public class AfterInvocationProviderManager extends java.lang.Object implements AfterInvocationManager, org.springframework.beans.factory.InitializingBean
AfterInvocationManager.
Handles configuration of a bean context defined list of AfterInvocationProvider
s.
Every AfterInvocationProvider will be polled when the
decide(Authentication, Object, Collection, Object) method is called. The
Object returned from each provider will be presented to the successive
provider for processing. This means each provider must ensure they return the
Object, even if they are not interested in the "after invocation" decision
(perhaps as the secure object invocation did not include a configuration attribute a
given provider is configured to respond to).
| Modifier and Type | Field and Description |
|---|---|
protected static org.apache.commons.logging.Log |
logger |
| Constructor and Description |
|---|
AfterInvocationProviderManager() |
| Modifier and Type | Method and Description |
|---|---|
void |
afterPropertiesSet() |
java.lang.Object |
decide(Authentication authentication,
java.lang.Object object,
java.util.Collection<ConfigAttribute> config,
java.lang.Object returnedObject)
Given the details of a secure object invocation including its returned
Object, make an access control decision or optionally modify the
returned Object. |
java.util.List<AfterInvocationProvider> |
getProviders() |
void |
setProviders(java.util.List<?> newList) |
boolean |
supports(java.lang.Class<?> clazz)
Iterates through all
AfterInvocationProviders and ensures each can
support the presented class. |
boolean |
supports(ConfigAttribute attribute)
Indicates whether this
AfterInvocationManager is able to process
"after invocation" requests presented with the passed ConfigAttribute. |
public void afterPropertiesSet()
throws java.lang.Exception
afterPropertiesSet in interface org.springframework.beans.factory.InitializingBeanjava.lang.Exceptionpublic java.lang.Object decide(Authentication authentication, java.lang.Object object, java.util.Collection<ConfigAttribute> config, java.lang.Object returnedObject) throws AccessDeniedException
AfterInvocationManagerObject, make an access control decision or optionally modify the
returned Object.decide in interface AfterInvocationManagerauthentication - the caller that invoked the methodobject - the secured object that was calledconfig - the configuration attributes associated with the secured object
that was invokedreturnedObject - the Object that was returned from the secure
object invocationObject that will ultimately be returned to the caller (if
an implementation does not wish to modify the object to be returned to the caller,
the implementation should simply return the same object it was passed by the
returnedObject method argument)AccessDeniedException - if access is deniedpublic java.util.List<AfterInvocationProvider> getProviders()
public void setProviders(java.util.List<?> newList)
public boolean supports(ConfigAttribute attribute)
AfterInvocationManagerAfterInvocationManager is able to process
"after invocation" requests presented with the passed ConfigAttribute.
This allows the AbstractSecurityInterceptor to check every
configuration attribute can be consumed by the configured
AccessDecisionManager and/or RunAsManager and/or
AfterInvocationManager.
supports in interface AfterInvocationManagerattribute - a configuration attribute that has been configured against the
AbstractSecurityInterceptorAfterInvocationManager can support the passed
configuration attributepublic boolean supports(java.lang.Class<?> clazz)
AfterInvocationProviders and ensures each can
support the presented class.
If one or more providers cannot support the presented class, false is
returned.
supports in interface AfterInvocationManagerclazz - the secure object class being queriesAfterInvocationProviderManager can support the secure
object class, which requires every one of its AfterInvocationProviders
to support the secure object class