private void registerEndpointInterceptorIfNecessary(Element securedElement, ParserContext parserContext, Map<Integer, RuntimeBeanReference> interceptors, String authManager, String accessManager) { if (securedElement.hasChildNodes() && !interceptors.containsKey(MessageInterceptors.ENDPOINT_INTERCEPTOR.getOrder())) { BeanDefinitionBuilder interceptorBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getEndpointInterceptorClassName()); interceptorBuilder.addPropertyReference(AUTH_MANAGER_PROPERTY, authManager); if (StringUtils.hasText(accessManager)) { BeanDefinitionBuilder endpointDefSourceBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getEndpointDefinitionSourceClassName()); String access = securedChannel.getAttribute(ACCESS_ATTR); String channel = securedChannel.getAttribute(CHANNEL_ATTR); Object attributeDefinition = securityHelper.parseConfigAttributes(access); endpointMap.put(channel, attributeDefinition); Element securedPath = i.next(); requestMap.put(new AntPathRequestMatcher(securedPath.getAttribute(PATTERN_ATTR)), securityHelper.parseConfigAttributes(securedPath.getAttribute(ACCESS_ATTR)));
private void registerLoginCommand(String brokerId, ParserContext parserContext, ManagedSet<RuntimeBeanReference> configProcessors, Element securedElement, String authManager, boolean invalidateHttpSession, boolean perClientAuthentication) { String loginCommandId = securedElement.getAttribute(LOGIN_COMMAND_ATTR); if (!StringUtils.hasText(loginCommandId)) { loginCommandId = brokerId + BeanIds.LOGIN_COMMAND_SUFFIX; BeanDefinitionBuilder loginCommandBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getLoginCommandClassName()); loginCommandBuilder.addConstructorArgReference(authManager); loginCommandBuilder.addPropertyValue(PER_CLIENT_AUTHENTICATION_PROPERTY, perClientAuthentication); loginCommandBuilder.getRawBeanDefinition().setAttribute(INVALIDATE_HTTP_SESSION_PROPERTY, invalidateHttpSession); ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, loginCommandBuilder, loginCommandId); } BeanDefinitionBuilder loginCommandProcessorBuilder = BeanDefinitionBuilder.genericBeanDefinition(LOGIN_COMMAND_PROCESSOR_CLASS_NAME); loginCommandProcessorBuilder.addConstructorArgReference(loginCommandId); loginCommandProcessorBuilder.addPropertyValue(PER_CLIENT_AUTHENTICATION_PROPERTY, perClientAuthentication); String loginCommandProcessorId = ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, loginCommandProcessorBuilder); configProcessors.add(new RuntimeBeanReference(loginCommandProcessorId)); }
private void registerSecurityConfigPostProcessorIfNecessary(ParserContext parserContext, Element securedElement) { if (!parserContext.getRegistry().containsBeanDefinition(BeanIds.SECURITY_CONFIG_POST_PROCESSOR)) { BeanDefinitionBuilder securityConfigPostProcessorBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getSecurityConfigPostProcessorClassName()); securityConfigPostProcessorBuilder.setAutowireMode(AbstractBeanDefinition.AUTOWIRE_BY_TYPE); securityConfigPostProcessorBuilder.setDependencyCheck(AbstractBeanDefinition.DEPENDENCY_CHECK_NONE); ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, securityConfigPostProcessorBuilder, BeanIds.SECURITY_CONFIG_POST_PROCESSOR); } }
authManager = securityHelper.getAuthenticationManagerId(); accessManager = securityHelper.getAccessManagerId(); registerLoginCommand(brokerId, parserContext, configProcessors, securedElement, authManager, invalidateHttpSession, perClientAuthentication); BeanDefinitionBuilder exceptionTranslatorBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getSecurityExceptionTranslatorClassName()); String exceptionTranslatorBeanId = ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, exceptionTranslatorBuilder); translators.add(new RuntimeBeanReference(exceptionTranslatorBeanId)); BeanDefinitionBuilder perClientInterceptorBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getPerClientAuthenticationInterceptorClassName()); String perClientInterceptorBeanId = ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, perClientInterceptorBuilder); if (perClientAuthentication && !interceptors.containsKey(MessageInterceptors.PER_CLIENT_AUTH_INTERCEPTOR.getOrder())) { BeanDefinitionBuilder loginInterceptorBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getLoginMessageInterceptorClassName()); String loginInterceptorBeanId = ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, loginInterceptorBuilder); interceptors.put(MessageInterceptors.LOGIN_MESSAGE_INTERCEPTOR.getOrder(), new RuntimeBeanReference(loginInterceptorBeanId));
private void registerDataServicesConfigProcessorIfRequired(ParserContext parserContext, ManagedSet<RuntimeBeanReference> configProcessors, ManagedSet<RuntimeBeanReference> translators, Map<Integer, RuntimeBeanReference> interceptors, Element securedElement, String brokerId) { if (RuntimeEnvironment.isLCDS() && (!interceptors.isEmpty() || !translators.isEmpty())) { BeanDefinitionBuilder lcdsConfigProcessorBuilder = BeanDefinitionBuilder.genericBeanDefinition(DATASERVICES_PROCESSOR_CLASS_NAME); lcdsConfigProcessorBuilder.addPropertyValue(EXCEPTION_TRANSLATORS_PROPERTY, translators); Map<Integer, RuntimeBeanReference> nioInterceptors; //NIO Endpoints require the PerClientAuthenticationInterceptor if (!interceptors.containsKey(MessageInterceptors.PER_CLIENT_AUTH_INTERCEPTOR.getOrder())) { BeanDefinitionBuilder perClientInterceptorBuilder = BeanDefinitionBuilder.genericBeanDefinition(securityHelper.getPerClientAuthenticationInterceptorClassName()); String perClientInterceptorBeanId = ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, perClientInterceptorBuilder); // Initialize the NIO message interceptor map nioInterceptors = new TreeMap<Integer, RuntimeBeanReference>(interceptors); nioInterceptors.put(MessageInterceptors.PER_CLIENT_AUTH_INTERCEPTOR.getOrder(), new RuntimeBeanReference(perClientInterceptorBeanId)); } else { nioInterceptors = interceptors; } ManagedSet<RuntimeBeanReference> managedInterceptors = new ManagedSet<RuntimeBeanReference>(); managedInterceptors.addAll(nioInterceptors.values()); managedInterceptors.setSource(parserContext.extractSource(securedElement)); lcdsConfigProcessorBuilder.addPropertyValue(MESSAGE_INTERCEPTORS_PROPERTY, managedInterceptors); ParsingUtils.registerInfrastructureComponent(securedElement, parserContext, lcdsConfigProcessorBuilder, brokerId + BeanIds.DATASERVICES_CONFIG_PROCESSOR_SUFFIX); configProcessors.add(new RuntimeBeanReference(brokerId + BeanIds.DATASERVICES_CONFIG_PROCESSOR_SUFFIX)); } }