|
|
this interceptor has two main function,one use ConfigAttributeDefinition difineing the url and it's role ,the second use Voter to filter the urls.the parameter ConfigAttributeDefinition config is get from the data base according the url including role(authentication).
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) { int result = ACCESS_ABSTAIN; Iterator iter = config.getConfigAttributes(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); if (this.supports(attribute)) { result = ACCESS_DENIED; // Attempt to find a matching granted authority for (int i = 0; i < authentication.getAuthorities().length; i++) { if (attribute.getAttribute().equals(authentication.getAuthorities()[i].getAuthority())) { return ACCESS_GRANTED; } } } } return result; }
the result defines wheather it pass or deny.if deny,the exceptionTranslationFilter will catch that exception and check.if is AnonymousAuthenticationToken ,it will ridrect to the entry url .otherwise to the deny url. |
|
京ICP备14020293号-2
本网站内容均收集于互联网,如有问题请联系QQ:389897944予以删除
窥视卡
雷达卡
楼主
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡