spring-security writing a custom PermissionEvaluator - how to inject a DAO service?
I'm working with Spring-Security and I need to implement my own PermissionEvaluator (following the answer to my other question.
However looking at the standard implementation AclPermissionEvaluator
here I notice, that the DAO is set via the constructor.
If I declare my custom PermissionEvaluator like this:
<global-method-security secured-annotations="enabled" pre-post-annotations="enabled">
<expression-handler ref="expressionHandler"/>
</global-method-security>
<beans:bean id="expressionHandler" class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
<beans:property name="permissionEvaluator">
开发者_Go百科 <beans:bean id="permissionEvaluator" class="com.npacemo.permissions.SomePermissionsEvaluator"/>
</beans:property>
</beans:bean>
where do I get my DAO into the Evaluator so that I can access data? Can I inject it, meaning is the PermissionEvaluator Spring managed? Or how do I get my dataProvider into the Evaluator?
Just figured it out: The PermissionEvaluator is Spring managed, so
@Inject
private PermissionManager permissionManager;
will work just fine.
edit: For our project we'll implement our own PermissionResolver probably extending the standard Implementation:
public class OurPermissionEvaluator extends AclPermissionEvaluator{
public CombinedPermissionEvaluator(AclService aclService) {
super(aclService);
}
and injecting a custom ACLService (following this tutorial)
public class OurAclServiceImpl implements AclService {
where we retrieve ACL information from our custom database structure.
To wire it all we'll follow the spring-security contacts example:
<b:bean id="permissionEvaluator" class="path.to.OurPermissionEvaluator">
<b:constructor-arg ref="aclService"/>
</b:bean>
where aclService has to be declared thus:
<bean id="aclService" class="path.to.OurAclServiceImpl">
<constructor args here... >
</bean>
精彩评论