List of usage examples for org.springframework.security.access ConfigAttribute getAttribute
String getAttribute();
ConfigAttribute
can be represented as a String
and that String
is sufficient in precision to be relied upon as a configuration parameter by a RunAsManager , AccessDecisionManager or AccessDecisionManager
delegate, this method should return such a String
. From source file:com.evolveum.midpoint.security.api.SecurityUtil.java
public static Collection<String> getActions(Collection<ConfigAttribute> configAttributes) { Collection<String> actions = new ArrayList<>(configAttributes.size()); for (ConfigAttribute attr : configAttributes) { actions.add(attr.getAttribute()); }//w w w .ja v a 2 s . c om return actions; }
From source file:authentication.RoleVetor.java
@Override public boolean supports(final ConfigAttribute attribute) { if ((attribute.getAttribute() != null) && attribute.getAttribute().startsWith("ROLE_")) { return true; } else {/*w ww. j av a2s.c om*/ return false; } }
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoter.java
@Override public boolean supports(ConfigAttribute attribute) { return attribute.getAttribute() != null && attribute.getAttribute().startsWith(PREFIX); }
From source file:com.sample.webserviceprocess.security.RoleVoter.java
public boolean supports(ConfigAttribute attribute) { if ((attribute.getAttribute() != null) && attribute.getAttribute().startsWith(getRolePrefix())) { return true; } else {//from w ww . j a v a 2s .c om return false; } }
From source file:com.wooki.services.security.spring.TapestryResourceVoter.java
public boolean supports(ConfigAttribute attribute) { if (attribute.getAttribute() != null) { return true; } else {//from ww w. j a v a 2s. c om return false; } }
From source file:com.sun.identity.provider.springsecurity.OpenSSOVoter.java
public int vote(Authentication authentication, Object object, Collection attributes) { if (debug.messageEnabled()) debug.message("OpenSSOVoter vote: " + authentication + " o=" + object + " config=" + attributes); int r = ACCESS_ABSTAIN; for (Iterator it = attributes.iterator(); it.hasNext();) { ConfigAttribute configAttribute = (ConfigAttribute) it.next(); if (configAttribute.getAttribute().equals(OPENSSO_ALLOW)) { r = ACCESS_GRANTED;//from w w w .j a va 2 s. c o m } else if (configAttribute.getAttribute().equals(OPENSSO_DENY)) { r = ACCESS_DENIED; } } if (debug.messageEnabled()) debug.message("vote: result=" + r); return r; }
From source file:be.dnsbelgium.rate.spring.security.LeakyBucketVoter.java
@Override public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) { int amount = this.defaultAmount; if (attributes != null) { for (ConfigAttribute attribute : attributes) { if (attribute.getAttribute() != null && attribute.getAttribute().startsWith(PREFIX + SEPARATOR)) { String amountAttributeValue = StringUtils .splitByWholeSeparatorPreserveAllTokens(attribute.getAttribute(), SEPARATOR)[1]; try { // should be minimum zero amount = Math.max(0, Integer.parseInt(amountAttributeValue)); } catch (NumberFormatException nfe) { LOGGER.debug(String.format("%s is NaN. Defaulting to %s for amount.", amountAttributeValue, defaultAmount), nfe); }//w w w.ja v a2 s. c o m } } } if (amount == 0) { return ACCESS_GRANTED; } int result = ACCESS_DENIED; T key = keyFactory.create(SecurityContextHolder.getContext()); try { if (leakyBucketService.add(key, amount)) { result = ACCESS_GRANTED; } } catch (IllegalArgumentException iae) { // this should never occur since amount is minimum zero (Math.max) LOGGER.error(String.format("Illegal amount of tokens added to bucket: %s", amount), iae); throw iae; } if (result == ACCESS_DENIED) { throw new RDAPErrorException(TOO_MANY_REQUESTS_HTTP_CODE, "Too many requests"); } return result; }
From source file:es.osoco.grails.plugins.otp.access.OneTimePasswordVoter.java
public boolean supports(ConfigAttribute attribute) { return attribute != null && OneTimePasswordVoter.IS_AUTHENTICATED_OTP.equals(attribute.getAttribute()); }
From source file:cn.net.withub.demo.bootsec.hello.security.CustomAccessDecisionManager.java
@Override public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException { if (configAttributes == null) { //??//w w w .j a va 2 s.c o m throw new AccessDeniedException("Access Dendied"); } //???(???) for (ConfigAttribute configAttribute : configAttributes) { //???? String needPermission = configAttribute.getAttribute(); System.out.println("needPermission is " + needPermission); //??authentication for (GrantedAuthority ga : authentication.getAuthorities()) { if (needPermission.equals(ga.getAuthority())) { return; } } } //?? throw new AccessDeniedException("Access Dendied"); //throw new InsufficientAuthenticationException("???"); }
From source file:authentication.RoleVetor.java
@Override public int vote(final Authentication authentication, final Object object, final Collection<ConfigAttribute> attributes) { int result = ACCESS_ABSTAIN; final String username = authentication.getName(); for (ConfigAttribute attribute : attributes) { if (this.supports(attribute)) { result = ACCESS_DENIED;// w w w. ja v a 2 s .c o m final String stringedAtribute = attribute.getAttribute(); final String shortedAtribute = attribute.getAttribute().substring(stringedAtribute.indexOf("_") + 1, stringedAtribute.length()); if (shortedAtribute.equalsIgnoreCase(username)) { return ACCESS_GRANTED; } } } return result; }