CustomAccessDecisionManager.java
1.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package com.bsth.security;
import java.util.Collection;
import java.util.Iterator;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.stereotype.Component;
@Component
public class CustomAccessDecisionManager implements AccessDecisionManager{
@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes)
throws AccessDeniedException, InsufficientAuthenticationException {
Iterator<ConfigAttribute> iter = configAttributes.iterator();
Object obj;
while (iter.hasNext())
{
obj = iter.next();
if(null == obj)
continue;
String accessResourceNeedRole = ((SecurityConfig) obj)
.getAttribute();
for (GrantedAuthority grantedAuthority : authentication.getAuthorities())
{
String userOwnRole = grantedAuthority.getAuthority();
if (accessResourceNeedRole.equals(userOwnRole))
{
return;
}
}
}
throw new AccessDeniedException("访问被拒绝!");
}
@Override
public boolean supports(ConfigAttribute arg0) {
return false;
}
@Override
public boolean supports(Class<?> arg0) {
return false;
}
}