GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SEC-271: Removed the registeration of BFPP(AccessDeniedHandlerLocator) and improved comments

1.0.x
Vishal Puri 19 years ago
parent
4d783d7375
commit
a0cb72cc3c
1 changed files with 59 additions and 33 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 92
      sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ExceptionTranslationFilterBeanDefinitionParser.java

92
sandbox/spring-security-config/src/main/java/org/acegisecurity/config/ExceptionTranslationFilterBeanDefinitionParser.java
Unescape View File

@ -15,13 +15,40 @@ import org.springframework.util.xml.DomUtils;
import org.w3c.dom.Element; import org.w3c.dom.Element;
/** /**
* Basically accessDeniedUrl is optional, we if unspecified impl will * <p>
* auto-detect any AccessDeniedHandler in ctx and use it; alternately if there * This class parses the <security:exception-translation /> tag and creates the
* are > 1 such handlers, we can nominate the one to use via * bean defintion for <code>ExceptionTranslationFilter</code>.</br> The
* accessDeniedBeanRef; * '&lt;security:access-denied .. /&gt;' tag is optional and if not specified
* <code>ExceptionTranslationFilter</code> <br/> will autodetect the instance
* of <code>AccessDeniedHandler</code>; alternately if there are > 1 such
* handlers, <br/>we can nominate the one to use via 'accessDeniedBeanRef'.
* </p>
* *
* @author vpuri * <p>
* The 'entryPointBeanRef' and 'accessDeniedBeanRef' can be specified as
* attributes or inner bean definitions. <br/> See following sample showing both
* ways.
* </p>
*
* <p>
* Sample: <d1>
* <dt> &lt;security:exception-translation id="exceptionTranslationFilter"&gt;
* </dt>
* <dd> &lt;security:entry-point
* entryPointBeanRef="authenticationProcessingFilterEntryPoint" /&gt; </dd>
* <dd> &lt;security:access-denied accessDeniedBeanRef="theBeanToUse" /&gt;
* </dd>
* <dt>&lt;/security:exception-translation&gt;</dt>
* </d1> or <d1>
* <dt> &lt;security:exception-translation id="exceptionTranslationFilter"
* entryPointBeanRef="ref" accessDeniedBeanRef="ref" /&gt;</dt>
* </d1>
* </p>
*
* @author Vishal Puri
* @since * @since
* @see {@link org.acegisecurity.ui.ExceptionTranslationFilter}
* @see {@link org.acegisecurity.ui.AccessDeniedHandler}
*/ */
public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBeanDefinitionParser { public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBeanDefinitionParser {
@ -30,10 +57,10 @@ public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBean
private static final String ACCESS_DENIED_REF = "accessDeniedBeanRef"; private static final String ACCESS_DENIED_REF = "accessDeniedBeanRef";
private static final String ACCESS_DENIED_URL = "accessDeniedUrl"; private static final String ACCESS_DENIED_URL = "accessDeniedUrl";
private static final String ENTRY_POINT = "entry-point"; private static final String ENTRY_POINT = "entry-point";
private static final String ENTRY_POINT_REF ="entryPointBeanRef"; private static final String ENTRY_POINT_REF = "entryPointBeanRef";
protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) { protected AbstractBeanDefinition parseInternal(Element element, ParserContext parserContext) {
@ -42,10 +69,10 @@ public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBean
// add handler // add handler
Element accessDeniedElement = DomUtils.getChildElementByTagName(element, ACCESS_DENIED); Element accessDeniedElement = DomUtils.getChildElementByTagName(element, ACCESS_DENIED);
setAccessDeniedHandlerProperty(parserContext, exceptionFilterDef, accessDeniedElement); setAccessDeniedHandlerProperty(parserContext, exceptionFilterDef, accessDeniedElement);
Element entryPointElement = DomUtils.getChildElementByTagName(element, ENTRY_POINT); Element entryPointElement = DomUtils.getChildElementByTagName(element, ENTRY_POINT);
setEntryPointProperty(exceptionFilterDef, entryPointElement); setEntryPointProperty(exceptionFilterDef, entryPointElement);
return exceptionFilterDef; return exceptionFilterDef;
} }
@ -57,10 +84,11 @@ public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBean
} }
/** /**
* * Resolves are reference to 'accessDeniedHandler' property.
* @param parserContext * @param parserContext
* @param repositoryBeanDef * @param exceptionFilterDef The ExceptionFilter BeanDefinition
* @param element * @param accessDeniedElement The inner tag for accessDeniedHandler
* property.
*/ */
private void setAccessDeniedHandlerProperty(ParserContext parserContext, RootBeanDefinition exceptionFilterDef, private void setAccessDeniedHandlerProperty(ParserContext parserContext, RootBeanDefinition exceptionFilterDef,
Element accessDeniedElement) { Element accessDeniedElement) {
@ -68,29 +96,21 @@ public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBean
setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, accessDeniedElement, "accessDeniedHandler", setBeanReferenceOrInnerBeanDefinitions(exceptionFilterDef, accessDeniedElement, "accessDeniedHandler",
accessDeniedElement.getAttribute(ACCESS_DENIED_REF)); accessDeniedElement.getAttribute(ACCESS_DENIED_REF));
} }
else {
// register BFPP to check if handler exist in application context,
// if > 1 throw error saying ref should be specified as there are
// more than one
RootBeanDefinition accessDeniedHandlerLocatorBeanDef = new RootBeanDefinition(
AccessDeniedHandlerBeanDefinitionLocator.class);
parserContext.getReaderContext().registerWithGeneratedName(accessDeniedHandlerLocatorBeanDef);
}
} }
/** /**
* Add property if it's specified as an attribute or inner tag.
* *
* @param repositoryBeanDef * @param exceptionFilterDef The ExceptionFilter BeanDefinition
* @param element * @param element The inner bean element
* @param property * @param property The property to add
* @param reference * @param beanRef The bean reference to resolve.
*/ */
private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, private void setBeanReferenceOrInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element element,
Element element, String property, String beanRef) { String property, String beanRef) {
// check for encoderBeanRef attribute // check for encoderBeanRef attribute
if (StringUtils.hasLength(beanRef)) { if (StringUtils.hasLength(beanRef)) {
exceptionFilterDef.getPropertyValues().addPropertyValue(property, exceptionFilterDef.getPropertyValues().addPropertyValue(property, new RuntimeBeanReference(beanRef));
new RuntimeBeanReference(beanRef));
} }
else { else {
doSetInnerBeanDefinitions(exceptionFilterDef, element, property); doSetInnerBeanDefinitions(exceptionFilterDef, element, property);
@ -98,10 +118,10 @@ public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBean
} }
/** /**
* * Add property specified as an inner bean definition.
* @param repositoryBeanDef * @param exceptionFilterDef The ExceptionFilter BeanDefinition
* @param element * @param element The inner bean element
* @param property * @param property The property to add
*/ */
private void doSetInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element accessDeniedElement, private void doSetInnerBeanDefinitions(RootBeanDefinition exceptionFilterDef, Element accessDeniedElement,
String property) { String property) {
@ -111,6 +131,12 @@ public class ExceptionTranslationFilterBeanDefinitionParser extends AbstractBean
} }
/**
* @param element
* @param attribute
* @param property
* @param definition
*/
private void setPropertyIfAvailable(Element element, String attribute, String property, private void setPropertyIfAvailable(Element element, String attribute, String property,
RootBeanDefinition definition) { RootBeanDefinition definition) {
String propertyValue = element.getAttribute(attribute); String propertyValue = element.getAttribute(attribute);

Write Preview
Loading…
Cancel
Save