Esempi in Java per PreAuthorize

Linguaggio di programmazione: Java

Spazio dei nomi/nome del pacchetto: org.springframework.security.access.prepost

Classe/tipologia: PreAuthorize

Esempi su hotexamples.com: 2

PreAuthorize in Java: 2 esempi trovati. Questi sono i migliori esempi reali in Java per org.springframework.security.access.prepost.PreAuthorize, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Metodi utilizzati di frequente

Mostra Nascondi

value(2)

Esempio n. 1

Mostra file

File: ExtendedRequestMappingHanderMapping.java Progetto: saden1/spring-security-request-mapping

 @Override
 protected RequestCondition<?> getCustomMethodCondition(Method method) {
   AccessExpressionRequestCondition condition;
   RequestMappingSecurityExpressionHandler rmHandler =
       new RequestMappingSecurityExpressionHandler(handler);
   PreAuthorize preAuthorize = method.getAnnotation(PreAuthorize.class);
   if (preAuthorize != null) {
     condition = new AccessExpressionRequestCondition(preAuthorize.value(), rmHandler, true);
   } else {
     condition = new AccessExpressionRequestCondition(null, rmHandler, true);
   }
   rmHandler.setConditionId(condition.getId());
   return condition;
 }

Esempio n. 2

Mostra file

File: PreAuthorizeViewInstanceAccessControl.java Progetto: berndhopp/vaadin4spring

  @Override
  public boolean isAccessGranted(UI ui, String beanName, View view) {
    final PreAuthorize viewSecured =
        applicationContext.findAnnotationOnBean(beanName, PreAuthorize.class);

    if (viewSecured == null) {
      logger.trace("No @PreAuthorize annotation found on view {}. Granting access.", beanName);
      return true;
    } else if (security.hasAccessDecisionManager()) {
      final Class<?> targetClass = AopUtils.getTargetClass(view);
      final Method method =
          ClassUtils.getMethod(
              targetClass, "enter", com.vaadin.navigator.ViewChangeListener.ViewChangeEvent.class);
      final MethodInvocation methodInvocation =
          MethodInvocationUtils.createFromClass(targetClass, method.getName());

      final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
      final AccessDecisionManager accessDecisionManager = security.getAccessDecisionManager();
      final ExpressionBasedAnnotationAttributeFactory attributeFactory =
          new ExpressionBasedAnnotationAttributeFactory(
              new DefaultMethodSecurityExpressionHandler());

      final Collection<ConfigAttribute> attributes =
          Collections.singleton(
              (ConfigAttribute)
                  attributeFactory.createPreInvocationAttribute(null, null, viewSecured.value()));

      try {
        accessDecisionManager.decide(authentication, methodInvocation, attributes);
        logger.trace("Access to view {} was granted by access decision manager", beanName);
        return true;
      } catch (InsufficientAuthenticationException e) {
        logger.trace(
            "Access to view {} was denied because of insufficient authentication credentials",
            beanName);
        return false;
      } catch (AccessDeniedException e) {
        logger.trace("Access to view {} was denied", beanName);
        return false;
      }
    } else {
      logger.warn(
          "Found view {} annotated with @PreAuthorize but no access decision manager. Granting access.",
          beanName);
      return true;
    }
  }