|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.springframework.security.access.intercept.AfterInvocationProviderManager
public class AfterInvocationProviderManager
Provider-based implementation of AfterInvocationManager
.
Handles configuration of a bean context defined list of AfterInvocationProvider
s.
Every AfterInvocationProvider
will be polled when the
decide(Authentication, Object, Collection, Object)
method is called. The Object
returned
from each provider will be presented to the successive provider for processing. This means each provider
must ensure they return the Object
, even if they are not interested in the "after invocation"
decision (perhaps as the secure object invocation did not include a configuration attribute a given provider is
configured to respond to).
Field Summary | |
---|---|
protected static org.apache.commons.logging.Log |
logger
|
Constructor Summary | |
---|---|
AfterInvocationProviderManager()
|
Method Summary | |
---|---|
void |
afterPropertiesSet()
|
Object |
decide(Authentication authentication,
Object object,
Collection<ConfigAttribute> config,
Object returnedObject)
Given the details of a secure object invocation including its returned Object , make an
access control decision or optionally modify the returned Object . |
List<AfterInvocationProvider> |
getProviders()
|
void |
setProviders(List<?> newList)
|
boolean |
supports(Class<?> clazz)
Iterates through all AfterInvocationProvider s and ensures each can support the presented
class. |
boolean |
supports(ConfigAttribute attribute)
Indicates whether this AfterInvocationManager is able to process "after invocation"
requests presented with the passed ConfigAttribute . |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected static final org.apache.commons.logging.Log logger
Constructor Detail |
---|
public AfterInvocationProviderManager()
Method Detail |
---|
public void afterPropertiesSet() throws Exception
afterPropertiesSet
in interface InitializingBean
Exception
public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) throws AccessDeniedException
AfterInvocationManager
Object
, make an
access control decision or optionally modify the returned Object
.
decide
in interface AfterInvocationManager
authentication
- the caller that invoked the methodobject
- the secured object that was calledconfig
- the configuration attributes associated with the secured object that was invokedreturnedObject
- the Object
that was returned from the secure object invocation
Object
that will ultimately be returned to the caller (if an implementation does not
wish to modify the object to be returned to the caller, the implementation should simply return the
same object it was passed by the returnedObject
method argument)
AccessDeniedException
- if access is deniedpublic List<AfterInvocationProvider> getProviders()
public void setProviders(List<?> newList)
public boolean supports(ConfigAttribute attribute)
AfterInvocationManager
AfterInvocationManager
is able to process "after invocation"
requests presented with the passed ConfigAttribute
.This allows the
AbstractSecurityInterceptor
to check every configuration attribute can be consumed by the
configured AccessDecisionManager
and/or RunAsManager
and/or
AfterInvocationManager
.
supports
in interface AfterInvocationManager
attribute
- a configuration attribute that has been configured against the
AbstractSecurityInterceptor
AfterInvocationManager
can support the passed configuration attributepublic boolean supports(Class<?> clazz)
AfterInvocationProvider
s and ensures each can support the presented
class.
If one or more providers cannot support the presented class, false
is returned.
supports
in interface AfterInvocationManager
clazz
- the secure object class being queries
AfterInvocationProviderManager
can support the secure object class, which requires
every one of its AfterInvocationProvider
s to support the secure object class
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |