本文整理匯總了Java中org.springframework.security.access.ConfigAttribute類的典型用法代碼示例。如果您正苦於以下問題:Java ConfigAttribute類的具體用法?Java ConfigAttribute怎麽用?Java ConfigAttribute使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
ConfigAttribute類屬於org.springframework.security.access包,在下文中一共展示了ConfigAttribute類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: decide
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes)
throws AccessDeniedException, InsufficientAuthenticationException {
//System.err.println(" ---------------MaxAccessDecisionManager decide--------------- ");
if(configAttributes == null) {
return;
}
//所請求的資源擁有的權限(一個資源對多個權限)
Iterator<ConfigAttribute> iterator = configAttributes.iterator();
while(iterator.hasNext()) {
ConfigAttribute configAttribute = iterator.next();
//訪問所請求資源所需要的權限
String needPermission = configAttribute.getAttribute();
//System.out.println("NEED-> "+needPermission);
//用戶所擁有的權限authentication
for(GrantedAuthority ga : authentication.getAuthorities()) {
//System.out.println("USER-> "+ga.getAuthority());
if(needPermission.equals(ga.getAuthority())) {
//System.out.println("pass");
return;
}
}
}
//沒有權限
throw new AccessDeniedException("Access Denide!");
}
示例2: decide
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if(null== configAttributes || configAttributes.size() <=0) {
return;
}
ConfigAttribute c;
String needRole;
for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
c = iter.next();
needRole = c.getAttribute();
for(GrantedAuthority ga : authentication.getAuthorities()) {
if(needRole.trim().equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("no right");
}
示例3: decide
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection)
throws AccessDeniedException, InsufficientAuthenticationException {
if (collection == null) {
return;
}
String needRole;
//遍曆需要的角色,如果一樣,則通過
CustomerUserDetail userDetail = (CustomerUserDetail) authentication.getPrincipal();
List<Role> userRoleList = securityService.getUserRoleList(userDetail.getUsername(), userDetail.getAccountType());
for (ConfigAttribute configAttribute : collection) {
needRole = configAttribute.getAttribute();
for (Role role : userRoleList) {
if (needRole.equals(role.getRoleCode())) {
return;
}
}
}
throw new AccessDeniedException("Cannot Access!");
}
示例4: getAttributes
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
String url = ((FilterInvocation) o).getRequestUrl();
logger.debug("request url is " + url);
if (resourceMap == null) {
resourceMap = loadResourceMatchAuthority();
}
for (String resURL : resourceMap.keySet()) {
if (pathMatcher.match(resURL, url)) {
return resourceMap.get(resURL);
}
}
return resourceMap.get(url);
}
示例5: vote
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
public int vote(Authentication authentication, Object object,
Collection<ConfigAttribute> configAttributes) {
int result = ACCESS_ABSTAIN;
for (ConfigAttribute configAttribute : configAttributes) {
if (this.supports(configAttribute)) {
result = ACCESS_DENIED;
String text = getPermission(configAttribute);
boolean authorized = permissionChecker.isAuthorized(text);
if (authorized) {
return ACCESS_GRANTED;
}
}
}
return result;
}
示例6: canCurrentUserAccessView
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
/**
* @param viewClass
* @return true si l'utilisateur peut accéder à la vue
*/
public boolean canCurrentUserAccessView(Class<? extends View> viewClass, Authentication auth) {
if (auth == null) {
return false;
}
MethodInvocation methodInvocation = MethodInvocationUtils.createFromClass(viewClass, "enter");
Collection<ConfigAttribute> configAttributes = methodSecurityInterceptor.obtainSecurityMetadataSource()
.getAttributes(methodInvocation);
/* Renvoie true si la vue n'est pas sécurisée */
if (configAttributes.isEmpty()) {
return true;
}
/* Vérifie que l'utilisateur a les droits requis */
try {
methodSecurityInterceptor.getAccessDecisionManager().decide(auth, methodInvocation, configAttributes);
} catch (InsufficientAuthenticationException | AccessDeniedException e) {
return false;
}
return true;
}
示例7: decide
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if(null== configAttributes || configAttributes.size() <=0) {
return;
}
ConfigAttribute c;
String needRole;
for(Iterator<ConfigAttribute> iter = configAttributes.iterator(); iter.hasNext(); ) {
c = iter.next();
needRole = c.getAttribute();
for(GrantedAuthority ga : authentication.getAuthorities()) {
if(needRole.trim().equals(ga.getAuthority())) {
return;
}
}
}
throw new AccessDeniedException("no right");
}
示例8: loadResourceDefine
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@PostConstruct
private void loadResourceDefine() {
//System.err.println(" ---------------MaxSecurityMetadataSource loadResourceDefine--------------- ");
if (resourceMap == null) {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
List<Resources> resources = authService.fetchAllResources();
for (Resources resource : resources) {
Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
Set<Role> roles = resource.getRoles();
for(Role r : roles) {
ConfigAttribute configAttribute = new SecurityConfig(r.getRoleKey());
configAttributes.add(configAttribute);
}
resourceMap.put(resource.getResUrl(), configAttributes);
}
}
}
示例9: decide
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection)
throws AccessDeniedException, InsufficientAuthenticationException {
if (collection == null) {
return;
}
String needRole;
//遍曆需要的角色,如果一樣,則通過,避免角色信息變了,從數據庫取
CustomerUserDetail userDetail = (CustomerUserDetail) authentication.getPrincipal();
List<Role> roleList = securityService.getUserRoleList(userDetail.getUsername(), userDetail.getAccountType());
for (ConfigAttribute configAttribute : collection) {
needRole = configAttribute.getAttribute();
for (Role aRoleList : roleList) {
if (aRoleList != null && needRole.equals(aRoleList.getRoleCode())) {
return;
}
}
}
throw new AccessDeniedException("Cannot Access!");
}
示例10: getAttributes
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
String url = ((FilterInvocation) o).getRequestUrl();
if (!url.contains("/js/") && !url.contains("/html/") && !url.contains("/css/") && !url.contains("/images/")) {
logger.debug("request url is " + url);
}
if (resourceMap == null) {
resourceMap = loadResourceMatchAuthority();
}
for (String resURL : resourceMap.keySet()) {
if (pathMatcher.match(resURL, url)) {
return resourceMap.get(resURL);
}
}
return resourceMap.get(url);
}
示例11: decide
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
if (configAttributes == null) {
return;
}
for (ConfigAttribute ca : configAttributes) {
String needRole = ca.getAttribute();
//ga 為用戶所被賦予的權限。 needRole 為訪問相應的資源應該具有的權限。
for (GrantedAuthority ga : authentication.getAuthorities()) {
if (needRole.trim().equals(ga.getAuthority().trim())) {
return;
}
}
}
throw new AccessDeniedException("沒有權限進行操作!");
}
示例12: RequestConfigMapping
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
public RequestConfigMapping(RequestMatcher matcher, Collection<ConfigAttribute> attributes) {
if (matcher == null) {
throw new IllegalArgumentException("matcher cannot be null");
}
Assert.notEmpty(attributes, "attributes cannot be null or emtpy");
this.matcher = matcher;
this.attributes = attributes;
}
示例13: filter
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
return exchange.getPrincipal()
.filter(p -> p instanceof Authentication)
.then( p-> Mono.just((Authentication) p))
.filter(authentication -> {
return authentication != null && authentication.isAuthenticated();
})
.then(authentication -> {
return source.getConfigAttributes(exchange).as( (Function<? super Flux<ConfigAttribute>, Mono<Boolean>>) a -> {
return accessDecisionManager.decide(authentication, exchange, a);
});
})
.filter(t -> t)
.otherwiseIfEmpty(Mono.defer(() -> {
return entryPoint.commence(exchange, new AuthenticationCredentialsNotFoundException("Not Found"));
}))
.then(sc -> {
return chain.filter(exchange);
});
}
示例14: decide
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
public Mono<Boolean> decide(Authentication authentication, Object object, Flux<ConfigAttribute> configAttributes) {
return Mono
.just(Tuples.of(authentication, object, configAttributes))
.publishOn(Schedulers.elastic())
.filter((Tuple3<Authentication, Object, Flux<ConfigAttribute>> t) -> {
Authentication auth = t.getT1();
return auth != null && auth.isAuthenticated();
})
.then((Function<Tuple3<Authentication, Object, Flux<ConfigAttribute>>, Mono<Boolean>>) t -> {
List<ConfigAttribute> attrs = new ArrayList<>();
t.getT3().toIterable().forEach(attrs::add);
try {
accessDecisionManager.decide(t.getT1(), t.getT2(), attrs);
return Mono.just(true);
} catch(AccessDeniedException fail) {
return Mono.just(false);
}
});
}
開發者ID:guilhebl,項目名稱:item-shop-reactive-backend,代碼行數:21,代碼來源:ReactiveAccessDecisionManagerAdapter.java
示例15: buildConfigAttributes
import org.springframework.security.access.ConfigAttribute; //導入依賴的package包/類
private void buildConfigAttributes(Role role,List<ConfigAttribute> list){
for(RoleMember member:role.getRoleMembers()){
SecurityConfigAttribute attribute=null;
if(member.getUser()!=null){
attribute=new SecurityConfigAttribute(AttributeType.user,member.isGranted(),role.getCompanyId());
attribute.setMember(member.getUser());
}
if(member.getDept()!=null){
attribute=new SecurityConfigAttribute(AttributeType.dept,member.isGranted(),role.getCompanyId());
attribute.setMember(member.getDept());
}
if(member.getPosition()!=null){
attribute=new SecurityConfigAttribute(AttributeType.position,member.isGranted(),role.getCompanyId());
attribute.setMember(member.getPosition());
}
if(member.getGroup()!=null){
attribute=new SecurityConfigAttribute(AttributeType.group,member.isGranted(),role.getCompanyId());
attribute.setMember(member.getGroup());
}
list.add(attribute);
}
}