FilterInvocationDefinitionSourceBeanDefinitionParser xref

View Javadoc

1   package org.springframework.security.config;
2   
3   import java.util.Iterator;
4   import java.util.LinkedHashMap;
5   import java.util.List;
6   
7   import org.springframework.beans.factory.support.BeanDefinitionBuilder;
8   import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
9   import org.springframework.beans.factory.xml.ParserContext;
10  import org.springframework.security.util.AntUrlPathMatcher;
11  import org.springframework.security.util.UrlMatcher;
12  import org.springframework.util.StringUtils;
13  import org.springframework.util.xml.DomUtils;
14  import org.w3c.dom.Element;
15  
16  /**
17   * Allows for convenient creation of a {@link FilterInvocationDefinitionSource} bean for use with a FilterSecurityInterceptor.  
18   * 
19   * @author Luke Taylor
20   * @version $Id: FilterInvocationDefinitionSourceBeanDefinitionParser.java 2980 2008-04-22 21:25:35Z luke_t $
21   */
22  public class FilterInvocationDefinitionSourceBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
23  
24      protected String getBeanClassName(Element element) {
25          return "org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource";
26      }
27  
28      protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
29          List interceptUrls = DomUtils.getChildElementsByTagName(element, "intercept-url");
30          
31          // Check for attributes that aren't allowed in this context
32          Iterator interceptUrlElts = interceptUrls.iterator();
33          while(interceptUrlElts.hasNext()) {
34              Element elt = (Element) interceptUrlElts.next();
35              if (StringUtils.hasLength(elt.getAttribute(HttpSecurityBeanDefinitionParser.ATT_REQUIRES_CHANNEL))) {
36                  parserContext.getReaderContext().error("The attribute '" + HttpSecurityBeanDefinitionParser.ATT_REQUIRES_CHANNEL + "' isn't allowed here.", elt);
37              }
38  
39              if (StringUtils.hasLength(elt.getAttribute(HttpSecurityBeanDefinitionParser.ATT_FILTERS))) {
40                  parserContext.getReaderContext().error("The attribute '" + HttpSecurityBeanDefinitionParser.ATT_FILTERS + "' isn't allowed here.", elt);
41              }
42          }
43  
44          UrlMatcher matcher = HttpSecurityBeanDefinitionParser.createUrlMatcher(element);
45          boolean convertPathsToLowerCase = (matcher instanceof AntUrlPathMatcher) && matcher.requiresLowerCaseUrl();
46          
47          LinkedHashMap requestMap = 
48          HttpSecurityBeanDefinitionParser.parseInterceptUrlsForFilterInvocationRequestMap(interceptUrls,  
49                  convertPathsToLowerCase, parserContext);
50          
51          builder.addConstructorArg(matcher);
52          builder.addConstructorArg(requestMap);
53      }
54  }