public class ChannelDecisionManagerImpl extends Object implements ChannelDecisionManager, InitializingBean
ChannelDecisionManager.
Iterates through each configured ChannelProcessor. If a
ChannelProcessor has any issue with the security of the request, it should
cause a redirect, exception or whatever other action is appropriate for the
ChannelProcessor implementation.
Once any response is committed (ie a redirect is written to the response object), the
ChannelDecisionManagerImpl will not iterate through any further
ChannelProcessors.
The attribute "ANY_CHANNEL" if applied to a particular URL, the iteration through the channel processors will be skipped (see SEC-494, SEC-335).
| Modifier and Type | Field and Description |
|---|---|
static String |
ANY_CHANNEL |
| Constructor and Description |
|---|
ChannelDecisionManagerImpl() |
| Modifier and Type | Method and Description |
|---|---|
void |
afterPropertiesSet() |
void |
decide(FilterInvocation invocation,
Collection<org.springframework.security.access.ConfigAttribute> config)
Decided whether the presented
FilterInvocation provides the appropriate
level of channel security based on the requested list of ConfigAttributes. |
protected List<ChannelProcessor> |
getChannelProcessors() |
void |
setChannelProcessors(List<?> newList) |
boolean |
supports(org.springframework.security.access.ConfigAttribute attribute)
Indicates whether this
ChannelDecisionManager is able to process the
passed ConfigAttribute. |
public static final String ANY_CHANNEL
public void afterPropertiesSet()
throws Exception
afterPropertiesSet in interface InitializingBeanExceptionpublic void decide(FilterInvocation invocation, Collection<org.springframework.security.access.ConfigAttribute> config) throws IOException, javax.servlet.ServletException
ChannelDecisionManagerFilterInvocation provides the appropriate
level of channel security based on the requested list of ConfigAttributes.decide in interface ChannelDecisionManagerIOExceptionjavax.servlet.ServletExceptionprotected List<ChannelProcessor> getChannelProcessors()
public void setChannelProcessors(List<?> newList)
public boolean supports(org.springframework.security.access.ConfigAttribute attribute)
ChannelDecisionManagerChannelDecisionManager is able to process the
passed ConfigAttribute.
This allows the ChannelProcessingFilter to check every configuration
attribute can be consumed by the configured ChannelDecisionManager.
supports in interface ChannelDecisionManagerattribute - a configuration attribute that has been configured against the
ChannelProcessingFilterChannelDecisionManager can support the passed
configuration attribute