org.springframework.security.access.vote
Class ConsensusBased

java.lang.Object
  extended by org.springframework.security.access.vote.AbstractAccessDecisionManager
      extended by org.springframework.security.access.vote.ConsensusBased
All Implemented Interfaces:
InitializingBean, MessageSourceAware, AccessDecisionManager

public class ConsensusBased
extends AbstractAccessDecisionManager

Simple concrete implementation of AccessDecisionManager that uses a consensus-based approach.

"Consensus" here means majority-rule (ignoring abstains) rather than unanimous agreement (ignoring abstains). If you require unanimity, please see UnanimousBased.


Field Summary
 
Fields inherited from class org.springframework.security.access.vote.AbstractAccessDecisionManager
logger, messages
 
Constructor Summary
ConsensusBased()
           
 
Method Summary
 void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes)
          This concrete implementation simply polls all configured AccessDecisionVoters and upon completion determines the consensus of granted against denied responses.
 boolean isAllowIfEqualGrantedDeniedDecisions()
           
 void setAllowIfEqualGrantedDeniedDecisions(boolean allowIfEqualGrantedDeniedDecisions)
           
 
Methods inherited from class org.springframework.security.access.vote.AbstractAccessDecisionManager
afterPropertiesSet, checkAllowIfAllAbstainDecisions, getDecisionVoters, isAllowIfAllAbstainDecisions, setAllowIfAllAbstainDecisions, setDecisionVoters, setMessageSource, supports, supports
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ConsensusBased

public ConsensusBased()
Method Detail

decide

public void decide(Authentication authentication,
                   Object object,
                   Collection<ConfigAttribute> configAttributes)
            throws AccessDeniedException
This concrete implementation simply polls all configured AccessDecisionVoters and upon completion determines the consensus of granted against denied responses.

If there were an equal number of grant and deny votes, the decision will be based on the isAllowIfEqualGrantedDeniedDecisions() property (defaults to true).

If every AccessDecisionVoter abstained from voting, the decision will be based on the AbstractAccessDecisionManager.isAllowIfAllAbstainDecisions() property (defaults to false).

Parameters:
authentication - the caller invoking the method
object - the secured object
configAttributes - the configuration attributes associated with the method being invoked
Throws:
AccessDeniedException - if access is denied

isAllowIfEqualGrantedDeniedDecisions

public boolean isAllowIfEqualGrantedDeniedDecisions()

setAllowIfEqualGrantedDeniedDecisions

public void setAllowIfEqualGrantedDeniedDecisions(boolean allowIfEqualGrantedDeniedDecisions)