreInvocationAuthorizationAdviceVoter}</li>
 * <li>{@link RoleVoter}</li>
 * <li>{@link AuthenticatedVoter}</li>
 * </ul>
 * @return the {@link AccessDecisionManager} to use
 */
protected AccessDecisionManager accessDecisionManager() {
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    if (prePostEnabled()) {
        ExpressionBasedPreInvocationAdvice expressionAdvice = new ExpressionBasedPreInvocationAdvice();
        expressionAdvice.setExpressionHandler(getExpressionHandler());
        decisionVoters.add(new PreInvocationAuthorizationAdviceVoter(expressionAdvice));
    }
    if (jsr250Enabled()) {
        decisionVoters.add(new Jsr250Voter());
    }
    RoleVoter roleVoter = new RoleVoter();
    GrantedAuthorityDefaults grantedAuthorityDefaults = getSingleBeanOrNull(GrantedAuthorityDefaults.class);
    if (grantedAuthorityDefaults != null) {
        roleVoter.setRolePrefix(grantedAuthorityDefaults.getRolePrefix());
    }
    decisionVoters.add(roleVoter);
    decisionVoters.add(new AuthenticatedVoter());
    return new AffirmativeBased(decisionVoters);
}

Example 14 with AffirmativeBased

use of org.springframework.security.access.vote.AffirmativeBased in project spring-security by spring-projects.

the class GlobalMethodSecurityBeanDefinitionParserTests method expressionVoterAndAfterInvocationProviderUseSameExpressionHandlerInstance.

// Expression configuration tests
@SuppressWarnings("unchecked")
@Test
public void expressionVoterAndAfterInvocationProviderUseSameExpressionHandlerInstance() throws Exception {
    setContext("<global-method-security pre-post-annotations='enabled'/>" + ConfigTestUtils.AUTH_PROVIDER_XML);
    AffirmativeBased adm = (AffirmativeBased) this.appContext.getBeansOfType(AffirmativeBased.class).values().toArray()[0];
    List voters = (List) FieldUtils.getFieldValue(adm, "decisionVoters");
    PreInvocationAuthorizationAdviceVoter mev = (PreInvocationAuthorizationAdviceVoter) voters.get(0);
    MethodSecurityMetadataSourceAdvisor msi = (MethodSecurityMetadataSourceAdvisor) this.appContext.getBeansOfType(MethodSecurityMetadataSourceAdvisor.class).values().toArray()[0];
    AfterInvocationProviderManager pm = (AfterInvocationProviderManager) ((MethodSecurityInterceptor) msi.getAdvice()).getAfterInvocationManager();
    PostInvocationAdviceProvider aip = (PostInvocationAdviceProvider) pm.getProviders().get(0);
    assertThat(FieldUtils.getFieldValue(mev, "preAdvice.expressionHandler")).isSameAs(FieldUtils.getFieldValue(aip, "postAdvice.expressionHandler"));
}