StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POHow to throw an informative exception from AccessDecisionManager that uses voters
text
Body
copied!<p>I have the following situation: my application's authorization mechanism is implemented using Spring security. The central class implements <strong>AccessDecisionManager</strong> and uses voters (each of which implements <strong>AccessDecisionVoter</strong>) to decide whether to grant access to some method or not. The algorithm that tallies the votes is custom:</p> <pre><code>public class PermissionManagerImpl extends AbstractAccessDecisionManager { public void decide( Authentication authentication, Object object, ConfigAttributeDefinition config) throws AccessDeniedException { Iterator<?> iter = getDecisionVoters().iterator(); boolean wasDenied = false; while (iter.hasNext()) { AccessDecisionVoter voter = (AccessDecisionVoter) iter.next(); int result = voter.vote(authentication, object, config); switch (result) { // Some tallying calculations } } if (wasDenied) { throw new AccessDeniedException("Access is denied"); } } } </code></pre> <p>Upon denying an access to some method, the client of the application is interested in obtaining an informative exception that specifies exactly <strong>why</strong> the access is denied. This implies passing some information from voters to the decision manager. Unfortunately, the only information the standard <strong>AccessDecisionVoter</strong> passes back to the decision manager is one of the possible return values (<strong>ACCESS_GRANTED</strong>, <strong>ACCESS_ABSTAIN</strong> or <strong>ACCESS_DENIED</strong>).</p> <p>What is the best way to do it?</p> <p>Thanks.</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload