Example usage for org.springframework.security.config.http MatcherType createMatcher

List of usage examples for org.springframework.security.config.http MatcherType createMatcher

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.config.http.*
  5. MatcherType
  6. createMatcher

Introduction

In this page you can find the example usage for org.springframework.security.config.http MatcherType createMatcher.

Prototype

public BeanDefinition createMatcher(ParserContext pc, String path, String method, String servletPath)

Source Link

Usage

From source file:org.springframework.security.config.http.FilterInvocationSecurityMetadataSourceParser.java

private static ManagedMap<BeanMetadataElement, BeanDefinition> parseInterceptUrlsForFilterInvocationRequestMap(
        MatcherType matcherType, List<Element> urlElts, boolean useExpressions, boolean addAuthenticatedAll,
        ParserContext parserContext) {/*from  ww  w .ja  va  2 s  . c  o m*/

    ManagedMap<BeanMetadataElement, BeanDefinition> filterInvocationDefinitionMap = new ManagedMap<>();

    for (Element urlElt : urlElts) {
        String access = urlElt.getAttribute(ATT_ACCESS);
        if (!StringUtils.hasText(access)) {
            continue;
        }

        String path = urlElt.getAttribute(ATT_PATTERN);
        String matcherRef = urlElt.getAttribute(ATT_REQUEST_MATCHER_REF);
        boolean hasMatcherRef = StringUtils.hasText(matcherRef);

        if (!hasMatcherRef && !StringUtils.hasText(path)) {
            parserContext.getReaderContext().error("path attribute cannot be empty or null", urlElt);
        }

        String method = urlElt.getAttribute(ATT_HTTP_METHOD);
        if (!StringUtils.hasText(method)) {
            method = null;
        }

        String servletPath = urlElt.getAttribute(ATT_SERVLET_PATH);
        if (!StringUtils.hasText(servletPath)) {
            servletPath = null;
        } else if (!MatcherType.mvc.equals(matcherType)) {
            parserContext.getReaderContext().error(
                    ATT_SERVLET_PATH + " is not applicable for request-matcher: '" + matcherType.name() + "'",
                    urlElt);
        }

        BeanMetadataElement matcher = hasMatcherRef ? new RuntimeBeanReference(matcherRef)
                : matcherType.createMatcher(parserContext, path, method, servletPath);
        BeanDefinitionBuilder attributeBuilder = BeanDefinitionBuilder.rootBeanDefinition(SecurityConfig.class);

        if (useExpressions) {
            logger.info("Creating access control expression attribute '" + access + "' for " + path);
            // The single expression will be parsed later by the
            // ExpressionBasedFilterInvocationSecurityMetadataSource
            attributeBuilder.addConstructorArgValue(new String[] { access });
            attributeBuilder.setFactoryMethod("createList");

        } else {
            attributeBuilder.addConstructorArgValue(access);
            attributeBuilder.setFactoryMethod("createListFromCommaDelimitedString");
        }

        if (filterInvocationDefinitionMap.containsKey(matcher)) {
            logger.warn(
                    "Duplicate URL defined: " + path + ". The original attribute values will be overwritten");
        }

        filterInvocationDefinitionMap.put(matcher, attributeBuilder.getBeanDefinition());
    }

    if (addAuthenticatedAll && filterInvocationDefinitionMap.isEmpty()) {

        BeanDefinition matcher = matcherType.createMatcher(parserContext, "/**", null);
        BeanDefinitionBuilder attributeBuilder = BeanDefinitionBuilder.rootBeanDefinition(SecurityConfig.class);
        attributeBuilder.addConstructorArgValue(new String[] { "authenticated" });
        attributeBuilder.setFactoryMethod("createList");
        filterInvocationDefinitionMap.put(matcher, attributeBuilder.getBeanDefinition());
    }

    return filterInvocationDefinitionMap;
}