Home > other >  Autowired is not working in CustomMethodSecurityExpressionRoot always returning NULL
Autowired is not working in CustomMethodSecurityExpressionRoot always returning NULL

Time:09-13

Autowired is not working in CustomMethodSecurityExpressionRoot always returning NULL. here is the custom method security.

public class CustomMethodSecurityExpressionRoot extends SecurityExpressionRoot implements MethodSecurityExpressionOperations {

    Logger logger = LoggerFactory.getLogger(this.getClass());
    
    private Object filterObject;
    private Object returnObject;
    
    @Autowired GraphTraversalSource g;
        
    public CustomMethodSecurityExpressionRoot(Authentication authentication) {
        super(authentication);
    }

    public boolean isMember(String orgId) {
        System.out.println(g);
        String user = this.authentication.getName();
        logger.debug("Check the permission for the user {}", user);
        System.out.println(g);
        return true;
    }
    
    @Override
    public void setFilterObject(Object obj) {
        this.filterObject = obj;
    }

    @Override
    public Object getFilterObject() {
        return this.filterObject;
    }

    @Override
    public void setReturnObject(Object obj) {
        this.returnObject = obj;
    }
    
    @Override
    public Object getReturnObject() {
        return this.returnObject;
    }

    @Override
    public Object getThis() {
        return this;
    }

}

Tried the following too

   public void setG(GraphTraversalSource g) {
        this.g = g;
    }

Why it is return in g as NULL always. In other place controller / service, I am getting the expected value Traversalsource[emptygraph[empty], standard].

CodePudding user response:

Found the problem. g dosen't have access to Application Context. We need to set the g in the CustomMethodSecurityExpressionRoot instance to be able to use it.

public class AuctionMethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler {

private ApplicationContext applicationContext;
private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();

@Override
protected MethodSecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication,
        MethodInvocation invocation) {
    AuctionMethodSecurityExpressionRoot root = new AuctionMethodSecurityExpressionRoot(authentication);
    root.setPermissionEvaluator(getPermissionEvaluator());
    root.setTrustResolver(this.trustResolver);
    root.setRoleHierarchy(getRoleHierarchy());
    root.setG(this.applicationContext.getBean(GraphTraversalSource.class));
    return root;
}

@Override
public void setApplicationContext(ApplicationContext applicationContext) {
    super.setApplicationContext(applicationContext);
    this.applicationContext=applicationContext;
}
}

and

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {

     Logger logger = LoggerFactory.getLogger(this.getClass());
     @Autowired
     private ApplicationContext applicationContext;

    @Override
    protected MethodSecurityExpressionHandler createExpressionHandler() {
        CustomMethodSecurityExpressionHandler expressionHandler = new CustomMethodSecurityExpressionHandler();
        expressionHandler.setPermissionEvaluator(new CustomPermissionEvaluator());
        expressionHandler.setApplicationContext(applicationContext);
        logger.debug("Method security expression handler configured to CustomMethodSecurityExpressionHandler");
        return expressionHandler;
     }

}

Page link:https//www.codepudding.com/other/542145.html

Prev:Spring boot - unused properties in aplication.properties
Next:Best secure method to incorporate SSL .pem file for Spring Boot app within Docker container hosted i
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding