Examples with RoleVoter org.springframework.security.access.vote.RoleVoter used on opensource projects

Search in sources :

Example 6 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project herd by FINRAOS.

the class AppSpringModuleConfig method accessDecisionManager.

/**
 * Overridden to remove role prefix for the role voter. The application does not require any other access decision voters in the default configuration.
 */
/*
     * rawtypes must be suppressed because AffirmativeBased constructor takes in a raw typed list of AccessDecisionVoters
     */
@SuppressWarnings("rawtypes")
@Override
protected AccessDecisionManager accessDecisionManager() {
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    RoleVoter decisionVoter = new RoleVoter();
    decisionVoter.setRolePrefix("");
    decisionVoters.add(decisionVoter);
    return new AffirmativeBased(decisionVoters);
}
Also used : AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) ArrayList(java.util.ArrayList) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter)

Example 7 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project spring-integration by spring-projects.

the class ChannelSecurityInterceptorTests method createInterceptor.

@SuppressWarnings("rawtypes")
private static ChannelSecurityInterceptor createInterceptor(String role) throws Exception {
    ChannelSecurityMetadataSource securityMetadataSource = new ChannelSecurityMetadataSource();
    securityMetadataSource.addPatternMapping(Pattern.compile("secured.*"), new DefaultChannelAccessPolicy(role, null));
    ChannelSecurityInterceptor interceptor = new ChannelSecurityInterceptor(securityMetadataSource);
    AffirmativeBased accessDecisionManager = AffirmativeBased.class.getConstructor(List.class).newInstance(Collections.singletonList(new RoleVoter()));
    accessDecisionManager.afterPropertiesSet();
    interceptor.setAccessDecisionManager(accessDecisionManager);
    interceptor.setAuthenticationManager(new MockAuthenticationManager(true));
    interceptor.afterPropertiesSet();
    return interceptor;
}
Also used : AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) MockAuthenticationManager(org.springframework.integration.security.MockAuthenticationManager) List(java.util.List) RoleVoter(org.springframework.security.access.vote.RoleVoter)

Example 8 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project spring-security by spring-projects.

the class UrlAuthorizationConfigurer method getDecisionVoters.

/**
 * Creates the default {@link AccessDecisionVoter} instances used if an
 * {@link AccessDecisionManager} was not specified.
 * @param http the builder to use
 */
@Override
@SuppressWarnings("rawtypes")
List<AccessDecisionVoter<?>> getDecisionVoters(H http) {
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    decisionVoters.add(new RoleVoter());
    decisionVoters.add(new AuthenticatedVoter());
    return decisionVoters;
}
Also used : AuthenticatedVoter(org.springframework.security.access.vote.AuthenticatedVoter) ArrayList(java.util.ArrayList) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter)

Example 9 with RoleVoter

use of org.springframework.security.access.vote.RoleVoter in project spring-security by spring-projects.

the class GlobalMethodSecurityConfiguration method accessDecisionManager.

/**
 * Allows subclasses to provide a custom {@link AccessDecisionManager}. The default is
 * a {@link AffirmativeBased} with the following voters:
 *
 * <ul>
 * <li>{@link PreInvocationAuthorizationAdviceVoter}</li>
 * <li>{@link RoleVoter}</li>
 * <li>{@link AuthenticatedVoter}</li>
 * </ul>
 * @return the {@link AccessDecisionManager} to use
 */
protected AccessDecisionManager accessDecisionManager() {
    List<AccessDecisionVoter<?>> decisionVoters = new ArrayList<>();
    if (prePostEnabled()) {
        ExpressionBasedPreInvocationAdvice expressionAdvice = new ExpressionBasedPreInvocationAdvice();
        expressionAdvice.setExpressionHandler(getExpressionHandler());
        decisionVoters.add(new PreInvocationAuthorizationAdviceVoter(expressionAdvice));
    }
    if (jsr250Enabled()) {
        decisionVoters.add(new Jsr250Voter());
    }
    RoleVoter roleVoter = new RoleVoter();
    GrantedAuthorityDefaults grantedAuthorityDefaults = getSingleBeanOrNull(GrantedAuthorityDefaults.class);
    if (grantedAuthorityDefaults != null) {
        roleVoter.setRolePrefix(grantedAuthorityDefaults.getRolePrefix());
    }
    decisionVoters.add(roleVoter);
    decisionVoters.add(new AuthenticatedVoter());
    return new AffirmativeBased(decisionVoters);
}
Also used : AuthenticatedVoter(org.springframework.security.access.vote.AuthenticatedVoter) Jsr250Voter(org.springframework.security.access.annotation.Jsr250Voter) GrantedAuthorityDefaults(org.springframework.security.config.core.GrantedAuthorityDefaults) AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased) ArrayList(java.util.ArrayList) RoleVoter(org.springframework.security.access.vote.RoleVoter) AccessDecisionVoter(org.springframework.security.access.AccessDecisionVoter) ExpressionBasedPreInvocationAdvice(org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice) PreInvocationAuthorizationAdviceVoter(org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter)

Aggregations

RoleVoter (org.springframework.security.access.vote.RoleVoter)9 AffirmativeBased (org.springframework.security.access.vote.AffirmativeBased)8 AccessDecisionVoter (org.springframework.security.access.AccessDecisionVoter)7 ArrayList (java.util.ArrayList)5 ExpressionBasedPreInvocationAdvice (org.springframework.security.access.expression.method.ExpressionBasedPreInvocationAdvice)3 PreInvocationAuthorizationAdviceVoter (org.springframework.security.access.prepost.PreInvocationAuthorizationAdviceVoter)3 AuthenticatedVoter (org.springframework.security.access.vote.AuthenticatedVoter)3 Bean (org.springframework.context.annotation.Bean)2 AccessDecisionManager (org.springframework.security.access.AccessDecisionManager)2 SecuredAnnotationSecurityMetadataSource (org.springframework.security.access.annotation.SecuredAnnotationSecurityMetadataSource)2 AspectJMethodSecurityInterceptor (org.springframework.security.access.intercept.aspectj.AspectJMethodSecurityInterceptor)2 Collection (java.util.Collection)1 LinkedHashMap (java.util.LinkedHashMap)1 List (java.util.List)1 Before (org.junit.Before)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 MotechAccessVoter (org.motechproject.security.authentication.MotechAccessVoter)1 MockAuthenticationManager (org.springframework.integration.security.MockAuthenticationManager)1 ChannelSecurityInterceptor (org.springframework.integration.security.channel.ChannelSecurityInterceptor)1 ConfigAttribute (org.springframework.security.access.ConfigAttribute)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial