Java ConfigAttribute.getAttribute Examples

Programming Language: Java

Namespace/Package Name: org.springframework.security.access

Class/Type: ConfigAttribute

Method/Function: getAttribute

Examples at hotexamples.com: 3

Java ConfigAttribute.getAttribute - 3 examples found. These are the top rated real world Java examples of org.springframework.security.access.ConfigAttribute.getAttribute extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

getAttribute(3)

toString(1)

Example #1

Show file

File: DenyVoter.java Project: rohangtr/spring-security

 public boolean supports(ConfigAttribute attribute) {
   if ("DENY_FOR_SURE".equals(attribute.getAttribute())) {
     return true;
   } else {
     return false;
   }
 }

Example #2

Show file

File: SecurityAccessDecisionManager.java Project: kuangzhiqin/justice

  @Override
  public void decide(
      Authentication authentication, Object object, Collection<ConfigAttribute> attributes)
      throws AccessDeniedException, InsufficientAuthenticationException {
    if (attributes == null || attributes.isEmpty()) {
      return;
    }

    StringBuilder builder = new StringBuilder();
    for (ConfigAttribute attribute : attributes) {
      builder.append(attribute.getAttribute()).append(" ");
    }

    this.logger.debug("检查权限：" + builder.toString());

    if (authentication == null) {
      this.logger.warn("访问受限：" + builder.toString());

      throw new AccessDeniedException("访问受限：" + builder.toString());
    }
    // 所请求的资源拥有的权限(一个资源对多个权限)
    Iterator<ConfigAttribute> iterator = attributes.iterator();
    while (iterator.hasNext()) {
      ConfigAttribute configAttribute = iterator.next();
      // 访问所请求资源所需要的权限
      String requestURL = configAttribute.getAttribute();
      // 如果未定义的URL，所有登录用户默认拥有权限
      if (!this.privilegeProvider.isPrivilegeDefined(requestURL)) {
        this.logger.debug("未定义权限的URL，默认所有登录用户拥有访问权限：" + builder.toString());
        return;
      }
      // 用户所拥有的权限authentication
      for (GrantedAuthority ga : authentication.getAuthorities()) {
        if (requestURL.equals(ga.getAuthority())) {
          return;
        }
      }
    }

    // 没有权限
    this.logger.warn("访问受限：" + builder.toString());
    throw new AccessDeniedException("访问受限：" + builder.toString());
  }

Example #3

Show file

File: MyAccessDecisionManager.java Project: witewiki/SZGAS

 public void decide(
     Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes)
     throws AccessDeniedException, InsufficientAuthenticationException {
   if (configAttributes == null) {
     return;
   }
   // 所请求的资源拥有的权限(一个资源对多个权限)
   Iterator<ConfigAttribute> iterator = configAttributes.iterator();
   while (iterator.hasNext()) {
     ConfigAttribute configAttribute = iterator.next();
     // 访问所请求资源所需要的权限
     String needPermission = configAttribute.getAttribute();
     // 用户所拥有的权限authentication
     for (GrantedAuthority ga : authentication.getAuthorities()) {
       if (needPermission.equals(ga.getAuthority())) {
         return;
       }
     }
   }
   // 没有权限
   throw new AccessDeniedException(" 没有权限访问！ ");
 }