Example 1 with DefaultWebSecurityExpressionHandler
use of org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler in project ocvn by devgateway.
the class WebSecurityConfig method webExpressionHandler.
/**
* Instantiates {@see DefaultWebSecurityExpressionHandler} and assigns to it role hierarchy.
*
* @return
*/
private SecurityExpressionHandler<FilterInvocation> webExpressionHandler() {
DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();
handler.setRoleHierarchy(roleHierarchy());
return handler;
}
Also used :
DefaultWebSecurityExpressionHandler(org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler)
Example 2 with DefaultWebSecurityExpressionHandler
use of org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler in project hub-alert by blackducksoftware.
the class AuthenticationHandler method createRoleProcessor.
private ObjectPostProcessor<AffirmativeBased> createRoleProcessor() {
return new ObjectPostProcessor<>() {
@Override
public <O extends AffirmativeBased> O postProcess(O affirmativeBased) {
WebExpressionVoter webExpressionVoter = new WebExpressionVoter();
DefaultWebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler();
expressionHandler.setRoleHierarchy(authorities -> {
String[] allAlertRoles = retrieveAllowedRoles();
return AuthorityUtils.createAuthorityList(allAlertRoles);
});
webExpressionVoter.setExpressionHandler(expressionHandler);
affirmativeBased.getDecisionVoters().add(webExpressionVoter);
return affirmativeBased;
}
};
}
Also used :
DefaultWebSecurityExpressionHandler(org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler)
ObjectPostProcessor(org.springframework.security.config.annotation.ObjectPostProcessor)
AffirmativeBased(org.springframework.security.access.vote.AffirmativeBased)
WebExpressionVoter(org.springframework.security.web.access.expression.WebExpressionVoter)
Example 3 with DefaultWebSecurityExpressionHandler
use of org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler in project syncope by apache.
the class DefaultRolesPrefixPostProcessor method postProcessAfterInitialization.
@Override
public Object postProcessAfterInitialization(final Object bean, final String beanName) {
if (bean instanceof DefaultMethodSecurityExpressionHandler) {
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(null);
}
if (bean instanceof DefaultWebSecurityExpressionHandler) {
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(null);
}
if (bean instanceof SecurityContextHolderAwareRequestFilter) {
SecurityContextHolderAwareRequestFilter filter = (SecurityContextHolderAwareRequestFilter) bean;
filter.setRolePrefix(StringUtils.EMPTY);
try {
filter.afterPropertiesSet();
} catch (ServletException e) {
throw new FatalBeanException(e.getMessage(), e);
}
}
return bean;
}
Also used :
DefaultWebSecurityExpressionHandler(org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler)
ServletException(javax.servlet.ServletException)
FatalBeanException(org.springframework.beans.FatalBeanException)
SecurityContextHolderAwareRequestFilter(org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter)
DefaultMethodSecurityExpressionHandler(org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler)
Example 4 with DefaultWebSecurityExpressionHandler
use of org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler in project spring-security by spring-projects.
the class ExpressionUrlAuthorizationConfigurer method getExpressionHandler.
private SecurityExpressionHandler<FilterInvocation> getExpressionHandler(H http) {
if (this.expressionHandler != null) {
return this.expressionHandler;
}
DefaultWebSecurityExpressionHandler defaultHandler = new DefaultWebSecurityExpressionHandler();
AuthenticationTrustResolver trustResolver = http.getSharedObject(AuthenticationTrustResolver.class);
if (trustResolver != null) {
defaultHandler.setTrustResolver(trustResolver);
}
ApplicationContext context = http.getSharedObject(ApplicationContext.class);
if (context != null) {
String[] roleHiearchyBeanNames = context.getBeanNamesForType(RoleHierarchy.class);
if (roleHiearchyBeanNames.length == 1) {
defaultHandler.setRoleHierarchy(context.getBean(roleHiearchyBeanNames[0], RoleHierarchy.class));
}
String[] grantedAuthorityDefaultsBeanNames = context.getBeanNamesForType(GrantedAuthorityDefaults.class);
if (grantedAuthorityDefaultsBeanNames.length == 1) {
GrantedAuthorityDefaults grantedAuthorityDefaults = context.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
defaultHandler.setDefaultRolePrefix(grantedAuthorityDefaults.getRolePrefix());
}
String[] permissionEvaluatorBeanNames = context.getBeanNamesForType(PermissionEvaluator.class);
if (permissionEvaluatorBeanNames.length == 1) {
PermissionEvaluator permissionEvaluator = context.getBean(permissionEvaluatorBeanNames[0], PermissionEvaluator.class);
defaultHandler.setPermissionEvaluator(permissionEvaluator);
}
}
this.expressionHandler = postProcess(defaultHandler);
return this.expressionHandler;
}
Also used :
DefaultWebSecurityExpressionHandler(org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler)
PermissionEvaluator(org.springframework.security.access.PermissionEvaluator)
ApplicationContext(org.springframework.context.ApplicationContext)
GrantedAuthorityDefaults(org.springframework.security.config.core.GrantedAuthorityDefaults)
RoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy)
AuthenticationTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver)
Example 5 with DefaultWebSecurityExpressionHandler
use of org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler in project spring-security by spring-projects.
the class AbstractAuthorizeTagTests method expressionFromChildContext.
@Test
@SuppressWarnings("rawtypes")
public void expressionFromChildContext() throws IOException {
SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("user", "pass", "USER"));
DefaultWebSecurityExpressionHandler expected = new DefaultWebSecurityExpressionHandler();
this.tag.setAccess("permitAll");
WebApplicationContext wac = mock(WebApplicationContext.class);
given(wac.getBeansOfType(SecurityExpressionHandler.class)).willReturn(Collections.<String, SecurityExpressionHandler>singletonMap("wipe", expected));
this.servletContext.setAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher", wac);
assertThat(this.tag.authorize()).isTrue();
}
Also used :
DefaultWebSecurityExpressionHandler(org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
WebApplicationContext(org.springframework.web.context.WebApplicationContext)
Test(org.junit.jupiter.api.Test)
Aggregations
DefaultWebSecurityExpressionHandler (org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler)9
LinkedHashMap (java.util.LinkedHashMap)1
List (java.util.List)1
ServletException (javax.servlet.ServletException)1
HierarchicalConfiguration (org.apache.commons.configuration2.HierarchicalConfiguration)1
SiteContext (org.craftercms.engine.service.context.SiteContext)1
Test (org.junit.jupiter.api.Test)1
FatalBeanException (org.springframework.beans.FatalBeanException)1
MethodInvokingFactoryBean (org.springframework.beans.factory.config.MethodInvokingFactoryBean)1
ApplicationContext (org.springframework.context.ApplicationContext)1
Bean (org.springframework.context.annotation.Bean)1
ConfigAttribute (org.springframework.security.access.ConfigAttribute)1
PermissionEvaluator (org.springframework.security.access.PermissionEvaluator)1
SecurityConfig (org.springframework.security.access.SecurityConfig)1
SecurityMetadataSource (org.springframework.security.access.SecurityMetadataSource)1
DefaultMethodSecurityExpressionHandler (org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler)1
RoleHierarchy (org.springframework.security.access.hierarchicalroles.RoleHierarchy)1
AffirmativeBased (org.springframework.security.access.vote.AffirmativeBased)1
AuthenticationTrustResolver (org.springframework.security.authentication.AuthenticationTrustResolver)1
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1
