Spring Security remove RoleVoter prefix

后端未结

关注

 3  1490

In the project I am working we authenticate based on role ids rather than role description and this mapping is stored in the database.

My question is, How do I remov

相关标签:

3条回答

一个人的身影

2020-12-10 07:36

May be somebody need decision with annotation based for web application

@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true)
protected static class GlobalSecurityConfig extends GlobalMethodSecurityConfiguration {
    @Override
    protected AccessDecisionManager accessDecisionManager() {
        AffirmativeBased accessDecisionManager = (AffirmativeBased)super.accessDecisionManager();
        for(AccessDecisionVoter voter: accessDecisionManager.getDecisionVoters()){
            if(voter instanceof RoleVoter){
                // do what you whant
            }
        }
        return accessDecisionManager;
    }
}



@Configuration
@EnableWebSecurity
protected static class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Bean
    @Primary
    public AccessDecisionManager accessDecisionManager() {
        List<AccessDecisionVoter<? extends Object>> decisionVoters = Arrays.asList(
                new WebExpressionVoter(),
                new RoleVoter(),
                new AuthenticatedVoter()
        );
        return new AffirmativeBased(decisionVoters);
    }
}

0 讨论(0)

梦如初夏

2020-12-10 07:42

Spring security RoleVoterneeds a prefix in order to distinguish the granted authorities that are roles, see this answer for further details.

If you want to change this, you can always provide your own custom AccessDecisionManager and configure it with a customRoleVoter`.

This is an example of such a custom access decision manager:

public class MyAccessDecisionManager  extends AffirmativeBased {


    public MyAccessDecisionManager() {
        super();
        List<AccessDecisionVoter> decisionVoters = new ArrayList<AccessDecisionVoter>();
        RoleVoter roleVoter = new MyCustomRoleVoter();
        decisionVoters.add(roleVoter);
        AuthenticatedVoter authenticatedVoter = new AuthenticatedVoter();
        decisionVoters.add(authenticatedVoter);
        setDecisionVoters(decisionVoters);

    }

And for using it in place of the default access decision manager:

<bean id="myAccessDecisionManager" class="full.package.name.MyAccessDecisionManager" />

<security:http access-decision-manager-ref="myAccessDecisionManager">
    ...
</security:http>

0 讨论(0)

你的背包

2020-12-10 07:43

Since Spring 4 replace hasRole("X") with hasAuthority("X").

https://docs.spring.io/autorepo/docs/spring-security/4.0.0.RC1/reference/html/el-access.html

0 讨论(0)
发布评论:

提交评论
- 加载中...