From 537a58d754ce24c598d92aa5c38f86a8af6f599f Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Sat, 30 Oct 2004 06:07:17 +0000 Subject: [PATCH] Added net.sf.acegisecurity.intercept.event package. --- changelog.txt | 1 + .../AbstractSecurityInterceptor.java | 99 +++++++++++++++-- ...uthenticationCredentialsNotFoundEvent.java | 72 ++++++++++++ .../event/AuthenticationFailureEvent.java | 79 +++++++++++++ .../event/AuthorizationFailureEvent.java | 79 +++++++++++++ .../intercept/event/AuthorizedEvent.java | 71 ++++++++++++ .../intercept/event/LoggerListener.java | 104 ++++++++++++++++++ .../event/PublicInvocationEvent.java | 46 ++++++++ .../event/SecurityInterceptionEvent.java | 38 +++++++ 9 files changed, 581 insertions(+), 8 deletions(-) create mode 100644 core/src/main/java/org/acegisecurity/intercept/event/AuthenticationCredentialsNotFoundEvent.java create mode 100644 core/src/main/java/org/acegisecurity/intercept/event/AuthenticationFailureEvent.java create mode 100644 core/src/main/java/org/acegisecurity/intercept/event/AuthorizationFailureEvent.java create mode 100644 core/src/main/java/org/acegisecurity/intercept/event/AuthorizedEvent.java create mode 100644 core/src/main/java/org/acegisecurity/intercept/event/LoggerListener.java create mode 100644 core/src/main/java/org/acegisecurity/intercept/event/PublicInvocationEvent.java create mode 100644 core/src/main/java/org/acegisecurity/intercept/event/SecurityInterceptionEvent.java diff --git a/changelog.txt b/changelog.txt index d29357e0d6..dcf9bad970 100644 --- a/changelog.txt +++ b/changelog.txt @@ -7,6 +7,7 @@ Changes in version 0.7 (2004-xx-xx) * Added MethodDefinitionMap querying of interfaces defined by secure objects * Added AuthenticationProcessingFilter.setDetails for use by subclasses * Added 403-causing exception to HttpSession via SecurityEnforcementFilter +* Added net.sf.acegisecurity.intercept.event package * Refactored MethodDefinitionSource to work with Method, not MethodInvocation * Refactored AbstractSecurityInterceptor to better support other AOP libraries * Fixed AbstractProcessingFitler to use removeAttribute (JRun compatibility) diff --git a/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java b/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java index cedee9c272..22271bfa19 100644 --- a/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java +++ b/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java @@ -16,8 +16,10 @@ package net.sf.acegisecurity.intercept; import net.sf.acegisecurity.AccessDecisionManager; +import net.sf.acegisecurity.AccessDeniedException; import net.sf.acegisecurity.Authentication; import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException; +import net.sf.acegisecurity.AuthenticationException; import net.sf.acegisecurity.AuthenticationManager; import net.sf.acegisecurity.ConfigAttribute; import net.sf.acegisecurity.ConfigAttributeDefinition; @@ -25,13 +27,22 @@ import net.sf.acegisecurity.RunAsManager; import net.sf.acegisecurity.context.Context; import net.sf.acegisecurity.context.ContextHolder; import net.sf.acegisecurity.context.SecureContext; +import net.sf.acegisecurity.intercept.event.AuthenticationCredentialsNotFoundEvent; +import net.sf.acegisecurity.intercept.event.AuthenticationFailureEvent; +import net.sf.acegisecurity.intercept.event.AuthorizationFailureEvent; +import net.sf.acegisecurity.intercept.event.AuthorizedEvent; +import net.sf.acegisecurity.intercept.event.PublicInvocationEvent; import net.sf.acegisecurity.runas.NullRunAsManager; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.springframework.beans.BeansException; import org.springframework.beans.factory.InitializingBean; +import org.springframework.context.ApplicationContext; +import org.springframework.context.ApplicationContextAware; + import java.util.HashSet; import java.util.Iterator; import java.util.Set; @@ -127,7 +138,8 @@ import java.util.Set; * @author Ben Alex * @version $Id$ */ -public abstract class AbstractSecurityInterceptor implements InitializingBean { +public abstract class AbstractSecurityInterceptor implements InitializingBean, + ApplicationContextAware { //~ Static fields/initializers ============================================= protected static final Log logger = LogFactory.getLog(AbstractSecurityInterceptor.class); @@ -135,12 +147,18 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean { //~ Instance fields ======================================================== private AccessDecisionManager accessDecisionManager; + private ApplicationContext context; private AuthenticationManager authenticationManager; private RunAsManager runAsManager = new NullRunAsManager(); private boolean validateConfigAttributes = true; //~ Methods ================================================================ + public void setApplicationContext(ApplicationContext applicationContext) + throws BeansException { + this.context = applicationContext; + } + public abstract ObjectDefinitionSource obtainObjectDefinitionSource(); public void setAccessDecisionManager( @@ -253,6 +271,12 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean { } protected InterceptorStatusToken beforeInvocation(Object object) { + if (this.context != null) { + System.out.println("xx"); + } else { + System.out.println("null"); + } + if (object == null) { throw new IllegalArgumentException("Object was null"); } @@ -275,8 +299,8 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean { // Ensure ContextHolder presents a populated SecureContext if ((ContextHolder.getContext() == null) || !(ContextHolder.getContext() instanceof SecureContext)) { - throw new AuthenticationCredentialsNotFoundException( - "A valid SecureContext was not provided in the RequestContext"); + credentialsNotFound("A valid SecureContext was not provided in the RequestContext", + object, attr); } SecureContext context = (SecureContext) ContextHolder.getContext(); @@ -284,13 +308,27 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean { // We check for just the property we're interested in (we do // not call Context.validate() like the ContextInterceptor) if (context.getAuthentication() == null) { - throw new AuthenticationCredentialsNotFoundException( - "Authentication credentials were not found in the SecureContext"); + credentialsNotFound("Authentication credentials were not found in the SecureContext", + object, attr); } // Attempt authentication - Authentication authenticated = this.authenticationManager - .authenticate(context.getAuthentication()); + Authentication authenticated; + + try { + authenticated = this.authenticationManager.authenticate(context + .getAuthentication()); + } catch (AuthenticationException authenticationException) { + if (this.context != null) { + AuthenticationFailureEvent event = new AuthenticationFailureEvent(object, + attr, context.getAuthentication(), + authenticationException); + this.context.publishEvent(event); + } + + throw authenticationException; + } + authenticated.setAuthenticated(true); if (logger.isDebugEnabled()) { @@ -301,12 +339,28 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean { ContextHolder.setContext((Context) context); // Attempt authorization - this.accessDecisionManager.decide(authenticated, object, attr); + try { + this.accessDecisionManager.decide(authenticated, object, attr); + } catch (AccessDeniedException accessDeniedException) { + if (this.context != null) { + AuthorizationFailureEvent event = new AuthorizationFailureEvent(object, + attr, authenticated, accessDeniedException); + this.context.publishEvent(event); + } + + throw accessDeniedException; + } if (logger.isDebugEnabled()) { logger.debug("Authorization successful"); } + if (this.context != null) { + AuthorizedEvent event = new AuthorizedEvent(object, attr, + authenticated); + this.context.publishEvent(event); + } + // Attempt to run as a different user Authentication runAs = this.runAsManager.buildRunAs(authenticated, object, attr); @@ -337,6 +391,10 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean { logger.debug("Public object - authentication not attempted"); } + if (this.context != null) { + this.context.publishEvent(new PublicInvocationEvent(object)); + } + // Set Authentication object (if it exists) to be unauthenticated if ((ContextHolder.getContext() != null) && ContextHolder.getContext() instanceof SecureContext) { @@ -359,4 +417,29 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean { return null; // no further work post-invocation } } + + /** + * Helper method which generates an exception contained the passed reason, + * and publishes an event to the application context. + * + *

+ * Always throws an exception. + *

+ * + * @param reason to be provided in the exceptiond detail + * @param secureObject that was being called + * @param configAttribs that were defined for the secureObject + */ + private void credentialsNotFound(String reason, Object secureObject, + ConfigAttributeDefinition configAttribs) { + AuthenticationCredentialsNotFoundException exception = new AuthenticationCredentialsNotFoundException(reason); + + if (this.context != null) { + AuthenticationCredentialsNotFoundEvent event = new AuthenticationCredentialsNotFoundEvent(secureObject, + configAttribs, exception); + this.context.publishEvent(event); + } + + throw exception; + } } diff --git a/core/src/main/java/org/acegisecurity/intercept/event/AuthenticationCredentialsNotFoundEvent.java b/core/src/main/java/org/acegisecurity/intercept/event/AuthenticationCredentialsNotFoundEvent.java new file mode 100644 index 0000000000..f0e199f7ab --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/event/AuthenticationCredentialsNotFoundEvent.java @@ -0,0 +1,72 @@ +/* Copyright 2004 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package net.sf.acegisecurity.intercept.event; + +import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException; +import net.sf.acegisecurity.ConfigAttributeDefinition; + + +/** + * Indicates a secure object invocation failed because the + * Authentication could not be obtained from the + * ContextHolder. + * + * @author Ben Alex + * @version $Id$ + */ +public class AuthenticationCredentialsNotFoundEvent + extends SecurityInterceptionEvent { + //~ Instance fields ======================================================== + + private AuthenticationCredentialsNotFoundException credentialsNotFoundException; + private ConfigAttributeDefinition configAttributeDefinition; + + //~ Constructors =========================================================== + + /** + * Construct the event. + * + * @param secureObject the secure object + * @param configAttribs that apply to the secure object + * @param credentialsNotFoundException exception returned to the caller + * (contains reason) + * + * @throws IllegalArgumentException DOCUMENT ME! + */ + public AuthenticationCredentialsNotFoundEvent(Object secureObject, + ConfigAttributeDefinition configAttribs, + AuthenticationCredentialsNotFoundException credentialsNotFoundException) { + super(secureObject); + + if ((configAttribs == null) || (credentialsNotFoundException == null)) { + throw new IllegalArgumentException( + "All parameters are required and cannot be null"); + } + + this.configAttributeDefinition = configAttribs; + this.credentialsNotFoundException = credentialsNotFoundException; + } + + //~ Methods ================================================================ + + public ConfigAttributeDefinition getConfigAttributeDefinition() { + return configAttributeDefinition; + } + + public AuthenticationCredentialsNotFoundException getCredentialsNotFoundException() { + return credentialsNotFoundException; + } +} diff --git a/core/src/main/java/org/acegisecurity/intercept/event/AuthenticationFailureEvent.java b/core/src/main/java/org/acegisecurity/intercept/event/AuthenticationFailureEvent.java new file mode 100644 index 0000000000..ad696d0f92 --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/event/AuthenticationFailureEvent.java @@ -0,0 +1,79 @@ +/* Copyright 2004 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package net.sf.acegisecurity.intercept.event; + +import net.sf.acegisecurity.Authentication; +import net.sf.acegisecurity.AuthenticationException; +import net.sf.acegisecurity.ConfigAttributeDefinition; + + +/** + * Indicates a secure object invocation failed because the principal could not + * be authenticated. + * + * @author Ben Alex + * @version $Id$ + */ +public class AuthenticationFailureEvent extends SecurityInterceptionEvent { + //~ Instance fields ======================================================== + + private Authentication authentication; + private AuthenticationException authenticationException; + private ConfigAttributeDefinition configAttributeDefinition; + + //~ Constructors =========================================================== + + /** + * Construct the event. + * + * @param secureObject the secure object + * @param configAttribs that apply to the secure object + * @param authentication that was found on the ContextHolder + * @param authenticationException that was returned by the + * AuthenticationManager + * + * @throws IllegalArgumentException DOCUMENT ME! + */ + public AuthenticationFailureEvent(Object secureObject, + ConfigAttributeDefinition configAttribs, Authentication authentication, + AuthenticationException authenticationException) { + super(secureObject); + + if ((configAttribs == null) || (authentication == null) + || (authenticationException == null)) { + throw new IllegalArgumentException( + "All parameters are required and cannot be null"); + } + + this.configAttributeDefinition = configAttribs; + this.authentication = authentication; + this.authenticationException = authenticationException; + } + + //~ Methods ================================================================ + + public Authentication getAuthentication() { + return authentication; + } + + public AuthenticationException getAuthenticationException() { + return authenticationException; + } + + public ConfigAttributeDefinition getConfigAttributeDefinition() { + return configAttributeDefinition; + } +} diff --git a/core/src/main/java/org/acegisecurity/intercept/event/AuthorizationFailureEvent.java b/core/src/main/java/org/acegisecurity/intercept/event/AuthorizationFailureEvent.java new file mode 100644 index 0000000000..753e390210 --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/event/AuthorizationFailureEvent.java @@ -0,0 +1,79 @@ +/* Copyright 2004 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package net.sf.acegisecurity.intercept.event; + +import net.sf.acegisecurity.AccessDeniedException; +import net.sf.acegisecurity.Authentication; +import net.sf.acegisecurity.ConfigAttributeDefinition; + + +/** + * Indicates a secure object invocation failed because the principal could not + * be authorized for the request. + * + * @author Ben Alex + * @version $Id$ + */ +public class AuthorizationFailureEvent extends SecurityInterceptionEvent { + //~ Instance fields ======================================================== + + private AccessDeniedException accessDeniedException; + private Authentication authentication; + private ConfigAttributeDefinition configAttributeDefinition; + + //~ Constructors =========================================================== + + /** + * Construct the event. + * + * @param secureObject the secure object + * @param configAttribs that apply to the secure object + * @param authentication that was found on the ContextHolder + * @param accessDeniedException that was returned by the + * AccessDecisionManager + * + * @throws IllegalArgumentException DOCUMENT ME! + */ + public AuthorizationFailureEvent(Object secureObject, + ConfigAttributeDefinition configAttribs, Authentication authentication, + AccessDeniedException accessDeniedException) { + super(secureObject); + + if ((configAttribs == null) || (authentication == null) + || (accessDeniedException == null)) { + throw new IllegalArgumentException( + "All parameters are required and cannot be null"); + } + + this.configAttributeDefinition = configAttribs; + this.authentication = authentication; + this.accessDeniedException = accessDeniedException; + } + + //~ Methods ================================================================ + + public AccessDeniedException getAccessDeniedException() { + return accessDeniedException; + } + + public Authentication getAuthentication() { + return authentication; + } + + public ConfigAttributeDefinition getConfigAttributeDefinition() { + return configAttributeDefinition; + } +} diff --git a/core/src/main/java/org/acegisecurity/intercept/event/AuthorizedEvent.java b/core/src/main/java/org/acegisecurity/intercept/event/AuthorizedEvent.java new file mode 100644 index 0000000000..6f0ad11a98 --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/event/AuthorizedEvent.java @@ -0,0 +1,71 @@ +/* Copyright 2004 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package net.sf.acegisecurity.intercept.event; + +import net.sf.acegisecurity.Authentication; +import net.sf.acegisecurity.ConfigAttributeDefinition; + + +/** + * Event indicating a secure object was invoked successfully. + * + *

+ * Published just before the secure object attempts to proceed. + *

+ * + * @author Ben Alex + * @version $Id$ + */ +public class AuthorizedEvent extends SecurityInterceptionEvent { + //~ Instance fields ======================================================== + + private Authentication authentication; + private ConfigAttributeDefinition configAttributeDefinition; + + //~ Constructors =========================================================== + + /** + * Construct the event. + * + * @param secureObject the secure object + * @param configAttribs that apply to the secure object + * @param authentication that successfully called the secure object + * + * @throws IllegalArgumentException DOCUMENT ME! + */ + public AuthorizedEvent(Object secureObject, + ConfigAttributeDefinition configAttribs, Authentication authentication) { + super(secureObject); + + if ((configAttribs == null) || (authentication == null)) { + throw new IllegalArgumentException( + "All parameters are required and cannot be null"); + } + + this.configAttributeDefinition = configAttribs; + this.authentication = authentication; + } + + //~ Methods ================================================================ + + public Authentication getAuthentication() { + return authentication; + } + + public ConfigAttributeDefinition getConfigAttributeDefinition() { + return configAttributeDefinition; + } +} diff --git a/core/src/main/java/org/acegisecurity/intercept/event/LoggerListener.java b/core/src/main/java/org/acegisecurity/intercept/event/LoggerListener.java new file mode 100644 index 0000000000..e9143da1fd --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/event/LoggerListener.java @@ -0,0 +1,104 @@ +/* Copyright 2004 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package net.sf.acegisecurity.intercept.event; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import org.springframework.context.ApplicationEvent; +import org.springframework.context.ApplicationListener; + + +/** + * Outputs interceptor-related application events to Commons Logging. + * + *

+ * All failures are logged at the warning level, with success events logged at + * the information level, and public invocation events logged at the debug + * level. + *

+ * + * @author Ben Alex + * @version $Id$ + */ +public class LoggerListener implements ApplicationListener { + //~ Static fields/initializers ============================================= + + private static final Log logger = LogFactory.getLog(LoggerListener.class); + + //~ Methods ================================================================ + + public void onApplicationEvent(ApplicationEvent event) { + if (event instanceof AuthenticationCredentialsNotFoundEvent) { + AuthenticationCredentialsNotFoundEvent authEvent = (AuthenticationCredentialsNotFoundEvent) event; + + if (logger.isWarnEnabled()) { + logger.warn("Security interception failed due to: " + + authEvent.getCredentialsNotFoundException() + + "; secure object: " + authEvent.getSource() + + "; configuration attributes: " + + authEvent.getConfigAttributeDefinition()); + } + } + + if (event instanceof AuthenticationFailureEvent) { + AuthenticationFailureEvent authEvent = (AuthenticationFailureEvent) event; + + if (logger.isWarnEnabled()) { + logger.warn("Security authentication failed due to: " + + authEvent.getAuthenticationException() + + "; for authentication request: " + + authEvent.getAuthentication() + "; secure object: " + + authEvent.getSource() + "; configuration attributes: " + + authEvent.getConfigAttributeDefinition()); + } + } + + if (event instanceof AuthorizationFailureEvent) { + AuthorizationFailureEvent authEvent = (AuthorizationFailureEvent) event; + + if (logger.isWarnEnabled()) { + logger.warn("Security authorization failed due to: " + + authEvent.getAccessDeniedException() + + "; authenticated principal: " + + authEvent.getAuthentication() + "; secure object: " + + authEvent.getSource() + "; configuration attributes: " + + authEvent.getConfigAttributeDefinition()); + } + } + + if (event instanceof AuthorizedEvent) { + AuthorizedEvent authEvent = (AuthorizedEvent) event; + + if (logger.isInfoEnabled()) { + logger.info("Security authorized for authenticated principal: " + + authEvent.getAuthentication() + "; secure object: " + + authEvent.getSource() + "; configuration attributes: " + + authEvent.getConfigAttributeDefinition()); + } + } + + if (event instanceof PublicInvocationEvent) { + PublicInvocationEvent authEvent = (PublicInvocationEvent) event; + + if (logger.isInfoEnabled()) { + logger.info( + "Security interception not required for public secure object: " + + authEvent.getSource()); + } + } + } +} diff --git a/core/src/main/java/org/acegisecurity/intercept/event/PublicInvocationEvent.java b/core/src/main/java/org/acegisecurity/intercept/event/PublicInvocationEvent.java new file mode 100644 index 0000000000..2dd2ff6ac0 --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/event/PublicInvocationEvent.java @@ -0,0 +1,46 @@ +/* Copyright 2004 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package net.sf.acegisecurity.intercept.event; + +/** + * Event that is generated whenever a public secure object is invoked. + * + *

+ * A public secure object is a secure object that has no + * ConfigAttributeDefinition defined. A public secure object will + * not cause the ContextHolder to be inspected or authenticated, + * and no authorization will take place. + *

+ * + *

+ * Published just before the secure object attempts to proceed. + *

+ * + * @author Ben Alex + * @version $Id$ + */ +public class PublicInvocationEvent extends SecurityInterceptionEvent { + //~ Constructors =========================================================== + + /** + * Construct the event, passing in the public secure object. + * + * @param secureObject the public secure object + */ + public PublicInvocationEvent(Object secureObject) { + super(secureObject); + } +} diff --git a/core/src/main/java/org/acegisecurity/intercept/event/SecurityInterceptionEvent.java b/core/src/main/java/org/acegisecurity/intercept/event/SecurityInterceptionEvent.java new file mode 100644 index 0000000000..7614fb807b --- /dev/null +++ b/core/src/main/java/org/acegisecurity/intercept/event/SecurityInterceptionEvent.java @@ -0,0 +1,38 @@ +/* Copyright 2004 Acegi Technology Pty Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package net.sf.acegisecurity.intercept.event; + +import org.springframework.context.ApplicationEvent; + + +/** + * Abstract superclass for all security interception related events. + * + * @author Ben Alex + * @version $Id$ + */ +public abstract class SecurityInterceptionEvent extends ApplicationEvent { + //~ Constructors =========================================================== + + /** + * Construct the event, passing in the secure object being intercepted. + * + * @param secureObject the secure object + */ + public SecurityInterceptionEvent(Object secureObject) { + super(secureObject); + } +}