org.springframework.security.acls
Class AclEntryVoter

java.lang.Object
  extended by org.springframework.security.access.vote.AbstractAclVoter
      extended by org.springframework.security.acls.AclEntryVoter
All Implemented Interfaces:
AccessDecisionVoter<org.aopalliance.intercept.MethodInvocation>

public class AclEntryVoter
extends AbstractAclVoter

Given a domain object instance passed as a method argument, ensures the principal has appropriate permission as indicated by the AclService.

The AclService is used to retrieve the access control list (ACL) permissions associated with a domain object instance for the current Authentication object.

The voter will vote if any ConfigAttribute.getAttribute() matches the processConfigAttribute. The provider will then locate the first method argument of type AbstractAclVoter.processDomainObjectClass. Assuming that method argument is non-null, the provider will then lookup the ACLs from the AclManager and ensure the principal is Acl.isGranted(List, List, boolean) when presenting the requirePermission array to that method.

If the method argument is null, the voter will abstain from voting. If the method argument could not be found, an AuthorizationServiceException will be thrown.

In practical terms users will typically setup a number of AclEntryVoters. Each will have a different processDomainObjectClass, processConfigAttribute and requirePermission combination. For example, a small application might employ the following instances of AclEntryVoter:

Alternatively, you could have used a common superclass or interface for the AbstractAclVoter.processDomainObjectClass if both BankAccount and Customer had common parents.

If the principal does not have sufficient permissions, the voter will vote to deny access.

All comparisons and prefixes are case sensitive.


Field Summary
 
Fields inherited from interface org.springframework.security.access.AccessDecisionVoter
ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED
 
Constructor Summary
AclEntryVoter(AclService aclService, String processConfigAttribute, Permission[] requirePermission)
           
 
Method Summary
protected  String getInternalMethod()
          Optionally specifies a method of the domain object that will be used to obtain a contained domain object.
protected  String getProcessConfigAttribute()
           
 void setInternalMethod(String internalMethod)
           
 void setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy)
           
 void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)
           
 boolean supports(ConfigAttribute attribute)
          Indicates whether this AccessDecisionVoter is able to vote on the passed ConfigAttribute.
 int vote(Authentication authentication, org.aopalliance.intercept.MethodInvocation object, Collection<ConfigAttribute> attributes)
          Indicates whether or not access is granted.
 
Methods inherited from class org.springframework.security.access.vote.AbstractAclVoter
getDomainObjectInstance, getProcessDomainObjectClass, setProcessDomainObjectClass, supports
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AclEntryVoter

public AclEntryVoter(AclService aclService,
                     String processConfigAttribute,
                     Permission[] requirePermission)
Method Detail

getInternalMethod

protected String getInternalMethod()
Optionally specifies a method of the domain object that will be used to obtain a contained domain object. That contained domain object will be used for the ACL evaluation. This is useful if a domain object contains a parent that an ACL evaluation should be targeted for, instead of the child domain object (which perhaps is being created and as such does not yet have any ACL permissions)

Returns:
null to use the domain object, or the name of a method (that requires no arguments) that should be invoked to obtain an Object which will be the domain object used for ACL evaluation

setInternalMethod

public void setInternalMethod(String internalMethod)

getProcessConfigAttribute

protected String getProcessConfigAttribute()

setObjectIdentityRetrievalStrategy

public void setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy)

setSidRetrievalStrategy

public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)

supports

public boolean supports(ConfigAttribute attribute)
Description copied from interface: AccessDecisionVoter
Indicates whether this AccessDecisionVoter is able to vote on the passed ConfigAttribute.

This allows the AbstractSecurityInterceptor to check every configuration attribute can be consumed by the configured AccessDecisionManager and/or RunAsManager and/or AfterInvocationManager.

Parameters:
attribute - a configuration attribute that has been configured against the AbstractSecurityInterceptor
Returns:
true if this AccessDecisionVoter can support the passed configuration attribute

vote

public int vote(Authentication authentication,
                org.aopalliance.intercept.MethodInvocation object,
                Collection<ConfigAttribute> attributes)
Description copied from interface: AccessDecisionVoter
Indicates whether or not access is granted.

The decision must be affirmative (ACCESS_GRANTED), negative (ACCESS_DENIED) or the AccessDecisionVoter can abstain (ACCESS_ABSTAIN) from voting. Under no circumstances should implementing classes return any other value. If a weighting of results is desired, this should be handled in a custom AccessDecisionManager instead.

Unless an AccessDecisionVoter is specifically intended to vote on an access control decision due to a passed method invocation or configuration attribute parameter, it must return ACCESS_ABSTAIN. This prevents the coordinating AccessDecisionManager from counting votes from those AccessDecisionVoters without a legitimate interest in the access control decision.

Whilst the secured object (such as a MethodInvocation) is passed as a parameter to maximise flexibility in making access control decisions, implementing classes should not modify it or cause the represented invocation to take place (for example, by calling MethodInvocation.proceed()).

Parameters:
authentication - the caller making the invocation
object - the secured object being invoked
attributes - the configuration attributes associated with the secured object
Returns:
either AccessDecisionVoter.ACCESS_GRANTED, AccessDecisionVoter.ACCESS_ABSTAIN or AccessDecisionVoter.ACCESS_DENIED