this interceptor has two main function,one use ConfigAttributeDefinition difineing the url and it's role ,the second use Voter to filter the urls.the parameter ConfigAttributeDefinition config is get from the data base according the url including role(authentication).
[code] public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
int result = ACCESS_ABSTAIN;
Iterator iter = config.getConfigAttributes();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();
if (this.supports(attribute)) {
result = ACCESS_DENIED;
// Attempt to find a matching granted authority
for (int i = 0; i < authentication.getAuthorities().length; i++) {
if (attribute.getAttribute().equals(authentication.getAuthorities()[i].getAuthority())) {
return ACCESS_GRANTED;
}
}
}
}
return result;
}[/code]
the result defines wheather it pass or deny.if deny,the exceptionTranslationFilter will catch that exception and check.if is AnonymousAuthenticationToken ,it will ridrect to the entry url .otherwise to the deny url.
[code] public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
int result = ACCESS_ABSTAIN;
Iterator iter = config.getConfigAttributes();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();
if (this.supports(attribute)) {
result = ACCESS_DENIED;
// Attempt to find a matching granted authority
for (int i = 0; i < authentication.getAuthorities().length; i++) {
if (attribute.getAttribute().equals(authentication.getAuthorities()[i].getAuthority())) {
return ACCESS_GRANTED;
}
}
}
}
return result;
}[/code]
the result defines wheather it pass or deny.if deny,the exceptionTranslationFilter will catch that exception and check.if is AnonymousAuthenticationToken ,it will ridrect to the entry url .otherwise to the deny url.
扫一扫
1420
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
