Overview  Package   Class  Tree  Deprecated  Index  Help 
Spring Web Flow
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.springframework.webflow.security
Class SecurityFlowExecutionListener

java.lang.Object
  extended by org.springframework.webflow.execution.FlowExecutionListenerAdapter
      extended by org.springframework.webflow.security.SecurityFlowExecutionListener
All Implemented Interfaces:
FlowExecutionListener
public class SecurityFlowExecutionListener
extends FlowExecutionListenerAdapter

Flow security integration with Spring Security

Author:
Scott Andrews

Constructor Summary
SecurityFlowExecutionListener()
           
 
Method Summary
protected  void decide(SecurityRule rule, java.lang.Object object)
          Performs a Spring Security authorization decision.
 org.springframework.security.access.AccessDecisionManager getAccessDecisionManager()
          Get the access decision manager that makes flow authorization decisions.
protected  java.util.Collection<org.springframework.security.access.ConfigAttribute> getConfigAttributes(SecurityRule rule)
          Convert SecurityRule into a form understood by Spring Security
 void sessionCreating(RequestContext context, FlowDefinition definition)
          Called to indicate a new flow definition session is about to be created.
 void setAccessDecisionManager(org.springframework.security.access.AccessDecisionManager accessDecisionManager)
          Set the access decision manager that makes flow authorization decisions.
 void stateEntering(RequestContext context, StateDefinition state)
          Called when a state transitions, after the transition is matched but before the transition occurs.
 void transitionExecuting(RequestContext context, TransitionDefinition transition)
          Called when a transition is matched but before the transition occurs.
 
Methods inherited from class org.springframework.webflow.execution.FlowExecutionListenerAdapter
eventSignaled, exceptionThrown, paused, requestProcessed, requestSubmitted, resuming, sessionEnded, sessionEnding, sessionStarted, sessionStarting, stateEntered, viewRendered, viewRendering
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurityFlowExecutionListener

public SecurityFlowExecutionListener()
Method Detail

getAccessDecisionManager

public org.springframework.security.access.AccessDecisionManager getAccessDecisionManager()
Get the access decision manager that makes flow authorization decisions.

Returns:
the decision manager

setAccessDecisionManager

public void setAccessDecisionManager(org.springframework.security.access.AccessDecisionManager accessDecisionManager)
Set the access decision manager that makes flow authorization decisions.

Parameters:
accessDecisionManager - the decision manager to user

sessionCreating

public void sessionCreating(RequestContext context,
                            FlowDefinition definition)
Description copied from interface: FlowExecutionListener
Called to indicate a new flow definition session is about to be created. Called before the session is created. An exception may be thrown from this method to veto the start operation. Any type of runtime exception can be used for this purpose.

Specified by:
sessionCreating in interface FlowExecutionListener
Overrides:
sessionCreating in class FlowExecutionListenerAdapter
Parameters:
context - the current flow request context
definition - the flow for which a new session is starting

stateEntering

public void stateEntering(RequestContext context,
                          StateDefinition state)
                   throws EnterStateVetoException
Description copied from interface: FlowExecutionListener
Called when a state transitions, after the transition is matched but before the transition occurs.

Specified by:
stateEntering in interface FlowExecutionListener
Overrides:
stateEntering in class FlowExecutionListenerAdapter
Parameters:
context - the current flow request context
state - the proposed state to transition to
Throws:
EnterStateVetoException - when entering the state is not allowed

transitionExecuting

public void transitionExecuting(RequestContext context,
                                TransitionDefinition transition)
Description copied from interface: FlowExecutionListener
Called when a transition is matched but before the transition occurs.

Specified by:
transitionExecuting in interface FlowExecutionListener
Overrides:
transitionExecuting in class FlowExecutionListenerAdapter
Parameters:
context - the current flow request context
transition - the proposed transition

decide

protected void decide(SecurityRule rule,
                      java.lang.Object object)
Performs a Spring Security authorization decision. Decision will use the provided AccessDecisionManager. If no AccessDecisionManager is provided a role based manager will be selected according to the comparison type of the rule.

Parameters:
rule - the rule to base the decision
object - the execution listener phase

getConfigAttributes

protected java.util.Collection<org.springframework.security.access.ConfigAttribute> getConfigAttributes(SecurityRule rule)
Convert SecurityRule into a form understood by Spring Security

Parameters:
rule - the rule to convert
Returns:
list of ConfigAttributes for Spring Security
Overview  Package   Class  Tree  Deprecated  Index  Help 
Spring Web Flow
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD