001 package org.granite.spring.security;
002
003 import org.granite.messaging.service.security.AbstractSecurityContext;
004 import org.springframework.security.access.SecurityMetadataSource;
005 import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
006 import org.springframework.security.access.intercept.InterceptorStatusToken;
007 import org.springframework.security.web.FilterInvocation;
008 import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
009
010
011 public abstract class AbstractSpringSecurity3Interceptor extends AbstractSecurityInterceptor {
012
013 private FilterInvocationSecurityMetadataSource securityMetadataSource;
014
015 @Override
016 public Class<? extends Object> getSecureObjectClass() {
017 return FilterInvocation.class;
018 }
019
020 @Override
021 public SecurityMetadataSource obtainSecurityMetadataSource() {
022 return securityMetadataSource;
023 }
024
025 public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource newSource) {
026 this.securityMetadataSource = newSource;
027 }
028
029 public Object invoke(AbstractSecurityContext securityContext) throws Exception {
030 FilterInvocation fi = buildFilterInvocation(securityContext);
031 InterceptorStatusToken token = beforeInvocation(fi);
032 Object returnedObject = null;
033 try {
034 returnedObject = securityContext.invoke();
035 }
036 finally {
037 returnedObject = afterInvocation(token, returnedObject);
038 }
039 return returnedObject;
040 }
041
042 protected abstract FilterInvocation buildFilterInvocation(AbstractSecurityContext securityContext);
043
044 }