Class AuthenticatedVoter
- java.lang.Object
-
- org.springframework.security.access.vote.AuthenticatedVoter
-
- All Implemented Interfaces:
AccessDecisionVoter<java.lang.Object>
@Deprecated public class AuthenticatedVoter extends java.lang.Object implements AccessDecisionVoter<java.lang.Object>
Deprecated.UseAuthorityAuthorizationManager
insteadVotes if aConfigAttribute.getAttribute()
ofIS_AUTHENTICATED_FULLY
orIS_AUTHENTICATED_REMEMBERED
orIS_AUTHENTICATED_ANONYMOUSLY
is present. This list is in order of most strict checking to least strict checking.The current
Authentication
will be inspected to determine if the principal has a particular level of authentication. The "FULLY" authenticated option means the user is authenticated fully (i.e.AuthenticationTrustResolver.isAnonymous(Authentication)
is false andAuthenticationTrustResolver.isRememberMe(Authentication)
is false). The "REMEMBERED" will grant access if the principal was either authenticated via remember-me OR is fully authenticated. The "ANONYMOUSLY" will grant access if the principal was authenticated via remember-me, OR anonymously, OR via full authentication.All comparisons and prefixes are case sensitive.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
IS_AUTHENTICATED_ANONYMOUSLY
Deprecated.static java.lang.String
IS_AUTHENTICATED_FULLY
Deprecated.static java.lang.String
IS_AUTHENTICATED_REMEMBERED
Deprecated.-
Fields inherited from interface org.springframework.security.access.AccessDecisionVoter
ACCESS_ABSTAIN, ACCESS_DENIED, ACCESS_GRANTED
-
-
Constructor Summary
Constructors Constructor Description AuthenticatedVoter()
Deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
setAuthenticationTrustResolver(AuthenticationTrustResolver authenticationTrustResolver)
Deprecated.boolean
supports(java.lang.Class<?> clazz)
Deprecated.This implementation supports any type of class, because it does not query the presented secure object.boolean
supports(ConfigAttribute attribute)
Deprecated.Indicates whether thisAccessDecisionVoter
is able to vote on the passedConfigAttribute
.int
vote(Authentication authentication, java.lang.Object object, java.util.Collection<ConfigAttribute> attributes)
Deprecated.Indicates whether or not access is granted.
-
-
-
Field Detail
-
IS_AUTHENTICATED_FULLY
public static final java.lang.String IS_AUTHENTICATED_FULLY
Deprecated.- See Also:
- Constant Field Values
-
IS_AUTHENTICATED_REMEMBERED
public static final java.lang.String IS_AUTHENTICATED_REMEMBERED
Deprecated.- See Also:
- Constant Field Values
-
IS_AUTHENTICATED_ANONYMOUSLY
public static final java.lang.String IS_AUTHENTICATED_ANONYMOUSLY
Deprecated.- See Also:
- Constant Field Values
-
-
Method Detail
-
setAuthenticationTrustResolver
public void setAuthenticationTrustResolver(AuthenticationTrustResolver authenticationTrustResolver)
Deprecated.
-
supports
public boolean supports(ConfigAttribute attribute)
Deprecated.Description copied from interface:AccessDecisionVoter
Indicates whether thisAccessDecisionVoter
is able to vote on the passedConfigAttribute
.This allows the
AbstractSecurityInterceptor
to check every configuration attribute can be consumed by the configuredAccessDecisionManager
and/orRunAsManager
and/orAfterInvocationManager
.- Specified by:
supports
in interfaceAccessDecisionVoter<java.lang.Object>
- Parameters:
attribute
- a configuration attribute that has been configured against theAbstractSecurityInterceptor
- Returns:
- true if this
AccessDecisionVoter
can support the passed configuration attribute
-
supports
public boolean supports(java.lang.Class<?> clazz)
Deprecated.This implementation supports any type of class, because it does not query the presented secure object.- Specified by:
supports
in interfaceAccessDecisionVoter<java.lang.Object>
- Parameters:
clazz
- the secure object type- Returns:
- always
true
-
vote
public int vote(Authentication authentication, java.lang.Object object, java.util.Collection<ConfigAttribute> attributes)
Deprecated.Description copied from interface:AccessDecisionVoter
Indicates whether or not access is granted.The decision must be affirmative (
ACCESS_GRANTED
), negative (ACCESS_DENIED
) or theAccessDecisionVoter
can abstain (ACCESS_ABSTAIN
) from voting. Under no circumstances should implementing classes return any other value. If a weighting of results is desired, this should be handled in a customAccessDecisionManager
instead.Unless an
AccessDecisionVoter
is specifically intended to vote on an access control decision due to a passed method invocation or configuration attribute parameter, it must returnACCESS_ABSTAIN
. This prevents the coordinatingAccessDecisionManager
from counting votes from thoseAccessDecisionVoter
s without a legitimate interest in the access control decision.Whilst the secured object (such as a
MethodInvocation
) is passed as a parameter to maximise flexibility in making access control decisions, implementing classes should not modify it or cause the represented invocation to take place (for example, by callingMethodInvocation.proceed()
).- Specified by:
vote
in interfaceAccessDecisionVoter<java.lang.Object>
- Parameters:
authentication
- the caller making the invocationobject
- the secured object being invokedattributes
- the configuration attributes associated with the secured object- Returns:
- either
AccessDecisionVoter.ACCESS_GRANTED
,AccessDecisionVoter.ACCESS_ABSTAIN
orAccessDecisionVoter.ACCESS_DENIED
-
-