Spring Security Archives • my2cents

How to add AccessDescisionVoters to AccessDescisionManager in Spring Security

10th May, 201224th March, 2013 Marcel StörNo Comments

Here’s a pretty neat approach to add AccessDescisionVoters to the default AccessDescisionManager in Spring Security:

/**
 * This BeanPostProcessor adds all {@link AccessDecisionVoter}s that are set with
 * {@link #setAdditionalAccessDecisionVoters(List)} to beans that are instances of {@link AffirmativeBased}. This is the
 * default {@link AccessDecisionManager} implementation that the spring security namespace handler creates.
 * <p>
 *
 * The configuration could look like:
 *
 * <pre>
 * {@code
 * <bean id="voterAdder">
 *   <property name="additionalAccessDecisionVoters">
 *     <list>
 *       <bean />
 *     </list>
 *   </property>
 * </bean>
 * }
 * </pre>
 */
@Component
public class VoterAdder implements BeanPostProcessor {
  private List<AccessDecisionVoter> additionalAccessDecisionVoters;

  public void setAdditionalAccessDecisionVoters(List<AccessDecisionVoter> additionalAccessDecisionVoters) {
    this.additionalAccessDecisionVoters = additionalAccessDecisionVoters;
  }

  @Override
  public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
    return bean;
  }

  @Override
  public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
    if (bean instanceof AffirmativeBased) {
      AffirmativeBased dm = (AffirmativeBased) bean;
      additionalAccessDecisionVoters.addAll(dm.getDecisionVoters());
      dm.setDecisionVoters(additionalAccessDecisionVoters);
    }
    return bean;
  }
}

/**

* This BeanPostProcessor adds all {@link AccessDecisionVoter}s that are set with

* {@link #setAdditionalAccessDecisionVoters(List)} to beans that are instances of {@link AffirmativeBased}. This is the

* default {@link AccessDecisionManager} implementation that the spring security namespace handler creates.

* <p>

* The configuration could look like:

* <pre>

* {@code

* <bean id="voterAdder">

* <property name="additionalAccessDecisionVoters">

* <list>

* <bean />

* </list>

* </property>

* </bean>

* }

* </pre>

@Component

public class VoterAdder implements BeanPostProcessor {

private List<AccessDecisionVoter> additionalAccessDecisionVoters;

public void setAdditionalAccessDecisionVoters(List<AccessDecisionVoter> additionalAccessDecisionVoters) {

this.additionalAccessDecisionVoters = additionalAccessDecisionVoters;

}

@Override

public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {

return bean;

}

@Override

public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {

if (bean instanceof AffirmativeBased) {

AffirmativeBased dm = (AffirmativeBased) bean;

additionalAccessDecisionVoters.addAll(dm.getDecisionVoters());

dm.setDecisionVoters(additionalAccessDecisionVoters);

}

return bean;

}

Source: http://forum.springsource.org/showthread.php?116830-How-to-add-voters-to-the-default-accessDecisionManager&s=1a6d05dedb0342570b900141a6d53d2e&p=386079#post386079

OpenID with Spring Security 3 and Google OpenID

4th August, 20104th August, 2010 Marcel StörNo Comments

So much information on Spring OpenID is outdated so quickly…Lots of articles and blog entries describe solutions with Spring Security 2.x which is slightly different from 3.x. I recommend sticking with the sample application at http://repo1.maven.org/maven2/org/springframework/security/spring-security-samples-openid/<your_version>/spring-security-samples-openid-<your_version>.war as a reference. Also, I found http://www.packtpub.com/article/opening-up-to-openid-with-spring-security quite helpful. One caveat though is worth mentioning here: the Spring sample […]

my2cents

"The Earth was made round so that we would not see too far down the road" — Karen Blixen

Tag: Spring Security

How to add AccessDescisionVoters to AccessDescisionManager in Spring Security

OpenID with Spring Security 3 and Google OpenID