Spring Security删除RoleVoter前缀

时间:2014-02-07 05:31:48

标签: spring spring-security

在我正在工作的项目中,我们根据角色ID而不是角色描述进行身份验证,并且此映射存储在数据库中。

我的问题是,如何删除Spring Security的RoleVoter前缀以实现上述设计?

3 个答案:

答案 0 :(得分:6)

Spring security RoleVoter需要一个前缀才能区分授予的角色权限,有关详细信息,请参阅此answer

如果您想更改此设置,您可以随时提供自己的自定义AccessDecisionManager and configure it with a custom RoleVoter`。

这是此类自定义访问决策管理器的示例:

public class MyAccessDecisionManager  extends AffirmativeBased {


    public MyAccessDecisionManager() {
        super();
        List<AccessDecisionVoter> decisionVoters = new ArrayList<AccessDecisionVoter>();
        RoleVoter roleVoter = new MyCustomRoleVoter();
        decisionVoters.add(roleVoter);
        AuthenticatedVoter authenticatedVoter = new AuthenticatedVoter();
        decisionVoters.add(authenticatedVoter);
        setDecisionVoters(decisionVoters);

    }

并使用它代替默认访问决策管理器:

<bean id="myAccessDecisionManager" class="full.package.name.MyAccessDecisionManager" />

<security:http access-decision-manager-ref="myAccessDecisionManager">
    ...
</security:http>

答案 1 :(得分:0)

可能有人需要基于Web应用程序的注释决定

@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true)
protected static class GlobalSecurityConfig extends GlobalMethodSecurityConfiguration {
    @Override
    protected AccessDecisionManager accessDecisionManager() {
        AffirmativeBased accessDecisionManager = (AffirmativeBased)super.accessDecisionManager();
        for(AccessDecisionVoter voter: accessDecisionManager.getDecisionVoters()){
            if(voter instanceof RoleVoter){
                // do what you whant
            }
        }
        return accessDecisionManager;
    }
}



@Configuration
@EnableWebSecurity
protected static class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Bean
    @Primary
    public AccessDecisionManager accessDecisionManager() {
        List<AccessDecisionVoter<? extends Object>> decisionVoters = Arrays.asList(
                new WebExpressionVoter(),
                new RoleVoter(),
                new AuthenticatedVoter()
        );
        return new AffirmativeBased(decisionVoters);
    }
}

答案 2 :(得分:0)

从Spring 4开始,将hasRole("X")替换为hasAuthority("X")

https://docs.spring.io/autorepo/docs/spring-security/4.0.0.RC1/reference/html/el-access.html

相关问题
最新问题