Make User available from Authentication via DaoAuthenticationProvider.
This commit is contained in:
@@ -18,6 +18,7 @@ package sample.contact;
|
||||
import net.sf.acegisecurity.Authentication;
|
||||
import net.sf.acegisecurity.ConfigAttribute;
|
||||
import net.sf.acegisecurity.ConfigAttributeDefinition;
|
||||
import net.sf.acegisecurity.providers.dao.User;
|
||||
import net.sf.acegisecurity.vote.AccessDecisionVoter;
|
||||
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
@@ -96,9 +97,15 @@ public class ContactSecurityVoter implements AccessDecisionVoter {
|
||||
}
|
||||
|
||||
if (passedOwner != null) {
|
||||
String username = authentication.getPrincipal().toString();
|
||||
|
||||
if (authentication.getPrincipal() instanceof User) {
|
||||
username = ((User) authentication.getPrincipal())
|
||||
.getUsername();
|
||||
}
|
||||
|
||||
// Check the authentication principal matches the passed owner
|
||||
if (passedOwner.equals(authentication.getPrincipal()
|
||||
.toString())) {
|
||||
if (passedOwner.equals(username)) {
|
||||
return ACCESS_GRANTED;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user