下面列出了org.springframework.context.annotation.Description#org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if(bean instanceof Jsr250MethodSecurityMetadataSource) {
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultMethodSecurityExpressionHandler) {
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultWebSecurityExpressionHandler) {
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof SecurityContextHolderAwareRequestFilter) {
((SecurityContextHolderAwareRequestFilter)bean).setRolePrefix(ROLE_PREFIX);
}
return bean;
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if(bean instanceof Jsr250MethodSecurityMetadataSource) {
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultMethodSecurityExpressionHandler) {
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof DefaultWebSecurityExpressionHandler) {
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(ROLE_PREFIX);
}
if(bean instanceof SecurityContextHolderAwareRequestFilter) {
((SecurityContextHolderAwareRequestFilter)bean).setRolePrefix(ROLE_PREFIX);
}
return bean;
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
// remove this if you are not using JSR-250
if (bean instanceof Jsr250MethodSecurityMetadataSource) {
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix(this.rolePrefix);
}
if (bean instanceof DefaultMethodSecurityExpressionHandler) {
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix);
}
if (bean instanceof DefaultWebSecurityExpressionHandler) {
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix(this.rolePrefix);
}
if (bean instanceof SecurityContextHolderAwareRequestFilter) {
((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix(this.rolePrefix);
}
return bean;
}
@Override
public Object postProcessAfterInitialization( Object bean, String beanName )
throws BeansException
{
if ( bean instanceof Jsr250MethodSecurityMetadataSource )
{
((Jsr250MethodSecurityMetadataSource) bean).setDefaultRolePrefix( null );
}
if ( bean instanceof DefaultMethodSecurityExpressionHandler )
{
((DefaultMethodSecurityExpressionHandler) bean).setDefaultRolePrefix( null );
}
if ( bean instanceof DefaultWebSecurityExpressionHandler )
{
((DefaultWebSecurityExpressionHandler) bean).setDefaultRolePrefix( null );
}
if ( bean instanceof SecurityContextHolderAwareRequestFilter )
{
((SecurityContextHolderAwareRequestFilter) bean).setRolePrefix( "" );
}
return bean;
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if (bean instanceof DefaultMethodSecurityExpressionHandler
&& !(bean instanceof OAuth2MethodSecurityExpressionHandler)) {
return getExpressionHandler((DefaultMethodSecurityExpressionHandler) bean);
}
return bean;
}
private OAuth2MethodSecurityExpressionHandler getExpressionHandler(
DefaultMethodSecurityExpressionHandler bean) {
OAuth2MethodSecurityExpressionHandler handler = new OAuth2MethodSecurityExpressionHandler();
handler.setApplicationContext(this.applicationContext);
AuthenticationTrustResolver trustResolver = findInContext(AuthenticationTrustResolver.class);
if (trustResolver != null) {
handler.setTrustResolver(trustResolver);
}
handler.setExpressionParser(bean.getExpressionParser());
return handler;
}
@Bean
public DefaultMethodSecurityExpressionHandler expressionHandler(){
DefaultMethodSecurityExpressionHandler dmseh = new DefaultMethodSecurityExpressionHandler();
dmseh.setPermissionEvaluator(permissionEvaluator());
dmseh.setPermissionCacheOptimizer(permissionCacheOptimizer());
return dmseh;
}
@Bean
public DefaultMethodSecurityExpressionHandler expressionHandler(){
DefaultMethodSecurityExpressionHandler dmseh = new DefaultMethodSecurityExpressionHandler();
dmseh.setPermissionEvaluator(permissionEvaluator());
dmseh.setPermissionCacheOptimizer(permissionCacheOptimizer());
return dmseh;
}
@Bean
public DefaultMethodSecurityExpressionHandler expressionHandler(){
DefaultMethodSecurityExpressionHandler dmseh = new DefaultMethodSecurityExpressionHandler();
dmseh.setPermissionEvaluator(permissionEvaluator());
dmseh.setPermissionCacheOptimizer(permissionCacheOptimizer());
return dmseh;
}
@Bean
public DefaultMethodSecurityExpressionHandler expressionHandler(){
DefaultMethodSecurityExpressionHandler dmseh = new DefaultMethodSecurityExpressionHandler();
dmseh.setPermissionEvaluator(permissionEvaluator());
dmseh.setPermissionCacheOptimizer(permissionCacheOptimizer());
return dmseh;
}
@Bean
public DefaultMethodSecurityExpressionHandler expressionHandler(){
DefaultMethodSecurityExpressionHandler dmseh = new DefaultMethodSecurityExpressionHandler();
dmseh.setPermissionEvaluator(permissionEvaluator());
dmseh.setPermissionCacheOptimizer(permissionCacheOptimizer());
return dmseh;
}
@Description("DefaultMethodSecurityExpressionHandler")
@Bean
public DefaultMethodSecurityExpressionHandler defaultExpressionHandler(EventDao eventDao){
DefaultMethodSecurityExpressionHandler deh = new DefaultMethodSecurityExpressionHandler();
deh.setPermissionEvaluator(
new CalendarPermissionEvaluator(eventDao));
return deh;
}
@Description("DefaultMethodSecurityExpressionHandler")
@Bean
public DefaultMethodSecurityExpressionHandler defaultExpressionHandler(EventDao eventDao){
DefaultMethodSecurityExpressionHandler deh = new DefaultMethodSecurityExpressionHandler();
deh.setPermissionEvaluator(
new CalendarPermissionEvaluator(eventDao));
return deh;
}
@Description("DefaultMethodSecurityExpressionHandler")
@Bean
public DefaultMethodSecurityExpressionHandler defaultExpressionHandler(EventDao eventDao){
DefaultMethodSecurityExpressionHandler deh = new DefaultMethodSecurityExpressionHandler();
deh.setPermissionEvaluator(
new CalendarPermissionEvaluator(eventDao));
return deh;
}
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler =
new DefaultMethodSecurityExpressionHandler();
expressionHandler.setPermissionEvaluator(platformPermissionEvaluator);
return expressionHandler;
}
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
// expressionHandler.setPermissionEvaluator(permissionEvaluator());
expressionHandler.setRoleHierarchy(roleHierarchy());
return expressionHandler;
}
@Override
public boolean isAccessGranted(String beanName, UI ui) {
final PreAuthorize viewSecured = applicationContext.findAnnotationOnBean(beanName, PreAuthorize.class);
if (viewSecured != null) {
final Class<?> targetClass = AopUtils.getTargetClass(applicationContext.getBean(beanName));
final Method method = ClassUtils.getMethod(AopUtils.getTargetClass(applicationContext.getBean(beanName)), "enter", com.vaadin.navigator.ViewChangeListener.ViewChangeEvent.class);
final MethodInvocation methodInvocation = MethodInvocationUtils.createFromClass(targetClass, method.getName());
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
final AccessDecisionManager accessDecisionManager = applicationContext.getBean(AccessDecisionManager.class);
final ExpressionBasedAnnotationAttributeFactory attributeFactory = new ExpressionBasedAnnotationAttributeFactory(new DefaultMethodSecurityExpressionHandler());
Collection<ConfigAttribute> atributi = new ArrayList<ConfigAttribute>();
atributi.add(attributeFactory.createPreInvocationAttribute(null, null, viewSecured.value()));
try {
accessDecisionManager.decide(authentication, methodInvocation, atributi);
return true;
} catch (AccessDeniedException | InsufficientAuthenticationException ex) {
return false;
}
} else {
return true;
}
}
@Bean
public MethodSecurityExpressionHandler defaultMethodSecurityExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
AclPermissionEvaluator permissionEvaluator = new AclPermissionEvaluator(aclService());
expressionHandler.setPermissionEvaluator(permissionEvaluator);
expressionHandler.setPermissionCacheOptimizer(new AclPermissionCacheOptimizer(aclService()));
return expressionHandler;
}
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler result = new DefaultMethodSecurityExpressionHandler();
result.setPermissionEvaluator(permissionEvaluator);
return result;
}
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
expressionHandler.setPermissionEvaluator(tenantBasedPermissionEvaluator);
return expressionHandler;
}
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
expressionHandler.setPermissionEvaluator(tenantBasedPermissionEvaluator);
return expressionHandler;
}