spring-security-web

org.springframework.security.web.access.intercept
Class DefaultFilterInvocationSecurityMetadataSource

java.lang.Object
  extended by org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
All Implemented Interfaces:
AopInfrastructureBean, org.springframework.security.access.SecurityMetadataSource, FilterInvocationSecurityMetadataSource
Direct Known Subclasses:
ExpressionBasedFilterInvocationSecurityMetadataSource

public class DefaultFilterInvocationSecurityMetadataSource
extends Object
implements FilterInvocationSecurityMetadataSource

Default implementation of FilterInvocationDefinitionSource.

Stores an ordered map of RequestMatchers to ConfigAttribute collections and provides matching of FilterInvocations against the items stored in the map.

The order of the RequestMatchers in the map is very important. The first one which matches the request will be used. Later matchers in the map will not be invoked if a match has already been found. Accordingly, the most specific matchers should be registered first, with the most general matches registered last.

The most common method creating an instance is using the Spring Security namespace. For example, the pattern and access attributes of the <intercept-url> elements defined as children of the <http> element are combined to build the instance used by the FilterSecurityInterceptor.

Author:
Ben Alex, Luke Taylor

Field Summary
protected  org.apache.commons.logging.Log logger
           
 
Constructor Summary
DefaultFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher,Collection<org.springframework.security.access.ConfigAttribute>> requestMap)
          Sets the internal request map from the supplied map.
 
Method Summary
 Collection<org.springframework.security.access.ConfigAttribute> getAllConfigAttributes()
           
 Collection<org.springframework.security.access.ConfigAttribute> getAttributes(Object object)
           
 boolean supports(Class<?> clazz)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected final org.apache.commons.logging.Log logger
Constructor Detail

DefaultFilterInvocationSecurityMetadataSource

public DefaultFilterInvocationSecurityMetadataSource(LinkedHashMap<RequestMatcher,Collection<org.springframework.security.access.ConfigAttribute>> requestMap)
Sets the internal request map from the supplied map. The key elements should be of type RequestMatcher, which. The path stored in the key will depend on the type of the supplied UrlMatcher.

Parameters:
requestMap - order-preserving map of request definitions to attribute lists
Method Detail

getAllConfigAttributes

public Collection<org.springframework.security.access.ConfigAttribute> getAllConfigAttributes()
Specified by:
getAllConfigAttributes in interface org.springframework.security.access.SecurityMetadataSource

getAttributes

public Collection<org.springframework.security.access.ConfigAttribute> getAttributes(Object object)
Specified by:
getAttributes in interface org.springframework.security.access.SecurityMetadataSource

supports

public boolean supports(Class<?> clazz)
Specified by:
supports in interface org.springframework.security.access.SecurityMetadataSource

spring-security-web