Springsecurity之AccessDecisionManager

    先上一张图，如下:

                                                             图1 AccessDecisionManager的类图

    原文讲的很好，建议读者阅读原文，内容: "AccessDecisionManager is the class in charge of deciding if a particular Authentication object is allowed or not allowed to access a particular resource. In its main implementations, it delegates to AccessDecisionVoter objects, which basically compares the GrantedAuthorities in the Authentication object against the ConfigAttribute(s) required by the resource that is being accessed, deciding whether or not access should be granted. They emit their vote to allow access or not. The AccessDecisionManager implementations take the output from the voters into consideration and apply a determined strategy on whether or not to grant access"

    AccessDecisionManager的三个实现类，如下:

                                                        图2 AccessDecisionManager hierarchy

    AccessDecisionManager的内部实现，委托给Voter。

(adsbygoogle = window.adsbygoogle || []).push({});