Search in sources :

Example 1 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project spring-security by spring-projects.

the class PrePostSecured method setUp.

@Before
public final void setUp() throws Exception {
    MockitoAnnotations.initMocks(this);
    interceptor = new AspectJMethodSecurityInterceptor();
    AccessDecisionVoter[] voters = new AccessDecisionVoter[] { new RoleVoter(), new PreInvocationAuthorizationAdviceVoter(new ExpressionBasedPreInvocationAdvice()) };
    adm = new AffirmativeBased(Arrays.<AccessDecisionVoter<? extends Object>>asList(voters));
    interceptor.setAccessDecisionManager(adm);
    interceptor.setAuthenticationManager(authman);
    interceptor.setSecurityMetadataSource(new SecuredAnnotationSecurityMetadataSource());
    AnnotationSecurityAspect secAspect = AnnotationSecurityAspect.aspectOf();
    secAspect.setSecurityInterceptor(interceptor);
}
Also used : SecuredAnnotationSecurityMetadataSource(org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource) AspectJMethodSecurityInterceptor(org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor) AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter) ExpressionBasedPreInvocationAdvice(org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice) PreInvocationAuthorizationAdviceVoter(org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter) Before(org.junit.Before)

Example 2 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project faf-java-server by FAForever.

the class IntegrationSecurityConfig method channelSecurityInterceptor.

@Bean
public ChannelSecurityInterceptor channelSecurityInterceptor(AuthenticationManager authenticationManager) {
    ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor();
    channelSecurityInterceptor.setAuthenticationManager(authenticationManager);
    channelSecurityInterceptor.setAccessDecisionManager(new AffirmativeBased(Collections.singletonList(new RoleVoter())));
    return channelSecurityInterceptor;
}
Also used : AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) RoleVoter(org.springframework.security.access.vote.RoleVoter) ChannelSecurityInterceptor(org.springframework.integration.security.channel.ChannelSecurityInterceptor) Bean(org.springframework.context.annotation.Bean)

Example 3 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project tutorials by eugenp.

the class SecurityConfig method customAccessDecisionManager.

@Bean
public AccessDecisionManager customAccessDecisionManager() {
    List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new UsernameAccessDecisionVoter());
    AccessDecisionManager accessDecisionManager = new AffirmativeBased(decisionVoters);
    return accessDecisionManager;
}
Also used : AccessDecisionManager(org.springframework.security.access.AccessDecisionManager) AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) ArrayList(java.util.ArrayList) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter) Bean(org.springframework.context.annotation.Bean)

Example 4 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project motech by motech.

the class SecurityRuleBuilder method addFilterSecurityInterceptor.

private void addFilterSecurityInterceptor(List<Filter> filters, MotechURLSecurityRule securityRule) {
    Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
    List<AccessDecisionVoter> voters = new ArrayList<>();
    Collection<ConfigAttribute> configAtts = new ArrayList<>();
    if (CollectionUtils.isEmpty(securityRule.getPermissionAccess()) && CollectionUtils.isEmpty(securityRule.getUserAccess())) {
        configAtts.add(new SecurityConfig("IS_AUTHENTICATED_FULLY"));
        AuthenticatedVoter authVoter = new AuthenticatedVoter();
        voters.add(authVoter);
    } else {
        if (!CollectionUtils.isEmpty(securityRule.getPermissionAccess())) {
            for (String permission : securityRule.getPermissionAccess()) {
                configAtts.add(new SecurityConfig(permission));
            }
        }
        if (!CollectionUtils.isEmpty(securityRule.getUserAccess())) {
            for (String userAccess : securityRule.getUserAccess()) {
                configAtts.add(new SecurityConfig(SecurityConfigConstants.USER_ACCESS_PREFIX + userAccess));
            }
        }
    }
    buildRequestMap(requestMap, configAtts, securityRule);
    FilterInvocationSecurityMetadataSource metadataSource = new DefaultFilterInvocationSecurityMetadataSource((LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) requestMap);
    FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
    interceptor.setSecurityMetadataSource(metadataSource);
    RoleVoter roleVoter = new RoleVoter();
    roleVoter.setRolePrefix(SecurityConfigConstants.ROLE_ACCESS_PREFIX);
    voters.add(roleVoter);
    voters.add(new MotechAccessVoter());
    AccessDecisionManager decisionManager = new AffirmativeBased(voters);
    interceptor.setAccessDecisionManager(decisionManager);
    interceptor.setAuthenticationManager(authenticationManager);
    filters.add(interceptor);
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AnyRequestMatcher(org.springframework.security.web.util.matcher.AnyRequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) AccessDecisionManager(org.springframework.security.access.AccessDecisionManager) ConfigAttribute(org.springframework.security.access.ConfigAttribute) FilterSecurityInterceptor(org.springframework.security.web.access.intercept.FilterSecurityInterceptor) ArrayList(java.util.ArrayList) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter) DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource) FilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource) LinkedHashMap(java.util.LinkedHashMap) AuthenticatedVoter(org.springframework.security.access.vote.AuthenticatedVoter) SecurityConfig(org.springframework.security.access.SecurityConfig) MotechAccessVoter(org.motechproject.security.authentication.MotechAccessVoter) AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) Collection(java.util.Collection) DefaultFilterInvocationSecurityMetadataSource(org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource)

Example 5 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project spring-security by spring-projects.

the class AnnotationSecurityAspectTests method setUp.

@BeforeEach
public final void setUp() {
    MockitoAnnotations.initMocks(this);
    this.interceptor = new AspectJMethodSecurityInterceptor();
    AccessDecisionVoter[] voters = new AccessDecisionVoter[] { new RoleVoter(), new PreInvocationAuthorizationAdviceVoter(new ExpressionBasedPreInvocationAdvice()) };
    this.adm = new AffirmativeBased(Arrays.<AccessDecisionVoter<? extends Object>>asList(voters));
    this.interceptor.setAccessDecisionManager(this.adm);
    this.interceptor.setAuthenticationManager(this.authman);
    this.interceptor.setSecurityMetadataSource(new SecuredAnnotationSecurityMetadataSource());
    AnnotationSecurityAspect secAspect = AnnotationSecurityAspect.aspectOf();
    secAspect.setSecurityInterceptor(this.interceptor);
}
Also used : SecuredAnnotationSecurityMetadataSource(org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource) AspectJMethodSecurityInterceptor(org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor) AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter) ExpressionBasedPreInvocationAdvice(org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice) PreInvocationAuthorizationAdviceVoter(org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter) BeforeEach(org.junit.jupiter.api.BeforeEach)

Aggregations

RoleVoter (org.springframework.security.access.vote.RoleVoter)9 AffirmativeBased (org.springframework.security.access.vote.AffirmativeBased)8 AccessDecisionVoter (org.springframework.security.access.AccessDecisionVoter)7 ArrayList (java.util.ArrayList)5 ExpressionBasedPreInvocationAdvice (org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice)3 PreInvocationAuthorizationAdviceVoter (org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter)3 AuthenticatedVoter (org.springframework.security.access.vote.AuthenticatedVoter)3 Bean (org.springframework.context.annotation.Bean)2 AccessDecisionManager (org.springframework.security.access.AccessDecisionManager)2 SecuredAnnotationSecurityMetadataSource (org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource)2 AspectJMethodSecurityInterceptor (org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor)2 Collection (java.util.Collection)1 LinkedHashMap (java.util.LinkedHashMap)1 List (java.util.List)1 Before (org.junit.Before)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 MotechAccessVoter (org.motechproject.security.authentication.MotechAccessVoter)1 MockAuthenticationManager (org.springframework.integration.security.MockAuthenticationManager)1 ChannelSecurityInterceptor (org.springframework.integration.security.channel.ChannelSecurityInterceptor)1 ConfigAttribute (org.springframework.security.access.ConfigAttribute)1