Fields Summary |
---|
private boolean | allRolesWas the "all roles" wildcard included in the authorization constraints
for this security constraint? |
private boolean | authConstraintWas an authorization constraint included in this security constraint?
This is necessary to distinguish the case where an auth-constraint with
no roles (signifying no direct access at all) was requested, versus
a lack of auth-constraint which implies no access control checking. |
private String[] | authRolesThe set of roles permitted to access resources protected by this
security constraint. |
private SecurityCollection[] | collectionsThe set of web resource collections protected by this security
constraint. |
private String | displayNameThe display name of this security constraint. |
private String | userConstraintThe user data constraint for this security constraint. Must be NONE,
INTEGRAL, or CONFIDENTIAL. |
Methods Summary |
---|
public void | addAuthRole(java.lang.String authRole)Add an authorization role, which is a role name that will be
permitted access to the resources protected by this security constraint.
if (authRole == null)
return;
if ("*".equals(authRole)) {
allRoles = true;
return;
}
String results[] = new String[authRoles.length + 1];
for (int i = 0; i < authRoles.length; i++)
results[i] = authRoles[i];
results[authRoles.length] = authRole;
authRoles = results;
authConstraint = true;
|
public void | addCollection(SecurityCollection collection)Add a new web resource collection to those protected by this
security constraint.
if (collection == null)
return;
SecurityCollection results[] =
new SecurityCollection[collections.length + 1];
for (int i = 0; i < collections.length; i++)
results[i] = collections[i];
results[collections.length] = collection;
collections = results;
|
public boolean | findAuthRole(java.lang.String role)Return true if the specified role is permitted access to
the resources protected by this security constraint.
if (role == null)
return (false);
for (int i = 0; i < authRoles.length; i++) {
if (role.equals(authRoles[i]))
return (true);
}
return (false);
|
public java.lang.String[] | findAuthRoles()Return the set of roles that are permitted access to the resources
protected by this security constraint. If none have been defined,
a zero-length array is returned (which implies that all authenticated
users are permitted access).
return (authRoles);
|
public SecurityCollection | findCollection(java.lang.String name)Return the web resource collection for the specified name, if any;
otherwise, return null .
if (name == null)
return (null);
for (int i = 0; i < collections.length; i++) {
if (name.equals(collections[i].getName()))
return (collections[i]);
}
return (null);
|
public SecurityCollection[] | findCollections()Return all of the web resource collections protected by this
security constraint. If there are none, a zero-length array is
returned.
return (collections);
|
public boolean | getAllRoles()Was the "all roles" wildcard included in this authentication
constraint?
// ------------------------------------------------------------- Properties
return (this.allRoles);
|
public boolean | getAuthConstraint()Return the authorization constraint present flag for this security
constraint.
return (this.authConstraint);
|
public java.lang.String | getDisplayName()Return the display name of this security constraint.
return (this.displayName);
|
public java.lang.String | getUserConstraint()Return the user data constraint for this security constraint.
return (userConstraint);
|
public boolean | included(java.lang.String uri, java.lang.String method, boolean caseSensitiveMapping)Return true if the specified context-relative URI (and
associated HTTP method) are protected by this security constraint.
// END SJSWS 6324431
// We cannot match without a valid request method
if (method == null)
return (false);
// Check all of the collections included in this constraint
for (int i = 0; i < collections.length; i++) {
if (!collections[i].findMethod(method))
continue;
String patterns[] = collections[i].findPatterns();
for (int j = 0; j < patterns.length; j++) {
/* SJSWS 6324431
if (matchPattern(uri, patterns[j]))
*/
// START SJSWS 6324431
if (matchPattern(uri, patterns[j],
caseSensitiveMapping))
// END SJSWS 6324431
return (true);
}
}
// No collection included in this constraint matches this request
return (false);
|
private boolean | matchPattern(java.lang.String path, java.lang.String pattern, boolean caseSensitiveMapping)Does the specified request path match the specified URL pattern?
This method follows the same rules (in the same order) as those used
for mapping requests to servlets.
// END SJSWS 6324431
// Normalize the argument strings
if ((path == null) || (path.length() == 0))
path = "/";
if ((pattern == null) || (pattern.length() == 0))
pattern = "/";
// START SJSWS 6324431
if (!caseSensitiveMapping) {
path = path.toLowerCase();
pattern = pattern.toLowerCase();
}
// END SJSWS 6324431
// Check for exact match
if (path.equals(pattern))
return (true);
// Check for path prefix matching
if (pattern.startsWith("/") && pattern.endsWith("/*")) {
pattern = pattern.substring(0, pattern.length() - 2);
if (pattern.length() == 0)
return (true); // "/*" is the same as "/"
if (path.endsWith("/"))
path = path.substring(0, path.length() - 1);
while (true) {
if (pattern.equals(path))
return (true);
int slash = path.lastIndexOf('/");
if (slash <= 0)
break;
path = path.substring(0, slash);
}
return (false);
}
// Check for suffix matching
if (pattern.startsWith("*.")) {
int slash = path.lastIndexOf('/");
int period = path.lastIndexOf('.");
if ((slash >= 0) && (period > slash) &&
path.endsWith(pattern.substring(1))) {
return (true);
}
return (false);
}
// Check for universal mapping
if (pattern.equals("/"))
return (true);
return (false);
|
public void | removeAuthRole(java.lang.String authRole)Remove the specified role from the set of roles permitted to access
the resources protected by this security constraint.
if (authRole == null)
return;
int n = -1;
for (int i = 0; i < authRoles.length; i++) {
if (authRoles[i].equals(authRole)) {
n = i;
break;
}
}
if (n >= 0) {
int j = 0;
String results[] = new String[authRoles.length - 1];
for (int i = 0; i < authRoles.length; i++) {
if (i != n)
results[j++] = authRoles[i];
}
authRoles = results;
}
|
public void | removeCollection(SecurityCollection collection)Remove the specified web resource collection from those protected by
this security constraint.
if (collection == null)
return;
int n = -1;
for (int i = 0; i < collections.length; i++) {
if (collections[i].equals(collection)) {
n = i;
break;
}
}
if (n >= 0) {
int j = 0;
SecurityCollection results[] =
new SecurityCollection[collections.length - 1];
for (int i = 0; i < collections.length; i++) {
if (i != n)
results[j++] = collections[i];
}
collections = results;
}
|
public void | setAuthConstraint(boolean authConstraint)Set the authorization constraint present flag for this security
constraint.
this.authConstraint = authConstraint;
|
public void | setDisplayName(java.lang.String displayName)Set the display name of this security constraint.
this.displayName = displayName;
|
public void | setUserConstraint(java.lang.String userConstraint)Set the user data constraint for this security constraint.
if (userConstraint != null)
this.userConstraint = userConstraint;
|
public java.lang.String | toString()Return a String representation of this security constraint.
StringBuffer sb = new StringBuffer("SecurityConstraint[");
for (int i = 0; i < collections.length; i++) {
if (i > 0)
sb.append(", ");
sb.append(collections[i].getName());
}
sb.append("]");
return (sb.toString());
|