|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES All Classes | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.springframework.richclient.security.support.AbstractSecurityController
org.springframework.richclient.security.support.UserRoleSecurityController
public class UserRoleSecurityController
This class controls the authorization of other objects, that implement the
Authorizable
, according to the roles held
by the currently authenticated user. If the current user holds one or more of the
configured roles, then the associated objects are authorized. Otherwise, they are not
authorized.
The roles on which to authorize the controlled objects are specified via the
roles
property. It should be a comma-separated list of role names.
No secured object is used in preparing the ConfigAttributeDefinition. This means that the configuration is not specific to a given object (no per-object ACL's). The access decision is made strictly on the roles held by the user.
The default access decision manager is an AffirmativeBased
instance using a
plain RoleVoter
. You can override this by setting the
accessDecisionManager
property.
Below is an example configuration for this class:
<bean id="adminController" class="org.springframework.richclient.security.support.UserRoleSecurityController"> <property name="authorizingRoles" value="ROLE_ADMIN" /> </bean> <bean id="writeController" class="org.springframework.richclient.security.support.UserRoleSecurityController"> <property name="authorizingRoles" value="ROLE_WRITE,ROLE_ADMIN" /> </bean>
Field Summary |
---|
Fields inherited from class org.springframework.richclient.security.support.AbstractSecurityController |
---|
VISIBLE_TRACKS_AUTHORIZED_ACTION |
Constructor Summary | |
---|---|
UserRoleSecurityController()
Constructor. |
Method Summary | |
---|---|
String |
getAuthorizingRoles()
Get the config attributes. |
protected org.acegisecurity.ConfigAttributeDefinition |
getConfigAttributeDefinition(Object securedObject)
Get the ConfigAttributeDefinition for the secured object. |
protected Object |
getSecuredObject()
Get the secured object on which we are making the authorization decision. |
void |
setAuthorizingRoles(String roles)
Set the roles to compare against the current user's authenticated roles. |
Methods inherited from class org.springframework.richclient.security.support.AbstractSecurityController |
---|
addControlledObject, afterPropertiesSet, doPostProcessorAction, getAccessDecisionManager, getLastAuthentication, getPostProcessorActionsToRun, registerPostProcessorAction, removeControlledObject, runAuthorization, runPostProcessorActions, setAccessDecisionManager, setAuthenticationToken, setControlledObjects, setLastAuthentication, setPostProcessorActionsToRun, shouldAuthorize, updateControlledObject |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public UserRoleSecurityController()
Method Detail |
---|
public void setAuthorizingRoles(String roles)
roles
- public String getAuthorizingRoles()
protected Object getSecuredObject()
getSecuredObject
in class AbstractSecurityController
protected org.acegisecurity.ConfigAttributeDefinition getConfigAttributeDefinition(Object securedObject)
getConfigAttributeDefinition
in class AbstractSecurityController
securedObject
- Secured object for whom the config attribute definition is to
be retrieved. This may be null.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES All Classes | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |