List of usage examples for org.springframework.security.web.access WebInvocationPrivilegeEvaluator isAllowed
public boolean isAllowed(String uri, Authentication authentication);
From source file:jetx.ext.springsecurity.SpringSecurityTags.java
public static void grantedSameWithUri(JetTagContext ctx, String uri) throws IOException { WebInvocationPrivilegeEvaluator evaluator = getWebInvocationPrivilegeEvaluator(ctx); if (evaluator == null) { throw new UnsupportedOperationException( "No visible WebInvocationPrivilegeEvaluator instance could be found in the application context. There must be at least one in order to support the use of URL access checks in 'authorize' tags."); }/*from www . j av a 2s. co m*/ Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); boolean show = evaluator.isAllowed(uri, authentication); if (show) { ctx.writeBodyContent(); } }
From source file:rights.HasAllRightsTag.java
private boolean hasCommonRights() { WebInvocationPrivilegeEvaluator wipe = (WebInvocationPrivilegeEvaluator) WebApplicationContextUtils .getWebApplicationContext(pageContext.getServletContext()) .getBean(WebInvocationPrivilegeEvaluator.class); return wipe.isAllowed(url, SecurityContextHolder.getContext().getAuthentication()); }
From source file:mvc.parent.WebController.java
private boolean hasCommonRights(String url, HttpServletRequest request) { WebInvocationPrivilegeEvaluator wipe = (WebInvocationPrivilegeEvaluator) WebApplicationContextUtils .getWebApplicationContext(request.getServletContext()) .getBean(WebInvocationPrivilegeEvaluator.class); return wipe.isAllowed(url, SecurityContextHolder.getContext().getAuthentication()); }