All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.payneteasy.superfly.security.InsufficientAuthenticationAccessDecisionManager Maven / Gradle / Ivy

Go to download

Module for Spring Security which enables application to use Superfly authentication/authorization declaratively through Spring Security

The newest version!
package com.payneteasy.superfly.security;

import com.payneteasy.superfly.security.exception.InsufficientAuthenticationException;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;

import java.util.Collection;

/**
 * {@link AccessDecisionManager} which first checks whether the current
 * {@link Authentication} is sufficient. If not, it throws an
 * {@link InsufficientAuthenticationException}, otherwise just delegates to
 * other {@link AccessDecisionManager}.
 * 
 * @author Roman Puchkovskiy
 */
public class InsufficientAuthenticationAccessDecisionManager extends
        DelegatingDecisionManager {

    private Class[] insufficientAuthenticationClasses;

    public void setInsufficientAuthenticationClasses(Class[] classes) {
        insufficientAuthenticationClasses = classes;
    }

    public InsufficientAuthenticationAccessDecisionManager() {
    }

    public InsufficientAuthenticationAccessDecisionManager(
            AccessDecisionManager delegate) {
        super(delegate);
    }

    @Override
    public void decide(Authentication authentication, Object object,
            Collection configAttributes)
            throws AccessDeniedException, InsufficientAuthenticationException {
        boolean insufficient = false;
        for (Class clazz : insufficientAuthenticationClasses) {
            if (clazz.isAssignableFrom(authentication.getClass())) {
                insufficient = true;
                break;
            }
        }
        if (insufficient) {
            InsufficientAuthenticationException ex = new InsufficientAuthenticationException(authentication.getClass().getName());
            ex.setAuthentication(authentication);
            throw ex;
        }
        // sufficient authentication, just proceed
        getDelegate().decide(authentication, object, configAttributes);
    }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy