Here’s a pretty neat approach to add AccessDescisionVoters to the default AccessDescisionManager in Spring Security:
/**
* This BeanPostProcessor adds all {@link AccessDecisionVoter}s that are set with
* {@link #setAdditionalAccessDecisionVoters(List)} to beans that are instances of {@link AffirmativeBased}. This is the
* default {@link AccessDecisionManager} implementation that the spring security namespace handler creates.
* <p>
*
* The configuration could look like:
*
* <pre>
* {@code
* <bean id="voterAdder">
* <property name="additionalAccessDecisionVoters">
* <list>
* <bean />
* </list>
* </property>
* </bean>
* }
* </pre>
*/
@Component
public class VoterAdder implements BeanPostProcessor {
private List<AccessDecisionVoter> additionalAccessDecisionVoters;
public void setAdditionalAccessDecisionVoters(List<AccessDecisionVoter> additionalAccessDecisionVoters) {
this.additionalAccessDecisionVoters = additionalAccessDecisionVoters;
}
@Override
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
return bean;
}
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if (bean instanceof AffirmativeBased) {
AffirmativeBased dm = (AffirmativeBased) bean;
additionalAccessDecisionVoters.addAll(dm.getDecisionVoters());
dm.setDecisionVoters(additionalAccessDecisionVoters);
}
return bean;
}
}