Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 13:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-138: Make exception output to Commons Logging, not system console.

Browse Source
This commit is contained in:
Ben Alex 2006-01-26 09:36:48 +00:00
parent 10541fc9db
commit 37802e3748
1 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
core/src/main/java/org/acegisecurity/intercept/method/MethodInvocationPrivilegeEvaluator.java
View File

@ -1,4 +1,4 @@
/* Copyright 2004, 2005 Acegi Technology Pty Limited /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -23,6 +23,9 @@ import org.acegisecurity.intercept.AbstractSecurityInterceptor;
import org.aopalliance.intercept.MethodInvocation; import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -46,12 +49,20 @@ import org.springframework.util.Assert;
* @version $Id$ * @version $Id$
*/ */
public class MethodInvocationPrivilegeEvaluator implements InitializingBean { public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
//~ Static fields/initializers =============================================
protected static final Log logger = LogFactory.getLog(MethodInvocationPrivilegeEvaluator.class);
//~ Instance fields ======================================================== //~ Instance fields ========================================================
private AbstractSecurityInterceptor securityInterceptor; private AbstractSecurityInterceptor securityInterceptor;
//~ Methods ================================================================ //~ Methods ================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(securityInterceptor, "SecurityInterceptor required");
}
public boolean isAllowed(MethodInvocation mi, Authentication authentication) { public boolean isAllowed(MethodInvocation mi, Authentication authentication) {
Assert.notNull(authentication, "Authentication required"); Assert.notNull(authentication, "Authentication required");
Assert.notNull(authentication.getAuthorities(), Assert.notNull(authentication.getAuthorities(),
@ -76,10 +87,13 @@ public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
} }
try { try {
securityInterceptor.getAccessDecisionManager().decide(authentication, securityInterceptor.getAccessDecisionManager()
mi, attrs); .decide(authentication, mi, attrs);
} catch (AccessDeniedException unauthorized) { } catch (AccessDeniedException unauthorized) {
unauthorized.printStackTrace(); if (logger.isDebugEnabled()) {
logger.debug(mi.toString() + " denied for "
+ authentication.toString(), unauthorized);
}
return false; return false;
} }
@ -98,8 +112,4 @@ public class MethodInvocationPrivilegeEvaluator implements InitializingBean {
"AbstractSecurityInterceptor must provide a non-null AccessDecisionManager"); "AbstractSecurityInterceptor must provide a non-null AccessDecisionManager");
this.securityInterceptor = securityInterceptor; this.securityInterceptor = securityInterceptor;
} }
public void afterPropertiesSet() throws Exception {
Assert.notNull(securityInterceptor, "SecurityInterceptor required");
}
} }