org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler Java Examples
The following examples show how to use
org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: CustomRolesPrefixPostProcessor.java From we-cmdb with Apache License 2.0 | 6 votes |
|
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if(bean instanceof Jsr250MethodSecurityMetadataSource) {
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultMethodSecurityExpressionHandler) {
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultWebSecurityExpressionHandler) {
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof SecurityContextHolderAwareRequestFilter) {
((SecurityContextHolderAwareRequestFilter)bean).setRolePrefix(ROLE_PREFIX);
}
return bean;
}
Example #2
| Source File: CustomRolesPrefixPostProcessor.java From wecube-platform with Apache License 2.0 | 6 votes |
|
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if(bean instanceof Jsr250MethodSecurityMetadataSource) {
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultMethodSecurityExpressionHandler) {
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultWebSecurityExpressionHandler) {
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof SecurityContextHolderAwareRequestFilter) {
((SecurityContextHolderAwareRequestFilter)bean).setRolePrefix(ROLE_PREFIX);
}
return bean;
}
Example #3
| Source File: AuthenticationHandler.java From blackduck-alert with Apache License 2.0 | 6 votes |
|
private ObjectPostProcessor<AffirmativeBased> createRoleProcessor() {
return new ObjectPostProcessor<>() {
@Override
public AffirmativeBased postProcess(AffirmativeBased affirmativeBased) {
WebExpressionVoter webExpressionVoter = new WebExpressionVoter();
DefaultWebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler();
expressionHandler.setRoleHierarchy(authorities -> {
String[] allAlertRoles = retrieveAllowedRoles();
return AuthorityUtils.createAuthorityList(allAlertRoles);
});
webExpressionVoter.setExpressionHandler(expressionHandler);
affirmativeBased.getDecisionVoters().add(webExpressionVoter);
return affirmativeBased;
}
};
}
Example #4
| Source File: DefaultRolesPrefixPostProcessor.java From jump-the-queue with Apache License 2.0 | 6 votes |
|
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
// remove this if you are not using JSR-250
if (bean instanceof Jsr250MethodSecurityMetadataSource) {
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(this.rolePrefix);
}
if (bean instanceof DefaultMethodSecurityExpressionHandler) {
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix);
}
if (bean instanceof DefaultWebSecurityExpressionHandler) {
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix);
}
if (bean instanceof SecurityContextHolderAwareRequestFilter) {
((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix(this.rolePrefix);
}
return bean;
}
Example #5
| Source File: DefaultRolesPrefixPostProcessor.java From dhis2-core with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
@Override
public Object postProcessAfterInitialization( Object bean, String beanName )
throws BeansException
{
if ( bean instanceof Jsr250MethodSecurityMetadataSource )
{
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix( null );
}
if ( bean instanceof DefaultMethodSecurityExpressionHandler )
{
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix( null );
}
if ( bean instanceof DefaultWebSecurityExpressionHandler )
{
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix( null );
}
if ( bean instanceof SecurityContextHolderAwareRequestFilter )
{
((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix( "" );
}
return bean;
}
Example #6
| Source File: WebSecurityConfig.java From blog-sample with Apache License 2.0 | 5 votes |
|
/**
* 将 DefaultPermissionEvaluator 配置进 DefaultWebSecurityExpressionHandler 中
*/
@Bean
public DefaultWebSecurityExpressionHandler webSecurityExpressionHandler(){
DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();
handler.setPermissionEvaluator(new DefaultPermissionEvaluator());
return handler;
}
Example #7
| Source File: WebSecurityConfig.java From blog-sample with Apache License 2.0 | 5 votes |
|
/**
* 将 DefaultPermissionEvaluator 配置进 DefaultWebSecurityExpressionHandler 中
*/
@Bean
public DefaultWebSecurityExpressionHandler webSecurityExpressionHandler(){
DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();
handler.setPermissionEvaluator(new DefaultPermissionEvaluator());
return handler;
}
Example #8
| Source File: WebSecurityConfig.java From blog-sample with Apache License 2.0 | 5 votes |
|
/**
* 注入自定义PermissionEvaluator
*/
@Bean
public DefaultWebSecurityExpressionHandler webSecurityExpressionHandler() {
DefaultWebSecurityExpressionHandler handler = new DefaultWebSecurityExpressionHandler();
handler.setPermissionEvaluator(new CustomPermissionEvaluator());
return handler;
}
Example #9
| Source File: AclConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
/**
* JSP / Thymeleaf Permissions
*/
@Bean
public DefaultWebSecurityExpressionHandler webExpressionHandler(){
return new DefaultWebSecurityExpressionHandler(){{
setPermissionEvaluator(permissionEvaluator());
}};
}
Example #10
| Source File: AclConfig.java From Spring-Security-Third-Edition with MIT License | 5 votes |
|
/**
* JSP / Thymeleaf Permissions
*/
@Bean
public DefaultWebSecurityExpressionHandler webExpressionHandler(){
return new DefaultWebSecurityExpressionHandler(){{
setPermissionEvaluator(permissionEvaluator());
}};
}
Example #11
| Source File: SecurityConfiguration.java From SMSC with Apache License 2.0 | 5 votes |
|
/**
* Gets the {@link SecurityExpressionHandler} which is used for role hierarchy definition
*
* @return authenticationTokenFilter
*/
private SecurityExpressionHandler<FilterInvocation> expressionHandler() {
DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler();
defaultWebSecurityExpressionHandler.setRoleHierarchy(roleHierarchy());
return defaultWebSecurityExpressionHandler;
}
Example #12
| Source File: ConfigAwareSecurityMetadataSource.java From engine with GNU General Public License v3.0 | 5 votes |
|
@Override
@SuppressWarnings("unchecked")
public Collection<ConfigAttribute> getAttributes(final Object object) throws IllegalArgumentException {
Callback<SecurityMetadataSource> callback = () -> {
HierarchicalConfiguration siteConfig = ConfigUtils.getCurrentConfig();
if (siteConfig != null) {
List<HierarchicalConfiguration> restrictionsConfig = siteConfig.configurationsAt(URL_RESTRICTION_KEY);
if (CollectionUtils.isNotEmpty(restrictionsConfig)) {
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> map = new LinkedHashMap<>();
for (HierarchicalConfiguration restrictionConfig : restrictionsConfig) {
String url = restrictionConfig.getString(URL_RESTRICTION_URL_KEY);
String expression = restrictionConfig.getString(URL_RESTRICTION_EXPRESSION_KEY);
if (StringUtils.isNotEmpty(url) && StringUtils.isNotEmpty(expression)) {
AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);
map.put(matcher, singleton(new SecurityConfig(expression)));
}
}
return new ExpressionBasedFilterInvocationSecurityMetadataSource(map,
new DefaultWebSecurityExpressionHandler());
}
}
return new DefaultFilterInvocationSecurityMetadataSource(new LinkedHashMap<>());
};
SiteContext siteContext = SiteContext.getCurrent();
if (siteContext != null) {
SecurityMetadataSource metadataSource =
cacheTemplate.getObject(siteContext.getContext(), callback, URL_RESTRICTIONS_CACHE_KEY);
return metadataSource.getAttributes(object);
}
return null;
}
Example #13
| Source File: SecurityBeans.java From zhcet-web with Apache License 2.0 | 4 votes |
|
@Bean
protected DefaultWebSecurityExpressionHandler webExpressionHandler(RoleHierarchy roleHierarchy) {
DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler();
defaultWebSecurityExpressionHandler.setRoleHierarchy(roleHierarchy);
return defaultWebSecurityExpressionHandler;
}
Example #14
| Source File: WallRideSecurityConfiguration.java From wallride with Apache License 2.0 | 4 votes |
|
@Bean
public DefaultWebSecurityExpressionHandler webSecurityExpressionHandler() {
DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler();
defaultWebSecurityExpressionHandler.setRoleHierarchy(roleHierarchy());
return defaultWebSecurityExpressionHandler;
}
