MapValue (String urlPattern) { this.committed = false; this.patternType = WebPermissionUtil.patternType(urlPattern); this.patternLength = urlPattern.length(); this.irrelevantByQualifier = false; this.urlPatternSpec = new StringBuffer(urlPattern); otherConstraint = new ConstraintValue(); }
public String toString() { StringBuilder roles =new StringBuilder(" roles: "); Iterator rit = roleList.iterator(); while(rit.hasNext()) { roles.append(" ").append((String) rit.next()); } StringBuilder transports = new StringBuilder("transports: "); for (int i=0; i<connectKeys.length; i++) { if (isConnectAllowed(1<<i)) { transports.append(" ").append(connectKeys[i]); } } return " ConstraintValue ( " + " excluded: " + excluded + " ignoreRoleList: " + ignoreRoleList + roles + transports + " ) "; }
void setOutcome(Set<Role> roleSet, AuthorizationConstraint ac, UserDataConstraint udc) { if (ac == null) { setPredefinedOutcome(true); } else { boolean containsAllRoles = false; Enumeration eroles = ac.getSecurityRoles(); if (!eroles.hasMoreElements()) { setPredefinedOutcome(false); containsAllRoles = true; } else { setRole(roleName); removeRole("**"); Iterator it = roleSet.iterator(); while(it.hasNext()) { setRole(((Role)it.next()).getName()); addConnectType(udc == null? null : udc.getTransportGuarantee()); (Level.FINE,"JACC: setOutcome yields: " + toString());
List<String> roleList = null; if (!m.otherConstraint.isExcluded() && m.otherConstraint.isAuthConstrained()) { roleList = m.otherConstraint.roleList; for (String roleName : roleList) {
if (otherConstraint.isUncovered()) { otherConstraint.setPredefinedOutcome(false);
public String toString() { return "MethodValue( " + getMethodName(index) + super.toString() + " )"; } }
static void handleNoAuth(Permissions collection, MapValue m, String name) { String actions = null; BitSet noAuthMethods = m.getNoAuthMethods(); if (!m.otherConstraint.isAuthConstrained()) { BitSet methods = m.getMethodSet(); methods.andNot(noAuthMethods); if (!methods.isEmpty()) { actions = "!" + MethodValue.getActions(methods); } } else if (!noAuthMethods.isEmpty()) { actions = MethodValue.getActions(noAuthMethods); } else { return; } collection.add(new WebResourcePermission(name,actions)); if (logger.isLoggable(Level.FINE)){ logger.log(Level.FINE,"JACC: constraint capture: adding unchecked (for authorization) methods: "+ actions); } }
static void handleExcluded(Permissions collection, MapValue m, String name) { String actions = null; BitSet excludedMethods = m.getExcludedMethods(); if (m.otherConstraint.isExcluded()) { BitSet methods = m.getMethodSet(); methods.andNot(excludedMethods); if (!methods.isEmpty()) { actions = "!" + MethodValue.getActions(methods); } } else if (!excludedMethods.isEmpty()) { actions = MethodValue.getActions(excludedMethods); } else { return; } collection.add(new WebResourcePermission(name,actions)); collection.add(new WebUserDataPermission(name,actions)); if (logger.isLoggable(Level.FINE)){ logger.log(Level.FINE,"JACC: constraint capture: adding excluded methods: "+ actions); } }
otherConstraint.setOutcome(roleSet,ac,udc);
void setOutcome(Set<Role> roleSet, AuthorizationConstraint ac, UserDataConstraint udc) { if (ac == null) { setPredefinedOutcome(true); } else { Enumeration eroles = ac.getSecurityRoles(); if (!eroles.hasMoreElements()) { setPredefinedOutcome(false); } else while (eroles.hasMoreElements()) { SecurityRoleDescriptor srd = (SecurityRoleDescriptor)eroles.nextElement(); String roleName = srd.getName(); if ("*".equals(roleName)) { Iterator it = roleSet.iterator(); while(it.hasNext()) { setRole(((Role)it.next()).getName()); } } else { setRole(roleName); } } } addConnectType(udc == null? null : udc.getTransportGuarantee()); if (WebPermissionUtil.logger.isLoggable(Level.FINE)){ WebPermissionUtil.logger.log (Level.FINE,"JACC: setOutcome yields: " + toString()); } }
List<String> roleList = null; if (!m.otherConstraint.isExcluded() && m.otherConstraint.isAuthConstrained()) { roleList = m.otherConstraint.roleList; for (String roleName : roleList) {
public String toString() { return "MethodValue( " + getMethodName(index) + super.toString() + " )"; } }
static void handleNoAuth(Permissions collection, MapValue m, String name) { String actions = null; BitSet noAuthMethods = m.getNoAuthMethods(); if (!m.otherConstraint.isAuthConstrained()) { BitSet methods = m.getMethodSet(); methods.andNot(noAuthMethods); if (!methods.isEmpty()) { actions = "!" + MethodValue.getActions(methods); } } else if (!noAuthMethods.isEmpty()) { actions = MethodValue.getActions(noAuthMethods); } else { return; } collection.add(new WebResourcePermission(name,actions)); if (logger.isLoggable(Level.FINE)){ logger.log(Level.FINE,"JACC: constraint capture: adding unchecked (for authorization) methods: "+ actions); } }
static void handleExcluded(Permissions collection, MapValue m, String name) { String actions = null; BitSet excludedMethods = m.getExcludedMethods(); if (m.otherConstraint.isExcluded()) { BitSet methods = m.getMethodSet(); methods.andNot(excludedMethods); if (!methods.isEmpty()) { actions = "!" + MethodValue.getActions(methods); } } else if (!excludedMethods.isEmpty()) { actions = MethodValue.getActions(excludedMethods); } else { return; } collection.add(new WebResourcePermission(name,actions)); collection.add(new WebUserDataPermission(name,actions)); if (logger.isLoggable(Level.FINE)){ logger.log(Level.FINE,"JACC: constraint capture: adding excluded methods: "+ actions); } }
otherConstraint.setOutcome(roleSet,ac,udc);
public String toString() { StringBuilder roles =new StringBuilder(" roles: "); Iterator rit = roleList.iterator(); while(rit.hasNext()) { roles.append(" ").append((String) rit.next()); } StringBuilder transports = new StringBuilder("transports: "); for (int i=0; i<connectKeys.length; i++) { if (isConnectAllowed(1<<i)) { transports.append(" ").append(connectKeys[i]); } } return " ConstraintValue ( " + " excluded: " + excluded + " ignoreRoleList: " + ignoreRoleList + roles + transports + " ) "; } }
MapValue (String urlPattern) { this.patternType = WebPermissionUtil.patternType(urlPattern); this.patternLength = urlPattern.length(); this.irrelevantByQualifier = false; this.urlPatternSpec = new StringBuffer(urlPattern); otherConstraint = new ConstraintValue(); }
boolean isTransportConstrained() { if (excluded || (connectSet != 0 && !bitIsSet(connectSet,ConnectTypeNone))) { return true; } return false; }