In a nutshell, Apache Rave uses Spring Security annotations to protect the service layer methods. Below is an overview of the permission related classes in rave-core and what each is used for:


  • Interface that defines the various model Permission functions that need to be implemented. Also defines a Permission enum to standardize the possible permission values across the model security code.

  • Each model class in Apache Rave will have an associated default implementation of this interface. For example, there is a DefaultPagePermissionEvaluator class in the package that defines all of the permission logic for Page model objects.


  • Extension of the class which handles the logic for expression language security annotations. The filter method needed to be overridden because the default implementation tries to modify the filterTarget parameter passed in, which can be a Collection or Array object. Certain implementations of JPA (such as the default OpenJPA used by Apache Rave) create unmodifiable Collection types which cause exceptions to be thrown. The Apache Rave implementation makes a copy of the Collection and passes it to the super method so it can be modified (filtered).

  • This class is wired into Rave as the “expressionHandler” bean in the applicationContext-security.xml file under rave-portal-resources


  • Implements the interface which allows us to inject our custom model permission logic into the Spring Security stack. This class will be autowired with a List of ModelPermissionEvaluator implementation classes for each of the Apache Rave model classes and stored internally. The overridden hasPermission functions of this classs inspect the type (class) of targetDomainObject being passed in via the security annotation and use the appropriate ModelPermissionEvalutor to check for permissions.

  • this class is wired into Rave as a property to the RaveMethodSecurityExpressionHandler in the applicationContext-security.xml file under rave-portal-resources


  • This is used as a Context object in the security annotation expression language for situations where permissions need to be checked on an object that is not necessarily the Model object that is being accessed. It contains two properties: Object id and String type. type is the fully qualified class name of the Object, and id is the id. See org.apache.rave.portal.service.PageService.getAllPages as an example on how this class is used.


  • an abstract implementation of the ModelPermissionEvaluator interface to define common functionality that should be shared across all ModelPermissionEvaluator implementations: a) hasPermission: checks to see if the user is a portal administrator, which trumps all other granular permission checks b) getLoadOrder: returns the integer 1. This function is used by the RavePermissionEvaluator constructor to sort all of the component scanned ModelPermissionEvaluators before building its internal map. This allows an easy way to override any of the default ModelPermissionEvaluator classes by third parties. Overridden classes just need to override getLoadOrder() and return a number greater than 1 to ensure it gets put into the map after the default implementation. A best practice could be to return super.getLoadOrder() + 1 which would allow an infinite number of overrides for a given ModelPermissionEvaluator.

Default[Model]PermissionEvaluator classes

  • the default implementation of each of the ModelPermissionEvaluator classes, such as DefaultPagePermissionEvaluator. These implementations contain the default permission security logic for their associated Model class.


  • common helper functions related to objects