本文整理汇总了Java中org.springframework.security.web.FilterInvocation类的典型用法代码示例。如果您正苦于以下问题:Java FilterInvocation类的具体用法?Java FilterInvocation怎么用?Java FilterInvocation使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
FilterInvocation类属于org.springframework.security.web包,在下文中一共展示了FilterInvocation类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getAttributes
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
@Override
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
String url = ((FilterInvocation) o).getRequestUrl();
logger.debug("request url is " + url);
if (resourceMap == null) {
resourceMap = loadResourceMatchAuthority();
}
for (String resURL : resourceMap.keySet()) {
if (pathMatcher.match(resURL, url)) {
return resourceMap.get(resURL);
}
}
return resourceMap.get(url);
}
示例2: getAttributes
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
@Override
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
String url = ((FilterInvocation) o).getRequestUrl();
if (!url.contains("/js/") && !url.contains("/html/") && !url.contains("/css/") && !url.contains("/images/")) {
logger.debug("request url is " + url);
}
if (resourceMap == null) {
resourceMap = loadResourceMatchAuthority();
}
for (String resURL : resourceMap.keySet()) {
if (pathMatcher.match(resURL, url)) {
return resourceMap.get(resURL);
}
}
return resourceMap.get(url);
}
示例3: getAttributes
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
@Override
public Collection<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException {
// ObjectΪһ��URL,���û������URL
String url = ((FilterInvocation)object).getRequestUrl();
//����
System.out.println("该用户请求的url为:" + url);
int firstQuestionMarkIndex = url.indexOf("?");
if(firstQuestionMarkIndex != -1){
url = url.substring(0, firstQuestionMarkIndex);
}
Iterator<String> ite = resourceMap.keySet().iterator();
while(ite.hasNext()){
String resultURL = ite.next();
if(urlMatcher.pathMatchesUrl(url, resultURL)){
//����
System.out.println("该url匹配的权限为:"+ resourceMap.get(resultURL));
return resourceMap.get(resultURL);
}
}
//����
//System.out.println("该url没有匹配的权限");
return null;
}
示例4: addSecurityConfig
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
private void addSecurityConfig(FilterInvocation filterInvocation, Collection<ConfigAttribute> guiConfigAttr,
String url, DisplayableValue<String>[] actions) {
AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);
if (!matcher.matches(filterInvocation.getRequest()) || actions == null) {
return;
}
for (DisplayableValue<String> action : actions) {
String actionUri = action.getValue();
if (StringUtils.isBlank(actionUri)) {
continue;
}
//all users has permission to access these resources
if (action.equals(AuthorizationConstants.AUTZ_UI_PERMIT_ALL_URL)) {
return;
}
SecurityConfig config = new SecurityConfig(actionUri);
if (!guiConfigAttr.contains(config)) {
guiConfigAttr.add(config);
}
}
}
示例5: getAttributes
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
/**
* 根据路径获取访问权限的集合接口
*
* @param object
* @return
* @throws IllegalArgumentException
*/
@Override
public Collection<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException {
HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
List<ConfigAttribute> attrs = new ArrayList<>();
try {
List<Permission> permissions = permissionService.findAll();
for (Permission p : permissions) {
AntPathRequestMatcher matcher = new AntPathRequestMatcher(p.getUrl());
if (matcher.matches(request)) {
attrs.add(new SecurityConfig(p.getCode()));
}
}
} catch (ExecutionException e) {
e.printStackTrace();
}
return attrs;
}
示例6: decide
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
@Override
public void decide(FilterInvocation invocation, Collection<ConfigAttribute> config) throws IOException, ServletException {
if ((invocation == null) || (config == null)) {
throw new IllegalArgumentException("Nulls cannot be provided");
}
for (ConfigAttribute attribute : config) {
if (supports(attribute)) {
if (invocation.getHttpRequest().getHeader("X-Forwarded-Proto") != null
&& "https".equalsIgnoreCase(invocation.getHttpRequest().getHeader("X-Forwarded-Proto"))) {
//We can't rely entirely on "!invocation.getHttpRequest().isSecure()" because many times,
//when SSL terminates somewhere else, the proxied request will not be secure.
//In this case, someone may have gone to a secured page, and then tried to go back to an unsecured page.
getEntryPoint().commence(invocation.getRequest(), invocation.getResponse());
} else if (invocation.getHttpRequest().getHeader("X-Forwarded-Proto") != null
&& "http".equalsIgnoreCase(invocation.getHttpRequest().getHeader("X-Forwarded-Proto"))) {
return;
} else if (!invocation.getHttpRequest().isSecure()) {
return;
} else {
getEntryPoint().commence(invocation.getRequest(), invocation.getResponse());
}
}
}
}
示例7: decide
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
@Override
public void decide(FilterInvocation invocation, Collection<ConfigAttribute> config) throws IOException, ServletException {
Assert.isTrue((invocation != null) && (config != null), "Nulls cannot be provided");
for (ConfigAttribute attribute : config) {
if (supports(attribute)) {
if (invocation.getHttpRequest().getHeader("X-Forwarded-Proto") != null
&& "https".equalsIgnoreCase(invocation.getHttpRequest().getHeader("X-Forwarded-Proto"))) {
return;
} else if (invocation.getHttpRequest().isSecure()) {
return;
} else {
getEntryPoint().commence(invocation.getRequest(), invocation.getResponse());
}
}
}
}
示例8: vote
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
public int vote(Authentication authentication, FilterInvocation fi,
Collection<ConfigAttribute> attributes) {
assert authentication != null;
assert fi != null;
assert attributes != null;
CodeSecurityConfig codeConfig = findConfigAttribute(attributes);
if (codeConfig == null) {
return ACCESS_ABSTAIN;
}
EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication,
fi);
return ExpressionUtils.evaluateAsBoolean(codeConfig.getAuthorizeExpression(), ctx) ? ACCESS_GRANTED
: ACCESS_DENIED;
}
示例9: getAttributes
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
// object是一个URL,被用户请求的url
String requestUrl = ((FilterInvocation) object).getRequestUrl();
System.out.println("requestUrl is " + requestUrl);
int firstQuestionMarkIndex = requestUrl.indexOf("?");
if (firstQuestionMarkIndex != -1) {
requestUrl = requestUrl.substring(0, firstQuestionMarkIndex);
}
if (resourceMap == null) {
loadResourceDefine();
}
//
Iterator<String> ite = resourceMap.keySet().iterator();
while (ite.hasNext()) {
String resURL = ite.next();
if (resURL.equals(requestUrl)) {
return resourceMap.get(resURL);
}
}
return null;
}
示例10: createConfigAttribute
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
private String createConfigAttribute(Authentication authentication, Object object) {
try{
FilterInvocation fi = (FilterInvocation)object;
if(fi.getHttpRequest() == null || fi.getHttpResponse() == null){
return NavigationAccessor.DEFAULT_ACCESS;
}
Navigation navigation = navigationFactory.resolveNavigation(fi.getHttpRequest());
NavigationAccessor accessor = new NavigationAccessor(authentication, fi);
navigation.travel(accessor);
fi.getHttpRequest().setAttribute(Navigation.OBJECT_NAME, navigation);
return accessor.getAttribute();
}catch(Exception e){
logger.warn("createConfigAttribute : ", e);
return NavigationAccessor.DEFAULT_ACCESS;
}
}
示例11: vote
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
public int vote(Authentication authentication, FilterInvocation fi, Collection<ConfigAttribute> attributes) {
assert authentication != null;
assert fi != null;
assert attributes != null;
AuthorityAttribute attr = findAccessAttribute(attributes);
if (attr == null) {
return ACCESS_ABSTAIN;
}
AuthorityExpressionRoot sec = new AuthorityExpressionRoot(authentication, fi);
int vote = sec.evaluateAsBoolean(attr) ? ACCESS_GRANTED : ACCESS_DENIED;
return vote;
}
示例12: addSecurityConfig
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
private void addSecurityConfig(FilterInvocation filterInvocation, List<String> requiredActions,
String url, DisplayableValue<String>[] actions) {
AntPathRequestMatcher matcher = new AntPathRequestMatcher(url);
if (!matcher.matches(filterInvocation.getRequest()) || actions == null) {
return;
}
for (DisplayableValue<String> action : actions) {
String actionUri = action.getValue();
if (StringUtils.isBlank(actionUri)) {
continue;
}
if (!requiredActions.contains(actionUri)) {
requiredActions.add(actionUri);
}
}
}
示例13: invoke
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
public void invoke(FilterInvocation fi) throws IOException,
ServletException {
if ((fi.getRequest() != null) && (fi.getRequest().getAttribute(FILTER_APPLIED) != null) && observeOncePerRequest) {
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
} else {
if (fi.getRequest() != null) {
fi.getRequest().setAttribute(FILTER_APPLIED, Boolean.TRUE);
}
InterceptorStatusToken token = super.beforeInvocation(fi);
try {
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
} finally {
super.finallyInvocation(token);
}
super.afterInvocation(token, null);
}
}
示例14: vote
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
@Override
public int vote(Authentication authentication, FilterInvocation filterInvocation,
Collection<ConfigAttribute> attributes)
{
String requestUrl = filterInvocation.getRequestUrl();
Matcher pluginMatcher = PATTERN_PLUGINID.matcher(requestUrl);
if (pluginMatcher.matches())
{
String pluginId = pluginMatcher.group(1);
return getMolgenisPermissionService().hasPermissionOnPlugin(pluginId,
Permission.READ) ? ACCESS_GRANTED : ACCESS_DENIED;
}
Matcher menuMatcher = PATTERN_MENUID.matcher(requestUrl);
if (menuMatcher.matches())
{
String menuId = menuMatcher.group(1);
UiMenu menu = getMolgenisUi().getMenu(menuId);
return menu != null ? ACCESS_GRANTED : ACCESS_DENIED;
}
return ACCESS_DENIED;
}
示例15: invoke
import org.springframework.security.web.FilterInvocation; //导入依赖的package包/类
private void invoke(FilterInvocation fi) throws IOException, ServletException {
InterceptorStatusToken token = super.beforeInvocation(fi);
try {
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
} catch (Exception e) {
logger.error(e.getMessage());
} finally {
super.afterInvocation(token, null);
}
}