Source code

001package org.granite.spring.security;
002
003import org.granite.messaging.service.security.AbstractSecurityContext;
004import org.springframework.security.access.SecurityMetadataSource;
005import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
006import org.springframework.security.access.intercept.InterceptorStatusToken;
007import org.springframework.security.web.FilterInvocation;
008import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
009
010
011public abstract class AbstractSpringSecurity3Interceptor extends AbstractSecurityInterceptor {
012        
013        private FilterInvocationSecurityMetadataSource securityMetadataSource;
014
015        @Override
016        public Class<? extends Object> getSecureObjectClass() {
017                return FilterInvocation.class;
018        }
019
020        @Override
021        public SecurityMetadataSource obtainSecurityMetadataSource() {
022                return securityMetadataSource;
023        }
024        
025        public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource newSource) {
026                this.securityMetadataSource = newSource;
027        }
028        
029        public Object invoke(AbstractSecurityContext securityContext) throws Exception {
030                FilterInvocation fi = buildFilterInvocation(securityContext);
031                InterceptorStatusToken token = beforeInvocation(fi);
032                Object returnedObject = null;
033                try {
034                        returnedObject = securityContext.invoke();
035                }
036                finally {
037                        returnedObject = afterInvocation(token, returnedObject);
038                }
039                return returnedObject;
040        }
041        
042        protected abstract FilterInvocation buildFilterInvocation(AbstractSecurityContext securityContext);
043        
044}