public class UrlAccessRestrictionCheckingProcessor extends Object implements RequestSecurityProcessor
restriction
map, which are ANT-style path patterns.
If a key matches, the value is interpreted as a Spring EL expression, the expression is executed, and if it returns
true, the processor chain is continued, if not an AccessDeniedException
is thrown. The expression should be
one of this method calls that return a boolean:
Examples of user URL restrictions:
<entry key="/static-assets" value="permitAll()"/> <entry key="/user" value="hasAnyRole({'user', 'admin'})"/> <entry key="/admin" value="hasRole('admin')"/> <entry key="/**" value="isAuthenticated()"/>WARN: Remember to put the more general restrictions (like /**) at the end so they're matched last.
AntPathMatcher
Modifier and Type | Field and Description |
---|---|
static org.slf4j.Logger |
logger |
protected org.springframework.util.PathMatcher |
pathMatcher |
protected Map<String,org.springframework.expression.Expression> |
urlRestrictions |
Constructor and Description |
---|
UrlAccessRestrictionCheckingProcessor()
Default constructor.
|
Modifier and Type | Method and Description |
---|---|
protected Object |
createExpressionRoot(javax.servlet.http.HttpServletRequest request) |
protected String |
getRequestUrl(javax.servlet.http.HttpServletRequest request)
Returns the request URL without the context path.
|
protected Map<String,org.springframework.expression.Expression> |
getUrlRestrictions() |
protected boolean |
isAccessAllowed(javax.servlet.http.HttpServletRequest request,
org.springframework.expression.Expression expression) |
void |
processRequest(org.craftercms.commons.http.RequestContext context,
RequestSecurityProcessorChain processorChain)
Matches the request URL against the keys of the
restriction map, which are ANT-style path patterns. |
void |
setPathMatcher(org.springframework.util.PathMatcher pathMatcher)
Sets the path matcher to use to match the URLs for restriction checking.
|
void |
setUrlRestrictions(Map<String,String> restrictions)
Sets the map of restrictions.
|
public static final org.slf4j.Logger logger
protected org.springframework.util.PathMatcher pathMatcher
public UrlAccessRestrictionCheckingProcessor()
AntPathMatcher
as default path matcher.public void setPathMatcher(org.springframework.util.PathMatcher pathMatcher)
public void setUrlRestrictions(Map<String,String> restrictions)
protected Map<String,org.springframework.expression.Expression> getUrlRestrictions()
public void processRequest(org.craftercms.commons.http.RequestContext context, RequestSecurityProcessorChain processorChain) throws Exception
restriction
map, which are ANT-style path patterns. If
a key matches, the value is interpreted as a Spring EL expression, the expression is executed, and if it returns
true, the processor chain is continued, if not an AccessDeniedException
is thrown.processRequest
in interface RequestSecurityProcessor
context
- the context which holds the current request and responseprocessorChain
- the processor chain, used to call the next processorException
protected String getRequestUrl(javax.servlet.http.HttpServletRequest request)
protected boolean isAccessAllowed(javax.servlet.http.HttpServletRequest request, org.springframework.expression.Expression expression)
protected Object createExpressionRoot(javax.servlet.http.HttpServletRequest request)
Copyright © 2019 CrafterCMS. All rights reserved.