Springsecurity之AccessDecisionManager

    先上一張圖，以下:

                           

                                                             圖1 AccessDecisionManager的類圖

    原文講的很好，建議讀者閱讀原文，內容: "AccessDecisionManager is the class in charge of deciding if a particular Authentication object is allowed or not allowed to access a particular resource. In its main implementations, it delegates to AccessDecisionVoter objects, which basically compares the GrantedAuthorities in the Authentication object against the ConfigAttribute(s) required by the resource that is being accessed, deciding whether or not access should be granted. They emit their vote to allow access or not. The AccessDecisionManager implementations take the output from the voters into consideration and apply a determined strategy on whether or not to grant access"

    AccessDecisionManager的三個實現類，以下:

                                   

                                                        圖2 AccessDecisionManager hierarchy

    AccessDecisionManager的內部實現，委託給Voter。