How to programmatically access the <INTERCEPT-URL> element from <HTTP> in spring security

Question

How to programmatically access the <INTERCEPT-URL> element from <HTTP> in spring security

How can I programmatically access the contents of url-capture ads (from the http://www.springframework.org/schema/security scheme )? For instance,

<http auto-config='true'>
    <intercept-url pattern="/static/**" filters="none" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <intercept-url pattern="/**" access="ROLE_USER" />
    ...
</http>

Spring security role mapping is used to restrict access to specific pages. I want to extract the same role mapping information (template and accept attributes) in order to be able to show only those pages in the html menu to which each role has access.

I looked at HttpConfigurationBuilder, but this package is protected and does not seem to offer so much information. I also tried:

  FilterSecurityInterceptor interceptor = appContext.getBean(FilterSecurityInterceptor.class);
  if (interceptor != null) {
      for (ConfigAttribute attr : interceptor.getSecurityMetadataSource().getAllConfigAttributes()) {
          // Extract the attributes ... 
          attr.getAttribute();
      }
  }

but I managed to access roles, not url patterns.

+3

java spring security spring security spring-3

Johan sjöberg 28 . '11 17:04

2

, , getFilterChainMap() FilterChainProxy .

0

Raghuram 28 . '11 18:20

Boris Kirzner · Accepted Answer · 2011-02-23T08:13:42+0000

, , "" .

, - , . org.springframework.security.config.http.HttpSecurityBeanDefinitionParser, super.

. Spring 3 - D. XML- BeanDefinitionParser.

How to programmatically access the <INTERCEPT-URL> element from <HTTP> in spring security

More articles: