Class ConsensusBased

java.lang.Object
org.springframework.security.access.vote.AbstractAccessDecisionManager
org.springframework.security.access.vote.ConsensusBased
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware, AccessDecisionManager

public class ConsensusBased extends AbstractAccessDecisionManager
Simple concrete implementation of AccessDecisionManager that uses a consensus-based approach.

"Consensus" here means majority-rule (ignoring abstains) rather than unanimous agreement (ignoring abstains). If you require unanimity, please see UnanimousBased.

  • Constructor Details

  • Method Details

    • decide

      public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException
      This concrete implementation simply polls all configured AccessDecisionVoters and upon completion determines the consensus of granted against denied responses.

      If there were an equal number of grant and deny votes, the decision will be based on the isAllowIfEqualGrantedDeniedDecisions() property (defaults to true).

      If every AccessDecisionVoter abstained from voting, the decision will be based on the AbstractAccessDecisionManager.isAllowIfAllAbstainDecisions() property (defaults to false).

      Parameters:
      authentication - the caller invoking the method
      object - the secured object
      configAttributes - the configuration attributes associated with the method being invoked
      Throws:
      AccessDeniedException - if access is denied
    • isAllowIfEqualGrantedDeniedDecisions

      public boolean isAllowIfEqualGrantedDeniedDecisions()
    • setAllowIfEqualGrantedDeniedDecisions

      public void setAllowIfEqualGrantedDeniedDecisions(boolean allowIfEqualGrantedDeniedDecisions)