List of usage examples for org.springframework.security.web.access.expression WebSecurityExpressionRoot setTrustResolver
public void setTrustResolver(AuthenticationTrustResolver trustResolver)
From source file:com.github.carlomicieli.nerdmovies.config.ImplicitObjectsInterceptor.java
@Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { if (modelAndView != null && !modelAndView.getViewName().startsWith("redirect:")) { FilterInvocation filterInvocation = new FilterInvocation(request, response, new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { throw new UnsupportedOperationException(); }/*from w w w.j a v a2s.c o m*/ }); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); WebSecurityExpressionRoot sec = new WebSecurityExpressionRoot(authentication, filterInvocation); sec.setTrustResolver(new AuthenticationTrustResolverImpl()); modelAndView.getModel().put("sec", sec); } }
From source file:com.jeanchampemont.notedown.utils.SecurityInterceptor.java
@Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { if (modelAndView != null) { FilterInvocation filterInvocation = new FilterInvocation(request, response, new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { throw new UnsupportedOperationException(); }/*from w w w . j a va2s . c o m*/ }); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null) { WebSecurityExpressionRoot sec = new WebSecurityExpressionRoot(authentication, filterInvocation); sec.setTrustResolver(new AuthenticationTrustResolverImpl()); modelAndView.getModel().put("sec", sec); } } }
From source file:de.iew.framework.security.access.WebResourceAccessEvaluator.java
/** * Create security expression root.// w ww .java 2 s . co m * <p> * Implements methods to test permissions. * </p> * * @param authentication the authentication * @param fi the fi * @return the security expression operations */ protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, FilterInvocation fi) { WebSecurityExpressionRoot root = new WebSecurityExpressionRoot(authentication, fi); root.setPermissionEvaluator(getPermissionEvaluator()); root.setTrustResolver(trustResolver); root.setRoleHierarchy(getRoleHierarchy()); return root; }
From source file:org.squashtest.tm.web.internal.interceptor.SecurityExpressionResolverExposerInterceptor.java
/** * @see org.springframework.web.servlet.handler.HandlerInterceptorAdapter#postHandle(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.web.servlet.ModelAndView) *//* www .j av a2 s .co m*/ @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) { if (modelAndView != null && modelAndView.hasView() && !StringUtils.startsWith(modelAndView.getViewName(), "redirect:")) { FilterInvocation filterInvocation = new FilterInvocation(request, response, DUMMY_CHAIN); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { LOGGER.debug( "No authentication available for '{}{}'. Thymeleaf won't have access to '#sec' in view '{}'", request.getServletPath(), request.getPathInfo(), modelAndView.getViewName()); return; } WebSecurityExpressionRoot expressionRoot = new WebSecurityExpressionRoot(authentication, filterInvocation); expressionRoot.setTrustResolver(trustResolver); expressionRoot.setPermissionEvaluator(permissionEvaluator); modelAndView.addObject("sec", expressionRoot); } }