本文整理汇总了Java中org.springframework.security.web.access.intercept.FilterSecurityInterceptor.setSecurityMetadataSource方法的典型用法代码示例。如果您正苦于以下问题:Java FilterSecurityInterceptor.setSecurityMetadataSource方法的具体用法?Java FilterSecurityInterceptor.setSecurityMetadataSource怎么用?Java FilterSecurityInterceptor.setSecurityMetadataSource使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.springframework.security.web.access.intercept.FilterSecurityInterceptor的用法示例。
在下文中一共展示了FilterSecurityInterceptor.setSecurityMetadataSource方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: initInterceptor
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; //导入方法依赖的package包/类
protected void initInterceptor(FilterSecurityInterceptor interceptor) {
FilterInvocationSecurityMetadataSource metaDatasource = interceptor.getSecurityMetadataSource();
if (metaDatasource == null) {
String msg = "Configuration error: FilterSecurityInterceptor bean "
+ "has not set an instance SecurityMetadataSource";
log.error(msg);
throw new RuntimeException(msg);
}
if (metaDatasource instanceof CibetFilterInvocationSecurityMetadataSource) {
return;
}
CibetFilterInvocationSecurityMetadataSource cibetDel = new CibetFilterInvocationSecurityMetadataSource(
metaDatasource);
interceptor.setSecurityMetadataSource(cibetDel);
log.debug("replace existing " + metaDatasource.getClass().getName()
+ " against CibetFilterInvocationSecurityMetadataSource");
}
示例2: beforeHttpNoMetadataSource
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; //导入方法依赖的package包/类
@Test
public void beforeHttpNoMetadataSource() {
log.debug("start beforeHttpNoMetadataSource");
ApplicationContext context = initContext("spring-context-http-Expression.xml");
SpringSecurityActuator act = new SpringSecurityActuator();
act.setUrlAccess("ROLE_USER");
HttpRequestData rdata = new HttpRequestData("http://localhost/dom", null, "http://localhost/dom");
HttpRequestResource resource = new HttpRequestResource("http://localhost/dom", "GET", rdata);
EventMetadata ctx = new EventMetadata(ControlEvent.INVOKE, resource);
FilterSecurityInterceptor interceptor = context.getBean(FilterSecurityInterceptor.class);
interceptor.setSecurityMetadataSource(null);
try {
act.beforeEvent(ctx);
Assert.fail();
} catch (Exception e) {
log.debug(e.getMessage(), e);
Assert.assertTrue(e.getMessage().startsWith("Configuration error: FilterSecurityInterceptor bean"));
}
}
示例3: getFilterSecurityInterceptor
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; //导入方法依赖的package包/类
/**
* Gets the filter security interceptor.
*
* @return the filter security interceptor
*/
@Bean(name = "fsi")
public FilterSecurityInterceptor getFilterSecurityInterceptor() {
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
interceptor.setAuthenticationManager(getProviderManager());
interceptor.setAccessDecisionManager(getAffirmativeBased());
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
requestMap.put(new AntPathRequestMatcher("/adm/**"),
SecurityConfig.createListFromCommaDelimitedString("ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/adm/restartvm.ajax"), SecurityConfig
.createListFromCommaDelimitedString("ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/sql/**"), SecurityConfig
.createListFromCommaDelimitedString("ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/app/**"),
SecurityConfig.createListFromCommaDelimitedString(
"ROLE_POWERUSER,ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
requestMap.put(new AntPathRequestMatcher("/**"),
SecurityConfig.createListFromCommaDelimitedString(
"ROLE_PROBEUSER,ROLE_POWERUSER,ROLE_POWERUSERPLUS,ROLE_MANAGER,ROLE_MANAGER-GUI"));
interceptor
.setSecurityMetadataSource(new DefaultFilterInvocationSecurityMetadataSource(requestMap));
return interceptor;
}
示例4: execute
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; //导入方法依赖的package包/类
public void execute(FilterSecurityInterceptor filterSecurityInterceptor,
Map<String, String> resourceMap) {
Assert.notNull(filterSecurityInterceptor);
Assert.notNull(resourceMap);
logger.info("refresh url resource");
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = null;
requestMap = new LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>();
for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
String key = entry.getKey();
String value = entry.getValue();
requestMap.put(new AntPathRequestMatcher(key),
SecurityConfig.createListFromCommaDelimitedString(value));
}
FilterInvocationSecurityMetadataSource source = new DefaultFilterInvocationSecurityMetadataSource(
requestMap);
filterSecurityInterceptor.setSecurityMetadataSource(source);
}
示例5: filterInvocationInterceptor
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; //导入方法依赖的package包/类
@Bean
public FilterSecurityInterceptor filterInvocationInterceptor(){
List<AccessDecisionVoter> vote = new ArrayList<AccessDecisionVoter>(Arrays.asList(new WebExpressionVoter()));
AffirmativeBased voters = new AffirmativeBased(vote);
voters.setAllowIfAllAbstainDecisions(false);
FilterSecurityInterceptor bean = new FilterSecurityInterceptor();
bean.setAuthenticationManager(authenticationManager());
bean.setAccessDecisionManager(voters);
bean.setSecurityMetadataSource(securityMetadataSource);
bean.setMessageSource(messageSource);
return bean;
}
示例6: refresh
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; //导入方法依赖的package包/类
/**
* Refresh.
*/
public void refresh() {
ApplicationContext ctx = WebApplicationContextUtils
.getRequiredWebApplicationContext(servletContext);
FilterInvocationSecurityMetadataSource fisms = (FilterInvocationSecurityMetadataSource) ctx
.getBean("securityMetadataSource");
// Get FilterSecurityInterceptor
FilterSecurityInterceptor fsi = (FilterSecurityInterceptor) ctx
.getBean("filterSecurityInterceptor");
// Set new SecurityMetadataSource to FilterSecurityInterceptor
fsi.setSecurityMetadataSource(fisms);
log.info(" SecurityMetadataSource updating ....");
}
示例7: addFilterSecurityInterceptor
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; //导入方法依赖的package包/类
private void addFilterSecurityInterceptor(List<Filter> filters, MotechURLSecurityRule securityRule) {
Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = new LinkedHashMap<>();
List<AccessDecisionVoter> voters = new ArrayList<>();
Collection<ConfigAttribute> configAtts = new ArrayList<>();
if (CollectionUtils.isEmpty(securityRule.getPermissionAccess()) && CollectionUtils.isEmpty(securityRule.getUserAccess())) {
configAtts.add(new SecurityConfig("IS_AUTHENTICATED_FULLY"));
AuthenticatedVoter authVoter = new AuthenticatedVoter();
voters.add(authVoter);
} else {
if (!CollectionUtils.isEmpty(securityRule.getPermissionAccess())) {
for (String permission : securityRule.getPermissionAccess()) {
configAtts.add(new SecurityConfig(permission));
}
}
if (!CollectionUtils.isEmpty(securityRule.getUserAccess())) {
for (String userAccess : securityRule.getUserAccess()) {
configAtts.add(new SecurityConfig(SecurityConfigConstants.USER_ACCESS_PREFIX + userAccess));
}
}
}
buildRequestMap(requestMap, configAtts, securityRule);
FilterInvocationSecurityMetadataSource metadataSource = new DefaultFilterInvocationSecurityMetadataSource((LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>>) requestMap);
FilterSecurityInterceptor interceptor = new FilterSecurityInterceptor();
interceptor.setSecurityMetadataSource(metadataSource);
RoleVoter roleVoter = new RoleVoter();
roleVoter.setRolePrefix(SecurityConfigConstants.ROLE_ACCESS_PREFIX);
voters.add(roleVoter);
voters.add(new MotechAccessVoter());
AccessDecisionManager decisionManager = new AffirmativeBased(voters);
interceptor.setAccessDecisionManager(decisionManager);
interceptor.setAuthenticationManager(authenticationManager);
filters.add(interceptor);
}