Java tutorial
/** * Licensed to Apereo under one or more contributor license * agreements. See the NOTICE file distributed with this work * for additional information regarding copyright ownership. * Apereo licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file * except in compliance with the License. You may obtain a * copy of the License at the following location: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.jasig.portlet.blackboardvcportlet.security; import java.util.Map; import org.springframework.expression.spel.support.StandardEvaluationContext; import org.springframework.security.access.expression.AbstractSecurityExpressionHandler; import org.springframework.security.access.expression.SecurityExpressionOperations; import org.springframework.security.access.expression.SecurityExpressionRoot; import org.springframework.security.authentication.AuthenticationTrustResolver; import org.springframework.security.authentication.AuthenticationTrustResolverImpl; import org.springframework.security.core.Authentication; import org.springframework.stereotype.Service; @Service public class SimpleSecurityExpressionHandler extends AbstractSecurityExpressionHandler<Map<String, Object>> { private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl(); @Override protected StandardEvaluationContext createEvaluationContextInternal(Authentication authentication, Map<String, Object> variables) { final StandardEvaluationContext evaluationContext = super.createEvaluationContextInternal(authentication, variables); if (variables != null) { for (final Map.Entry<String, Object> variableEntry : variables.entrySet()) { evaluationContext.setVariable(variableEntry.getKey(), variableEntry.getValue()); } } return evaluationContext; } @Override protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, Map<String, Object> variables) { SimpleSecurityExpressionRoot root = new SimpleSecurityExpressionRoot(authentication); root.setPermissionEvaluator(getPermissionEvaluator()); root.setTrustResolver(trustResolver); root.setRoleHierarchy(getRoleHierarchy()); return root; } private final class SimpleSecurityExpressionRoot extends SecurityExpressionRoot { public SimpleSecurityExpressionRoot(Authentication a) { super(a); } } }