List of usage examples for org.springframework.beans.factory.xml ParserContext extractSource
@Nullable
public Object extractSource(Object sourceCandidate)
From source file:org.springframework.security.config.ldap.LdapServerBeanDefinitionParser.java
public BeanDefinition parse(Element elt, ParserContext parserContext) { String url = elt.getAttribute(ATT_URL); RootBeanDefinition contextSource;/*from w w w .j a v a 2 s.c o m*/ if (!StringUtils.hasText(url)) { contextSource = createEmbeddedServer(elt, parserContext); } else { contextSource = new RootBeanDefinition(); contextSource.setBeanClassName(CONTEXT_SOURCE_CLASS); contextSource.getConstructorArgumentValues().addIndexedArgumentValue(0, url); } contextSource.setSource(parserContext.extractSource(elt)); String managerDn = elt.getAttribute(ATT_PRINCIPAL); String managerPassword = elt.getAttribute(ATT_PASSWORD); if (StringUtils.hasText(managerDn)) { if (!StringUtils.hasText(managerPassword)) { parserContext.getReaderContext() .error("You must specify the " + ATT_PASSWORD + " if you supply a " + managerDn, elt); } contextSource.getPropertyValues().addPropertyValue("userDn", managerDn); contextSource.getPropertyValues().addPropertyValue("password", managerPassword); } String id = elt.getAttribute(AbstractBeanDefinitionParser.ID_ATTRIBUTE); String contextSourceId = StringUtils.hasText(id) ? id : BeanIds.CONTEXT_SOURCE; parserContext.getRegistry().registerBeanDefinition(contextSourceId, contextSource); return null; }
From source file:org.springframework.security.config.ldap.LdapServerBeanDefinitionParser.java
/** * Will be called if no url attribute is supplied. * * Registers beans to create an embedded apache directory server. * * @return the BeanDefinition for the ContextSource for the embedded server. * * @see ApacheDSContainer/* w w w. j a v a 2 s .co m*/ */ private RootBeanDefinition createEmbeddedServer(Element element, ParserContext parserContext) { Object source = parserContext.extractSource(element); String suffix = element.getAttribute(ATT_ROOT_SUFFIX); if (!StringUtils.hasText(suffix)) { suffix = OPT_DEFAULT_ROOT_SUFFIX; } String port = element.getAttribute(ATT_PORT); if (!StringUtils.hasText(port)) { port = getDefaultPort(); if (logger.isDebugEnabled()) { logger.debug("Using default port of " + port); } } String url = "ldap://127.0.0.1:" + port + "/" + suffix; BeanDefinitionBuilder contextSource = BeanDefinitionBuilder.rootBeanDefinition(CONTEXT_SOURCE_CLASS); contextSource.addConstructorArgValue(url); contextSource.addPropertyValue("userDn", "uid=admin,ou=system"); contextSource.addPropertyValue("password", "secret"); RootBeanDefinition apacheContainer = new RootBeanDefinition( "org.springframework.security.ldap.server.ApacheDSContainer", null, null); apacheContainer.setSource(source); apacheContainer.getConstructorArgumentValues().addGenericArgumentValue(suffix); String ldifs = element.getAttribute(ATT_LDIF_FILE); if (!StringUtils.hasText(ldifs)) { ldifs = OPT_DEFAULT_LDIF_FILE; } apacheContainer.getConstructorArgumentValues().addGenericArgumentValue(ldifs); apacheContainer.getPropertyValues().addPropertyValue("port", port); logger.info("Embedded LDAP server bean definition created for URL: " + url); if (parserContext.getRegistry().containsBeanDefinition(BeanIds.EMBEDDED_APACHE_DS)) { parserContext.getReaderContext() .error("Only one embedded server bean is allowed per application context", element); } parserContext.getRegistry().registerBeanDefinition(BeanIds.EMBEDDED_APACHE_DS, apacheContainer); return (RootBeanDefinition) contextSource.getBeanDefinition(); }
From source file:org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser.java
public BeanDefinition parse(Element element, ParserContext pc) { CompositeComponentDefinition compositeDef = new CompositeComponentDefinition(element.getTagName(), pc.extractSource(element)); pc.pushContainingComponent(compositeDef); Object source = pc.extractSource(element); // The list of method metadata delegates ManagedList<BeanMetadataElement> delegates = new ManagedList<>(); boolean jsr250Enabled = "enabled".equals(element.getAttribute(ATT_USE_JSR250)); boolean useSecured = "enabled".equals(element.getAttribute(ATT_USE_SECURED)); boolean prePostAnnotationsEnabled = "enabled".equals(element.getAttribute(ATT_USE_PREPOST)); boolean useAspectJ = "aspectj".equals(element.getAttribute(ATT_MODE)); BeanDefinition preInvocationVoter = null; ManagedList<BeanMetadataElement> afterInvocationProviders = new ManagedList<>(); // Check for an external SecurityMetadataSource, which takes priority over other // sources//from www. j a v a 2s.c o m String metaDataSourceId = element.getAttribute(ATT_META_DATA_SOURCE_REF); if (StringUtils.hasText(metaDataSourceId)) { delegates.add(new RuntimeBeanReference(metaDataSourceId)); } if (prePostAnnotationsEnabled) { Element prePostElt = DomUtils.getChildElementByTagName(element, INVOCATION_HANDLING); Element expressionHandlerElt = DomUtils.getChildElementByTagName(element, EXPRESSION_HANDLER); if (prePostElt != null && expressionHandlerElt != null) { pc.getReaderContext().error( INVOCATION_HANDLING + " and " + EXPRESSION_HANDLER + " cannot be used together ", source); } BeanDefinitionBuilder preInvocationVoterBldr = BeanDefinitionBuilder .rootBeanDefinition(PreInvocationAuthorizationAdviceVoter.class); // After-invocation provider to handle post-invocation filtering and // authorization expression annotations. BeanDefinitionBuilder afterInvocationBldr = BeanDefinitionBuilder .rootBeanDefinition(PostInvocationAdviceProvider.class); // The metadata source for the security interceptor BeanDefinitionBuilder mds = BeanDefinitionBuilder .rootBeanDefinition(PrePostAnnotationSecurityMetadataSource.class); if (prePostElt != null) { // Customized override of expression handling system String attributeFactoryRef = DomUtils .getChildElementByTagName(prePostElt, INVOCATION_ATTRIBUTE_FACTORY).getAttribute("ref"); String preAdviceRef = DomUtils.getChildElementByTagName(prePostElt, PRE_INVOCATION_ADVICE) .getAttribute("ref"); String postAdviceRef = DomUtils.getChildElementByTagName(prePostElt, POST_INVOCATION_ADVICE) .getAttribute("ref"); mds.addConstructorArgReference(attributeFactoryRef); preInvocationVoterBldr.addConstructorArgReference(preAdviceRef); afterInvocationBldr.addConstructorArgReference(postAdviceRef); } else { // The default expression-based system String expressionHandlerRef = expressionHandlerElt == null ? null : expressionHandlerElt.getAttribute("ref"); if (StringUtils.hasText(expressionHandlerRef)) { logger.info( "Using bean '" + expressionHandlerRef + "' as method ExpressionHandler implementation"); RootBeanDefinition lazyInitPP = new RootBeanDefinition( LazyInitBeanDefinitionRegistryPostProcessor.class); lazyInitPP.getConstructorArgumentValues().addGenericArgumentValue(expressionHandlerRef); pc.getReaderContext().registerWithGeneratedName(lazyInitPP); BeanDefinitionBuilder lazyMethodSecurityExpressionHandlerBldr = BeanDefinitionBuilder .rootBeanDefinition(LazyInitTargetSource.class); lazyMethodSecurityExpressionHandlerBldr.addPropertyValue("targetBeanName", expressionHandlerRef); BeanDefinitionBuilder expressionHandlerProxyBldr = BeanDefinitionBuilder .rootBeanDefinition(ProxyFactoryBean.class); expressionHandlerProxyBldr.addPropertyValue("targetSource", lazyMethodSecurityExpressionHandlerBldr.getBeanDefinition()); expressionHandlerProxyBldr.addPropertyValue("proxyInterfaces", MethodSecurityExpressionHandler.class); expressionHandlerRef = pc.getReaderContext() .generateBeanName(expressionHandlerProxyBldr.getBeanDefinition()); pc.registerBeanComponent(new BeanComponentDefinition( expressionHandlerProxyBldr.getBeanDefinition(), expressionHandlerRef)); } else { RootBeanDefinition expressionHandler = registerWithDefaultRolePrefix(pc, DefaultMethodSecurityExpressionHandlerBeanFactory.class); expressionHandlerRef = pc.getReaderContext().generateBeanName(expressionHandler); pc.registerBeanComponent(new BeanComponentDefinition(expressionHandler, expressionHandlerRef)); logger.info( "Expressions were enabled for method security but no SecurityExpressionHandler was configured. " + "All hasPermision() expressions will evaluate to false."); } BeanDefinitionBuilder expressionPreAdviceBldr = BeanDefinitionBuilder .rootBeanDefinition(ExpressionBasedPreInvocationAdvice.class); expressionPreAdviceBldr.addPropertyReference("expressionHandler", expressionHandlerRef); preInvocationVoterBldr.addConstructorArgValue(expressionPreAdviceBldr.getBeanDefinition()); BeanDefinitionBuilder expressionPostAdviceBldr = BeanDefinitionBuilder .rootBeanDefinition(ExpressionBasedPostInvocationAdvice.class); expressionPostAdviceBldr.addConstructorArgReference(expressionHandlerRef); afterInvocationBldr.addConstructorArgValue(expressionPostAdviceBldr.getBeanDefinition()); BeanDefinitionBuilder annotationInvocationFactory = BeanDefinitionBuilder .rootBeanDefinition(ExpressionBasedAnnotationAttributeFactory.class); annotationInvocationFactory.addConstructorArgReference(expressionHandlerRef); mds.addConstructorArgValue(annotationInvocationFactory.getBeanDefinition()); } preInvocationVoter = preInvocationVoterBldr.getBeanDefinition(); afterInvocationProviders.add(afterInvocationBldr.getBeanDefinition()); delegates.add(mds.getBeanDefinition()); } if (useSecured) { delegates.add(BeanDefinitionBuilder.rootBeanDefinition(SecuredAnnotationSecurityMetadataSource.class) .getBeanDefinition()); } if (jsr250Enabled) { RootBeanDefinition jsrMetadataSource = registerWithDefaultRolePrefix(pc, Jsr250MethodSecurityMetadataSourceBeanFactory.class); delegates.add(jsrMetadataSource); } // Now create a Map<String, ConfigAttribute> for each <protect-pointcut> // sub-element Map<String, List<ConfigAttribute>> pointcutMap = parseProtectPointcuts(pc, DomUtils.getChildElementsByTagName(element, PROTECT_POINTCUT)); if (pointcutMap.size() > 0) { if (useAspectJ) { pc.getReaderContext().error("You can't use AspectJ mode with protect-pointcut definitions", source); } // Only add it if there are actually any pointcuts defined. BeanDefinition mapBasedMetadataSource = new RootBeanDefinition( MapBasedMethodSecurityMetadataSource.class); BeanReference ref = new RuntimeBeanReference( pc.getReaderContext().generateBeanName(mapBasedMetadataSource)); delegates.add(ref); pc.registerBeanComponent(new BeanComponentDefinition(mapBasedMetadataSource, ref.getBeanName())); registerProtectPointcutPostProcessor(pc, pointcutMap, ref, source); } BeanReference metadataSource = registerDelegatingMethodSecurityMetadataSource(pc, delegates, source); // Check for additional after-invocation-providers.. List<Element> afterInvocationElts = DomUtils.getChildElementsByTagName(element, Elements.AFTER_INVOCATION_PROVIDER); for (Element elt : afterInvocationElts) { afterInvocationProviders.add(new RuntimeBeanReference(elt.getAttribute(ATT_REF))); } String accessManagerId = element.getAttribute(ATT_ACCESS_MGR); if (!StringUtils.hasText(accessManagerId)) { accessManagerId = registerAccessManager(pc, jsr250Enabled, preInvocationVoter); } String authMgrRef = element.getAttribute(ATT_AUTHENTICATION_MANAGER_REF); String runAsManagerId = element.getAttribute(ATT_RUN_AS_MGR); BeanReference interceptor = registerMethodSecurityInterceptor(pc, authMgrRef, accessManagerId, runAsManagerId, metadataSource, afterInvocationProviders, source, useAspectJ); if (useAspectJ) { BeanDefinitionBuilder aspect = BeanDefinitionBuilder.rootBeanDefinition( "org.springframework.security.access.intercept.aspectj.aspect.AnnotationSecurityAspect"); aspect.setFactoryMethod("aspectOf"); aspect.setRole(BeanDefinition.ROLE_INFRASTRUCTURE); aspect.addPropertyValue("securityInterceptor", interceptor); String id = pc.getReaderContext().registerWithGeneratedName(aspect.getBeanDefinition()); pc.registerBeanComponent(new BeanComponentDefinition(aspect.getBeanDefinition(), id)); } else { registerAdvisor(pc, interceptor, metadataSource, source, element.getAttribute(ATT_ADVICE_ORDER)); AopNamespaceUtils.registerAutoProxyCreatorIfNecessary(pc, element); } pc.popAndRegisterContainingComponent(); return null; }
From source file:org.springframework.security.config.method.GlobalMethodSecurityBeanDefinitionParser.java
private Map<String, List<ConfigAttribute>> parseProtectPointcuts(ParserContext parserContext, List<Element> protectPointcutElts) { Map<String, List<ConfigAttribute>> pointcutMap = new LinkedHashMap<String, List<ConfigAttribute>>(); for (Element childElt : protectPointcutElts) { String accessConfig = childElt.getAttribute(ATT_ACCESS); String expression = childElt.getAttribute(ATT_EXPRESSION); if (!StringUtils.hasText(accessConfig)) { parserContext.getReaderContext().error("Access configuration required", parserContext.extractSource(childElt)); }/*from w ww .j av a 2 s. c o m*/ if (!StringUtils.hasText(expression)) { parserContext.getReaderContext().error("Pointcut expression required", parserContext.extractSource(childElt)); } String[] attributeTokens = StringUtils.commaDelimitedListToStringArray(accessConfig); List<ConfigAttribute> attributes = new ArrayList<>(attributeTokens.length); for (String token : attributeTokens) { attributes.add(new SecurityConfig(token)); } pointcutMap.put(expression, attributes); } return pointcutMap; }