iplatform平台基础类库
blame | 历史 | 原始文档
shikeying
2024-01-11 3b67e947e36133e2a40eb2737b15ea375e157ea0 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

package com.walker.web.security;


 


import org.springframework.security.access.SecurityMetadataSource;


import org.springframework.security.access.intercept.AbstractSecurityInterceptor;


import org.springframework.security.access.intercept.InterceptorStatusToken;


import org.springframework.security.web.FilterInvocation;


import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;


 


import javax.servlet.Filter;


import javax.servlet.FilterChain;


import javax.servlet.FilterConfig;


import javax.servlet.ServletException;


import javax.servlet.ServletRequest;


import javax.servlet.ServletResponse;


import java.io.IOException;


 


/**


 * 目前看不需要重写该对象,已废弃。


 * @date 2022-11-02


 */


@Deprecated


public class DefaultSecurityInterceptor extends AbstractSecurityInterceptor implements


        Filter {


 


    private FilterInvocationSecurityMetadataSource securityMetadataSource;


 


    @Override


    public void destroy() {


 


    }


 


    @Override


    public void doFilter(ServletRequest request, ServletResponse response,


                         FilterChain chain) throws IOException, ServletException {


        FilterInvocation fi = new  FilterInvocation(request, response, chain);


        invoke(fi);


    }


 


    @Override


    public void init(FilterConfig arg0) throws ServletException {


 


    }


 


    @Override


    public Class<?> getSecureObjectClass() {


        return FilterInvocation.class ;


    }


 


    @Override


    public SecurityMetadataSource obtainSecurityMetadataSource() {


        return this.securityMetadataSource;


    }


 


    private void invoke(FilterInvocation fi)  throws  IOException, ServletException {


        // object为FilterInvocation对象


        //super.beforeInvocation(fi);源码


        //1.获取请求资源的权限


        //执行Collection<ConfigAttribute> attributes = SecurityMetadataSource.getAttributes(object);


        //2.是否拥有权限


        //this.accessDecisionManager.decide(authenticated, object, attributes);


        InterceptorStatusToken token = super.beforeInvocation(fi);


        try  {


            fi.getChain().doFilter(fi.getRequest(), fi.getResponse());


        } finally  {


//            super.afterInvocation(token,  null );


            super.finallyInvocation(token);


        }


        super.afterInvocation(token, (Object)null);


    }


 


    public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource securityMetadataSource) {


        this.securityMetadataSource = securityMetadataSource;


    }


 


//    public void setMyAccessDecisionManager(CustomizeAccessDecisionManager accessDecisionManager) {


//        super.setAccessDecisionManager(accessDecisionManager);


//    }


}