Added access-decision-manager-ref attribute to intercept-methods element. Made interceptor bean autowired by default to pick up AfterInvocationManager.

2008-02-09 15:38:31 +00:00 · 2008-02-09 15:38:31 +00:00 · 3c775b5d0d
parent 10ab4136d1
commit 3c775b5d0d
3 changed files with 22 additions and 22 deletions
--- a/core/src/main/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecorator.java
+++ b/core/src/main/java/org/springframework/security/config/InterceptMethodsBeanDefinitionDecorator.java
@ -7,6 +7,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.beans.factory.config.BeanDefinitionHolder;
 import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.beans.factory.support.RootBeanDefinition;
+import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 import org.springframework.beans.factory.xml.BeanDefinitionDecorator;
 import org.springframework.beans.factory.xml.ParserContext;
 import org.springframework.security.ConfigAttributeDefinition;
@ -47,13 +48,16 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
    static final String ATT_CLASS = "class";
 	static final String ATT_METHOD = "method";
 	static final String ATT_ACCESS = "access";
-    private static final String ATT_ACCESS_MGR = "access-decision-manager";
+    private static final String ATT_ACCESS_MGR = "access-decision-manager-ref";

    private Log logger = LogFactory.getLog(getClass());

    protected BeanDefinition createInterceptorDefinition(Node node) {
        Element interceptMethodsElt = (Element)node;
-        RootBeanDefinition interceptor = new RootBeanDefinition(MethodSecurityInterceptor.class);
+        BeanDefinitionBuilder interceptor = BeanDefinitionBuilder.rootBeanDefinition(MethodSecurityInterceptor.class);
+
+        // Default to autowiring to pick up after invocation mgr
+        interceptor.setAutowireMode(RootBeanDefinition.AUTOWIRE_BY_TYPE);

        String accessManagerId = interceptMethodsElt.getAttribute(ATT_ACCESS_MGR);

@ -61,23 +65,8 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
            accessManagerId = BeanIds.ACCESS_MANAGER;
        }

-        interceptor.getPropertyValues().addPropertyValue("accessDecisionManager",
-                new RuntimeBeanReference(accessManagerId));
-
-        interceptor.getPropertyValues().addPropertyValue("authenticationManager",
-                new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
-
-        Element beanNode = (Element)interceptMethodsElt.getParentNode();
-        // Get the class from the parent bean...
-        String targetClassName = beanNode.getAttribute(ATT_CLASS);
-        Class targetClass;
-
-        try {
-            targetClass = Thread.currentThread().getContextClassLoader().loadClass(targetClassName);
-        } catch (ClassNotFoundException e) {
-            logger.error("Couldn't load class " + targetClassName);
-            throw new SecurityConfigurationException("Couldn't load class " + targetClassName);
-        }
+        interceptor.addPropertyValue("accessDecisionManager", new RuntimeBeanReference(accessManagerId));
+        interceptor.addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));

        // Parse the included methods
        List methods = DomUtils.getChildElementsByTagName(interceptMethodsElt, Elements.PROTECT);
@ -96,8 +85,8 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
                    (ConfigAttributeDefinition) attributeEditor.getValue());
        }

-        interceptor.getPropertyValues().addPropertyValue("objectDefinitionSource", methodMap);
+        interceptor.addPropertyValue("objectDefinitionSource", methodMap);

-        return interceptor;
+        return interceptor.getBeanDefinition();
    }
 }
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc
@ -97,7 +97,10 @@ ldap-ap.attlist &=
 intercept-methods =
    ## Can be used inside a bean definition to add a security interceptor to the bean and set up access configuration attributes for the bean's methods
    element intercept-methods {intercept-methods.attlist, protect+}
-intercept-methods.attlist = empty
+intercept-methods.attlist &=
+    ## Optional AccessDecisionManager bean ID to be used by the created method security interceptor.
+    attribute access-decision-manager-ref {xsd:string}?
+

 protect =
    ## Defines a protected method and the access control configuration attributes that apply to it
--- a/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
+++ b/core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd
@ -242,8 +242,16 @@
      <xs:sequence>
        <xs:element maxOccurs="unbounded" ref="security:protect"/>
      </xs:sequence>
+      <xs:attributeGroup ref="security:intercept-methods.attlist"/>
    </xs:complexType>
  </xs:element>
+  <xs:attributeGroup name="intercept-methods.attlist">
+    <xs:attribute name="access-decision-manager-ref" type="xs:string">
+      <xs:annotation>
+        <xs:documentation>Optional AccessDecisionManager bean ID to be used by the created method security interceptor.</xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
+  </xs:attributeGroup>
  <xs:element name="protect">
    <xs:annotation>
      <xs:documentation>Defines a protected method and the access control configuration attributes that apply to it</xs:documentation>