@groovy.util.logging.Slf4j @groovy.transform.CompileStatic class AuthenticatedVetoableDecisionManager extends AbstractAccessDecisionManager
Uses the affirmative-based logic for roles, i.e. any in the list will grant access, but allows
an authenticated voter to 'veto' access. This allows specification of roles and
IS_AUTHENTICATED_FULLY on one line in SecurityConfig.groovy.
| Fields inherited from class | Fields |
|---|---|
class AbstractAccessDecisionManager |
decisionVoters, messages |
| Properties inherited from class | Properties |
|---|---|
class AbstractAccessDecisionManager |
allowIfAllAbstainDecisions |
| Constructor and description |
|---|
AuthenticatedVetoableDecisionManager(java.util.List<AccessDecisionVoter> decisionVoters) |
| Type Params | Return Type | Name and description |
|---|---|---|
|
protected boolean |
checkAuthenticatedVoters(Authentication authentication, java.lang.Object object, java.util.Collection<ConfigAttribute> configAttributes)Allow any AuthenticatedVoter to veto. |
|
protected boolean |
checkOtherVoters(Authentication authentication, java.lang.Object object, java.util.Collection<ConfigAttribute> configAttributes)Check the other (non-AuthenticatedVoter) voters. |
|
void |
decide(Authentication authentication, java.lang.Object object, java.util.Collection<ConfigAttribute> configAttributes) |
|
protected void |
deny() |
| Methods inherited from class | Name |
|---|---|
class AbstractAccessDecisionManager |
checkAllowIfAllAbstainDecisions, getDecisionVoters, supports, supports |
Allow any AuthenticatedVoter to veto. If any voter denies,
throw an exception; if any grant, return true;
otherwise return false if all abstain.
Check the other (non-AuthenticatedVoter) voters. If any voter grants,
return true. If any voter denies, throw exception. Otherwise return false
to indicate that all abstained.