List of usage examples for org.springframework.security.access.expression SecurityExpressionHandler getExpressionParser
ExpressionParser getExpressionParser();
From source file:br.com.suricattus.surispring.spring.security.util.SecurityUtil.java
/** * Method that checks if the user has the given access expression. * /* w w w.j ava 2 s . co m*/ * @see Spring Security Expression-Based Access Control * @param access * @return */ @SuppressWarnings({ "rawtypes", "unchecked" }) public static boolean isAuthorized(String access) { Map<String, SecurityExpressionHandler> expressionHandlres = ApplicationContextUtil.getContext() .getBeansOfType(SecurityExpressionHandler.class); SecurityExpressionHandler handler = (SecurityExpressionHandler) expressionHandlres.values().toArray()[0]; Expression accessExpression = handler.getExpressionParser().parseExpression(access); FilterInvocation f = new FilterInvocation(FacesUtils.getRequest(), FacesUtils.getResponse(), new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { throw new UnsupportedOperationException(); } }); return ExpressionUtils.evaluateAsBoolean(accessExpression, handler.createEvaluationContext(SecurityContextHolder.getContext().getAuthentication(), f)); }
From source file:org.springframework.security.web.access.expression.ExpressionBasedFilterInvocationSecurityMetadataSource.java
public ExpressionBasedFilterInvocationSecurityMetadataSource( LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap, SecurityExpressionHandler<FilterInvocation> expressionHandler) { super(processMap(requestMap, expressionHandler.getExpressionParser())); Assert.notNull(expressionHandler, "A non-null SecurityExpressionHandler is required"); }