Spring Security Framework

org.springframework.security.vote
Class AffirmativeBased

java.lang.Object
  extended by org.springframework.security.vote.AbstractAccessDecisionManager
      extended by org.springframework.security.vote.AffirmativeBased
All Implemented Interfaces:
InitializingBean, MessageSourceAware, AccessDecisionManager

public class AffirmativeBased
extends AbstractAccessDecisionManager

Simple concrete implementation of AccessDecisionManager that grants access if any AccessDecisionVoter returns an affirmative response.


Field Summary
 
Fields inherited from class org.springframework.security.vote.AbstractAccessDecisionManager
messages
 
Constructor Summary
AffirmativeBased()
           
 
Method Summary
 void decide(Authentication authentication, Object object, ConfigAttributeDefinition config)
          This concrete implementation simply polls all configured AccessDecisionVoters and grants access if any AccessDecisionVoter voted affirmatively.
 
Methods inherited from class org.springframework.security.vote.AbstractAccessDecisionManager
afterPropertiesSet, checkAllowIfAllAbstainDecisions, getDecisionVoters, isAllowIfAllAbstainDecisions, setAllowIfAllAbstainDecisions, setDecisionVoters, setMessageSource, supports, supports
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AffirmativeBased

public AffirmativeBased()
Method Detail

decide

public void decide(Authentication authentication,
                   Object object,
                   ConfigAttributeDefinition config)
            throws AccessDeniedException
This concrete implementation simply polls all configured AccessDecisionVoters and grants access if any AccessDecisionVoter voted affirmatively. Denies access only if there was a deny vote AND no affirmative votes.

If every AccessDecisionVoter abstained from voting, the decision will be based on the AbstractAccessDecisionManager.isAllowIfAllAbstainDecisions() property (defaults to false).

Parameters:
authentication - the caller invoking the method
object - the secured object
config - the configuration attributes associated with the method being invoked
Throws:
AccessDeniedException - if access is denied

Spring Security Framework

Copyright © 2004-2010 SpringSource, Inc. All Rights Reserved.