public boolean isAllowed(MethodInvocation mi, Authentication authentication) { Assert.notNull(mi, "MethodInvocation required"); Assert.notNull(mi.getMethod(), "MethodInvocation must provide a non-null getMethod()"); Collection<ConfigAttribute> attrs = securityInterceptor .obtainSecurityMetadataSource().getAttributes(mi); if (attrs == null) { if (securityInterceptor.isRejectPublicInvocations()) { return false; } return true; } if (authentication == null || authentication.getAuthorities().isEmpty()) { return false; } try { securityInterceptor.getAccessDecisionManager().decide(authentication, mi, attrs); } catch (AccessDeniedException unauthorized) { if (logger.isDebugEnabled()) { logger.debug(mi.toString() + " denied for " + authentication.toString(), unauthorized); } return false; } return true; }
public boolean isAllowed(MethodInvocation mi, Authentication authentication) { Assert.notNull(mi, "MethodInvocation required"); Assert.notNull(mi.getMethod(), "MethodInvocation must provide a non-null getMethod()"); Collection<ConfigAttribute> attrs = securityInterceptor .obtainSecurityMetadataSource().getAttributes(mi); if (attrs == null) { if (securityInterceptor.isRejectPublicInvocations()) { return false; } return true; } if (authentication == null || authentication.getAuthorities().isEmpty()) { return false; } try { securityInterceptor.getAccessDecisionManager().decide(authentication, mi, attrs); } catch (AccessDeniedException unauthorized) { if (logger.isDebugEnabled()) { logger.debug(mi.toString() + " denied for " + authentication.toString(), unauthorized); } return false; } return true; }
Assert.notNull(this.accessDecisionManager, "An AccessDecisionManager is required"); Assert.notNull(this.runAsManager, "A RunAsManager is required"); Assert.notNull(this.obtainSecurityMetadataSource(), "An SecurityMetadataSource is required"); Assert.isTrue(this.obtainSecurityMetadataSource() .supports(getSecureObjectClass()), () -> "SecurityMetadataSource does not support secure object class: " .obtainSecurityMetadataSource().getAllConfigAttributes();
Assert.notNull(this.accessDecisionManager, "An AccessDecisionManager is required"); Assert.notNull(this.runAsManager, "A RunAsManager is required"); Assert.notNull(this.obtainSecurityMetadataSource(), "An SecurityMetadataSource is required"); Assert.isTrue(this.obtainSecurityMetadataSource() .supports(getSecureObjectClass()), () -> "SecurityMetadataSource does not support secure object class: " .obtainSecurityMetadataSource().getAllConfigAttributes();
Collection<ConfigAttribute> attributes = this.obtainSecurityMetadataSource() .getAttributes(object);
Collection<ConfigAttribute> attributes = this.obtainSecurityMetadataSource() .getAttributes(object);
public boolean isAllowed(MethodInvocation mi, Authentication authentication) { Assert.notNull(mi, "MethodInvocation required"); Assert.notNull(mi.getMethod(), "MethodInvocation must provide a non-null getMethod()"); Collection<ConfigAttribute> attrs = securityInterceptor.obtainSecurityMetadataSource().getAttributes(mi); if (attrs == null) { if (securityInterceptor.isRejectPublicInvocations()) { return false; } return true; } if (authentication == null || authentication.getAuthorities().isEmpty()) { return false; } try { securityInterceptor.getAccessDecisionManager().decide(authentication, mi, attrs); } catch (AccessDeniedException unauthorized) { if (logger.isDebugEnabled()) { logger.debug(mi.toString() + " denied for " + authentication.toString(), unauthorized); } return false; } return true; }
public boolean isAllowed(MethodInvocation mi, Authentication authentication) { Assert.notNull(mi, "MethodInvocation required"); Assert.notNull(mi.getMethod(), "MethodInvocation must provide a non-null getMethod()"); Collection<ConfigAttribute> attrs = securityInterceptor .obtainSecurityMetadataSource().getAttributes(mi); if (attrs == null) { if (securityInterceptor.isRejectPublicInvocations()) { return false; } return true; } if (authentication == null || authentication.getAuthorities().isEmpty()) { return false; } try { securityInterceptor.getAccessDecisionManager().decide(authentication, mi, attrs); } catch (AccessDeniedException unauthorized) { if (logger.isDebugEnabled()) { logger.debug(mi.toString() + " denied for " + authentication.toString(), unauthorized); } return false; } return true; }
Assert.notNull(this.accessDecisionManager, "An AccessDecisionManager is required"); Assert.notNull(this.runAsManager, "A RunAsManager is required"); Assert.notNull(this.obtainSecurityMetadataSource(), "An SecurityMetadataSource is required"); Assert.isTrue(this.obtainSecurityMetadataSource().supports(getSecureObjectClass()), "SecurityMetadataSource does not support secure object class: " + getSecureObjectClass()); Assert.isTrue(this.runAsManager.supports(getSecureObjectClass()), Collection<ConfigAttribute> attributeDefs = this.obtainSecurityMetadataSource().getAllConfigAttributes();
Assert.notNull(this.accessDecisionManager, "An AccessDecisionManager is required"); Assert.notNull(this.runAsManager, "A RunAsManager is required"); Assert.notNull(this.obtainSecurityMetadataSource(), "An SecurityMetadataSource is required"); Assert.isTrue(this.obtainSecurityMetadataSource() .supports(getSecureObjectClass()), () -> "SecurityMetadataSource does not support secure object class: " .obtainSecurityMetadataSource().getAllConfigAttributes();
.obtainSecurityMetadataSource().getAttributes(fi);
Collection<ConfigAttribute> attributes = this.obtainSecurityMetadataSource().getAttributes(object);
Collection<ConfigAttribute> attributes = this.obtainSecurityMetadataSource() .getAttributes(object);