The Web role-name element contains the name of a security role.
Result result = getInitializedResult();
ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
if (descriptor.getSecurityConstraints().hasMoreElements()) {
boolean oneFailed = false;
boolean foundIt = false;
int naSr = 0;
int naAci = 0;
int noAci = 0;
int noSc = 0;
// get the security role name's in this .war
for (Enumeration e = descriptor.getSecurityConstraints() ; e.hasMoreElements() ;) {
foundIt = false;
noSc++;
SecurityConstraintImpl securityConstraintImpl = (SecurityConstraintImpl)
e.nextElement();
AuthorizationConstraintImpl aci = (AuthorizationConstraintImpl) securityConstraintImpl.getAuthorizationConstraint();
if (aci != null) {
noAci++;
if (aci.getSecurityRoles().hasMoreElements()) {
for (Enumeration ee = aci.getSecurityRoles(); ee.hasMoreElements();) {
SecurityRoleDescriptor srd = (SecurityRoleDescriptor) ee.nextElement();
String roleName = srd.getName();
// jsb, nothing to test here...?
if (roleName.length() > 0) {
foundIt = true;
} else {
foundIt = false;
}
if (foundIt) {
result.addGoodDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.addGoodDetails(smh.getLocalString
(getClass().getName() + ".passed",
"The security role name [ {0} ] found within web application [ {1} ]",
new Object[] {roleName, descriptor.getName()}));
} else {
if (!oneFailed) {
oneFailed = true;
}
result.addErrorDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.addErrorDetails(smh.getLocalString
(getClass().getName() + ".failed",
"Error: The security role name [ {0} ] not found within web application [ {1} ]",
new Object[] {roleName, descriptor.getName()}));
}
}
} else {
result.addNaDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.notApplicable(smh.getLocalString
(getClass().getName() + ".notApplicable1",
"Not Applicable: There are no security roles in this security constraint within [ {0} ]",
new Object[] {descriptor.getName()})); naSr++;
}
} else {
result.addNaDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.notApplicable(smh.getLocalString
(getClass().getName() + ".notApplicable2",
"Not Applicable: There is no authorization constraint in this security constraint within [ {0} ]",
new Object[] {descriptor.getName()}));
naAci++;
}
}
if (oneFailed) {
result.setStatus(Result.FAILED);
} else if ((noSc == naAci) || (noAci == naSr)) {
result.setStatus(Result.NOT_APPLICABLE);
} else {
result.setStatus(Result.PASSED);
}
} else {
result.addNaDetails(smh.getLocalString
("tests.componentNameConstructor",
"For [ {0} ]",
new Object[] {compName.toString()}));
result.notApplicable(smh.getLocalString
(getClass().getName() + ".notApplicable",
"There are no role-name elements within the web archive [ {0} ]",
new Object[] {descriptor.getName()}));
}
return result;
