本地新币代码
blame | history | raw
zj
2024-08-02 815342ea90c689561adeecca3230b5b5f8ddc2b7 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

/**


 * 


 */


package security.filter;


 


import java.util.Collection;


import java.util.Map;


 


import org.slf4j.Logger;


import org.slf4j.LoggerFactory;


import org.springframework.security.ConfigAttributeDefinition;


import org.springframework.security.intercept.web.FilterInvocation;


import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;


 


import security.Constants;


import security.SecUser;


import security.SecurityAppUserHolder;


import security.internal.SecurityAuthoritiesHolder;


import security.util.AuthenticationUtil;


 


/**


 * URL过虑器


 * 


 */


public class UrlResourceFilterInvocationDefinitionSource implements FilterInvocationDefinitionSource {


 


    private static final Logger logger=LoggerFactory.getLogger(UrlResourceFilterInvocationDefinitionSource.class);


 


    private SecurityAuthoritiesHolder securityAuthoritiesHolder;


 


    public ConfigAttributeDefinition getAttributes(Object filter) throws IllegalArgumentException {


        if ((filter == null) || !this.supports(filter.getClass())) {


            throw new IllegalArgumentException("Sorry, the target object is not FilterInvocation type!");


        }


        SecUser user = SecurityAppUserHolder.getCurrentUser();


        // 用户是否已登陆


        if (null == user) {


            return ConfigAttributeDefinition.NO_ATTRIBUTES;


        }


        FilterInvocation filterInvocation = (FilterInvocation) filter;


        // 待验证URL


        String requestURI = filterInvocation.getRequestUrl();


        if (logger.isDebugEnabled()) {


            logger.debug("To be verified: " + requestURI);


        }


        Map<String, String> urlAuthorities = this.securityAuthoritiesHolder.loadAuthorities(Constants.RESTYPE_URL);


        // 得到该URL允许的角色串


        String authorities = AuthenticationUtil.resourceMatches(urlAuthorities, requestURI);


        


        return AuthenticationUtil.getCadByAuthorities(authorities);


    }


 


    @SuppressWarnings("rawtypes")


    public Collection getConfigAttributeDefinitions() {


        return null;


    }


 


    @SuppressWarnings("rawtypes")


    public boolean supports(Class clazz) {


        if (FilterInvocation.class.isAssignableFrom(clazz)) {


            return true;


        }


        else {


            return false;


        }


    }


 


    public void setSecurityAuthoritiesHolder(


            SecurityAuthoritiesHolder securityAuthoritiesHolder) {


        this.securityAuthoritiesHolder = securityAuthoritiesHolder;


    }


 


 


 


 


}