/** * Provide a custom {@link AfterInvocationManager} for the default implementation of * {@link #methodSecurityInterceptor()}. The default is null if pre post is not * enabled. Otherwise, it returns a {@link AfterInvocationProviderManager}. * * <p> * Subclasses should override this method to provide a custom * {@link AfterInvocationManager} * </p> * * @return the {@link AfterInvocationManager} to use */ protected AfterInvocationManager afterInvocationManager() { if (prePostEnabled()) { AfterInvocationProviderManager invocationProviderManager = new AfterInvocationProviderManager(); ExpressionBasedPostInvocationAdvice postAdvice = new ExpressionBasedPostInvocationAdvice( getExpressionHandler()); PostInvocationAdviceProvider postInvocationAdviceProvider = new PostInvocationAdviceProvider( postAdvice); List<AfterInvocationProvider> afterInvocationProviders = new ArrayList<>(); afterInvocationProviders.add(postInvocationAdviceProvider); invocationProviderManager.setProviders(afterInvocationProviders); return invocationProviderManager; } return null; }
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) throws AccessDeniedException { PostInvocationAttribute pia = findPostInvocationAttribute(config); if (pia == null) { return returnedObject; } return postAdvice.after(authentication, (MethodInvocation) object, pia, returnedObject); }
private void configureForElAnnotations() { DefaultMethodSecurityExpressionHandler eh = new DefaultMethodSecurityExpressionHandler(); interceptor .setSecurityMetadataSource(new PrePostAnnotationSecurityMetadataSource( new ExpressionBasedAnnotationAttributeFactory(eh))); interceptor.setAccessDecisionManager(adm); AfterInvocationProviderManager aim = new AfterInvocationProviderManager(); aim.setProviders(Arrays.asList(new PostInvocationAdviceProvider( new ExpressionBasedPostInvocationAdvice(eh)))); interceptor.setAfterInvocationManager(aim); } }
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) throws AccessDeniedException { PostInvocationAttribute pia = findPostInvocationAttribute(config); if (pia == null) { return returnedObject; } return postAdvice.after(authentication, (MethodInvocation) object, pia, returnedObject); }
/** * Provide a custom {@link AfterInvocationManager} for the default implementation of * {@link #methodSecurityInterceptor()}. The default is null if pre post is not * enabled. Otherwise, it returns a {@link AfterInvocationProviderManager}. * * <p> * Subclasses should override this method to provide a custom * {@link AfterInvocationManager} * </p> * * @return the {@link AfterInvocationManager} to use */ protected AfterInvocationManager afterInvocationManager() { if (prePostEnabled()) { AfterInvocationProviderManager invocationProviderManager = new AfterInvocationProviderManager(); ExpressionBasedPostInvocationAdvice postAdvice = new ExpressionBasedPostInvocationAdvice( getExpressionHandler()); PostInvocationAdviceProvider postInvocationAdviceProvider = new PostInvocationAdviceProvider( postAdvice); List<AfterInvocationProvider> afterInvocationProviders = new ArrayList<>(); afterInvocationProviders.add(postInvocationAdviceProvider); invocationProviderManager.setProviders(afterInvocationProviders); return invocationProviderManager; } return null; }
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) throws AccessDeniedException { PostInvocationAttribute pia = findPostInvocationAttribute(config); if (pia == null) { return returnedObject; } return postAdvice.after(authentication, (MethodInvocation)object, pia, returnedObject); }
/** * Provide a custom {@link AfterInvocationManager} for the default * implementation of {@link #methodSecurityInterceptor()}. The default is * null if pre post is not enabled. Otherwise, it returns a {@link AfterInvocationProviderManager}. * * <p> * Subclasses should override this method to provide a custom {@link AfterInvocationManager} * </p> * * @return */ protected AfterInvocationManager afterInvocationManager() { if(prePostEnabled()) { AfterInvocationProviderManager invocationProviderManager = new AfterInvocationProviderManager(); ExpressionBasedPostInvocationAdvice postAdvice = new ExpressionBasedPostInvocationAdvice(getExpressionHandler()); PostInvocationAdviceProvider postInvocationAdviceProvider = new PostInvocationAdviceProvider(postAdvice); List<AfterInvocationProvider> afterInvocationProviders = new ArrayList<AfterInvocationProvider>(); afterInvocationProviders.add(postInvocationAdviceProvider); invocationProviderManager.setProviders(afterInvocationProviders); return invocationProviderManager; } return null; }
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) throws AccessDeniedException { PostInvocationAttribute pia = findPostInvocationAttribute(config); if (pia == null) { return returnedObject; } return postAdvice.after(authentication, (MethodInvocation) object, pia, returnedObject); }
/** * Provide a custom {@link AfterInvocationManager} for the default * implementation of {@link #methodSecurityInterceptor()}. The default is null * if pre post is not enabled. Otherwise, it returns a * {@link AfterInvocationProviderManager}. * * <p> * Subclasses should override this method to provide a custom * {@link AfterInvocationManager} * </p> * * @return */ protected AfterInvocationManager afterInvocationManager() { if (prePostEnabled()) { AfterInvocationProviderManager invocationProviderManager = new AfterInvocationProviderManager(); ExpressionBasedPostInvocationAdvice postAdvice = new ExpressionBasedPostInvocationAdvice( getExpressionHandler()); PostInvocationAdviceProvider postInvocationAdviceProvider = new PostInvocationAdviceProvider(postAdvice); List<AfterInvocationProvider> afterInvocationProviders = new ArrayList<>(); afterInvocationProviders.add(postInvocationAdviceProvider); invocationProviderManager.setProviders(afterInvocationProviders); return invocationProviderManager; } return null; }
/** * Provide a custom {@link AfterInvocationManager} for the default implementation of * {@link #methodSecurityInterceptor()}. The default is null if pre post is not * enabled. Otherwise, it returns a {@link AfterInvocationProviderManager}. * * <p> * Subclasses should override this method to provide a custom * {@link AfterInvocationManager} * </p> * * @return the {@link AfterInvocationManager} to use */ protected AfterInvocationManager afterInvocationManager() { if (prePostEnabled()) { AfterInvocationProviderManager invocationProviderManager = new AfterInvocationProviderManager(); ExpressionBasedPostInvocationAdvice postAdvice = new ExpressionBasedPostInvocationAdvice( getExpressionHandler()); PostInvocationAdviceProvider postInvocationAdviceProvider = new PostInvocationAdviceProvider( postAdvice); List<AfterInvocationProvider> afterInvocationProviders = new ArrayList<>(); afterInvocationProviders.add(postInvocationAdviceProvider); invocationProviderManager.setProviders(afterInvocationProviders); return invocationProviderManager; } return null; }