Search in sources :

Example 1 with AuthorizationManagerWebInvocationPrivilegeEvaluator

use of org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator in project spring-security by spring-projects.

the class WebSecurity method getRequestMatcherPrivilegeEvaluatorsEntry.

private RequestMatcherEntry<List<WebInvocationPrivilegeEvaluator>> getRequestMatcherPrivilegeEvaluatorsEntry(SecurityFilterChain securityFilterChain) {
    List<WebInvocationPrivilegeEvaluator> privilegeEvaluators = new ArrayList<>();
    for (Filter filter : securityFilterChain.getFilters()) {
        if (filter instanceof FilterSecurityInterceptor) {
            DefaultWebInvocationPrivilegeEvaluator defaultWebInvocationPrivilegeEvaluator = new DefaultWebInvocationPrivilegeEvaluator((FilterSecurityInterceptor) filter);
            defaultWebInvocationPrivilegeEvaluator.setServletContext(this.servletContext);
            privilegeEvaluators.add(defaultWebInvocationPrivilegeEvaluator);
            continue;
        }
        if (filter instanceof AuthorizationFilter) {
            AuthorizationManager<HttpServletRequest> authorizationManager = ((AuthorizationFilter) filter).getAuthorizationManager();
            privilegeEvaluators.add(new AuthorizationManagerWebInvocationPrivilegeEvaluator(authorizationManager));
        }
    }
    return new RequestMatcherEntry<>(securityFilterChain::matches, privilegeEvaluators);
}
Also used : DefaultWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) WebInvocationPrivilegeEvaluator(org.springframework.security.web.access.WebInvocationPrivilegeEvaluator) RequestMatcherDelegatingWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator) AuthorizationManagerWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator) DefaultWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator) AuthorizationFilter(org.springframework.security.web.access.intercept.AuthorizationFilter) Filter(jakarta.servlet.Filter) DebugFilter(org.springframework.security.web.debug.DebugFilter) AuthorizationFilter(org.springframework.security.web.access.intercept.AuthorizationFilter) FilterSecurityInterceptor(org.springframework.security.web.access.intercept.FilterSecurityInterceptor) ArrayList(java.util.ArrayList) RequestMatcherEntry(org.springframework.security.web.util.matcher.RequestMatcherEntry) AuthorizationManagerWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator)

Aggregations

Filter (jakarta.servlet.Filter)1 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)1 ArrayList (java.util.ArrayList)1 AuthorizationManagerWebInvocationPrivilegeEvaluator (org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator)1 DefaultWebInvocationPrivilegeEvaluator (org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator)1 RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator)1 WebInvocationPrivilegeEvaluator (org.springframework.security.web.access.WebInvocationPrivilegeEvaluator)1 AuthorizationFilter (org.springframework.security.web.access.intercept.AuthorizationFilter)1 FilterSecurityInterceptor (org.springframework.security.web.access.intercept.FilterSecurityInterceptor)1 DebugFilter (org.springframework.security.web.debug.DebugFilter)1 RequestMatcherEntry (org.springframework.security.web.util.matcher.RequestMatcherEntry)1