spring security默认访问权限判定源码
程序员文章站
2024-03-19 15:28:34
...
AffirmativeBased
org.springframework.security.access.vote.AffirmativeBased
public class AffirmativeBased extends AbstractAccessDecisionManager {
/**
* @param authentication 调用方认证信息
* @param object 被调用的收保护的对象(方法)
* @param configAttributes 对象相关的访问控制配置属性
*
* @throws AccessDeniedException 拒绝访问时抛出此异常
*/
public void decide(Authentication authentication, Object object,
Collection<ConfigAttribute> configAttributes) throws AccessDeniedException {
int deny = 0;
for (AccessDecisionVoter voter : getDecisionVoters()) {
int result = voter.vote(authentication, object, configAttributes);
if (logger.isDebugEnabled()) {
logger.debug("Voter: " + voter + ", returned: " + result);
}
switch (result) {
case AccessDecisionVoter.ACCESS_GRANTED:
return;
case AccessDecisionVoter.ACCESS_DENIED:
deny++;
break;
default:
break;
}
}
if (deny > 0) {
throw new AccessDeniedException(messages.getMessage(
"AbstractAccessDecisionManager.accessDenied", "Access is denied"));
}
checkAllowIfAllAbstainDecisions();
}
}
推荐阅读
-
spring security默认访问权限判定源码
-
Spring Security 源码分析十三:Spring Security 权限控制
-
话说Spring Security权限管理(源码详解)
-
话说Spring Security权限管理(源码详解)
-
spring security中的默认登录页源码跟踪
-
史上最简单的Spring Security教程(二十):AccessDecisionVoter必须全部拥有请求所需权限才可访问
-
史上最简单的Spring Security教程(十九):AccessDecisionVoter简介及自定义访问权限投票器
-
spring security中的默认登录页源码跟踪