Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package cn.net.withub.demo.bootsec.hello.security; import java.util.Collection; import org.springframework.security.access.AccessDecisionManager; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.authentication.InsufficientAuthenticationException; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; /** * * * @author Diluka */ public class CustomAccessDecisionManager implements AccessDecisionManager { //????????? @Override public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException { if (configAttributes == null) { //?? throw new AccessDeniedException("Access Dendied"); } //???(???) for (ConfigAttribute configAttribute : configAttributes) { //???? String needPermission = configAttribute.getAttribute(); System.out.println("needPermission is " + needPermission); //??authentication for (GrantedAuthority ga : authentication.getAuthorities()) { if (needPermission.equals(ga.getAuthority())) { return; } } } //?? throw new AccessDeniedException("Access Dendied"); //throw new InsufficientAuthenticationException("???"); } @Override public boolean supports(ConfigAttribute attribute) { return true; } @Override public boolean supports(Class<?> clazz) { return true; } }