Here’s a pretty neat approach to add AccessDescisionVoters to the default AccessDescisionManager in Spring Security:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 | /** * This BeanPostProcessor adds all {@link AccessDecisionVoter}s that are set with * {@link #setAdditionalAccessDecisionVoters(List)} to beans that are instances of {@link AffirmativeBased}. This is the * default {@link AccessDecisionManager} implementation that the spring security namespace handler creates. * <p> * * The configuration could look like: * * <pre> * {@code * <bean id="voterAdder"> * <property name="additionalAccessDecisionVoters"> * <list> * <bean /> * </list> * </property> * </bean> * } * </pre> */ @Component public class VoterAdder implements BeanPostProcessor { private List<AccessDecisionVoter> additionalAccessDecisionVoters; public void setAdditionalAccessDecisionVoters(List<AccessDecisionVoter> additionalAccessDecisionVoters) { this.additionalAccessDecisionVoters = additionalAccessDecisionVoters; } @Override public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException { return bean; } @Override public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { if (bean instanceof AffirmativeBased) { AffirmativeBased dm = (AffirmativeBased) bean; additionalAccessDecisionVoters.addAll(dm.getDecisionVoters()); dm.setDecisionVoters(additionalAccessDecisionVoters); } return bean; } } |