/**
* Decide.
*
* @param authentication
* the authentication
* @param object
* the object
* @param configAttributes
* the configuration attributes
* @throws AccessDeniedException
* the access denied exception
* @throws InsufficientAuthenticationException
* the insufficient authentication exception
*/
@Override
public void decide(final Authentication authentication, final Object object, final Collection<ConfigAttribute> configAttributes)
throws AccessDeniedException, InsufficientAuthenticationException {
boolean allowAccess = false;
for (final GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
for (final ConfigAttribute attribute : configAttributes) {
allowAccess = attribute.getAttribute().equals(grantedAuthority.getAuthority());
if (allowAccess) {
break;// this loop
}
}
}
if (!allowAccess) {
throw new AccessDeniedException("Access is denied");
}
}
WebSecurityConfig.java 文件源码
java
阅读 33
收藏 0
点赞 0
评论 0
项目:interview-preparation
作者:
评论列表
文章目录
