SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.addCollection(securityCollection); securityConstraint.setUserConstraint("CONFIDENTIAL"); context.setLoginConfig(loginConfig); securityConstraint.addAuthRole(InMemoryRealm.AUTH_ROLE);
public SecurityConstaintBuilder authConstraint(final boolean authConstraint) { securityConstraint.setAuthConstraint(authConstraint); return this; }
protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } };
SecurityCollection[] collections = constraint.findCollections(); for (SecurityCollection collection : collections) { String[] patterns = collection.findPatterns(); SecurityConstraint constraint = new SecurityConstraint(); constraint.setAuthConstraint(true); constraint.addCollection(collection); newConstraints.add(constraint); } else { handleOmittedMethods(omittedMethods, pattern, denyUncoveredHttpMethods, newConstraints, log); handleOmittedMethods(entry.getValue(), pattern, denyUncoveredHttpMethods, newConstraints, log);
private static void handleOmittedMethods(Set<String> omittedMethods, String pattern, boolean denyUncoveredHttpMethods, List<SecurityConstraint> newConstraints, Log log) { if (omittedMethods.size() > 0) { StringBuilder msg = new StringBuilder(); for (String method : omittedMethods) { msg.append(method); msg.append(' '); } if (denyUncoveredHttpMethods) { log.info(sm.getString( "securityConstraint.uncoveredHttpOmittedMethodFix", pattern, msg.toString().trim())); SecurityCollection collection = new SecurityCollection(); for (String method : omittedMethods) { collection.addMethod(method); } collection.addPatternDecoded(pattern); collection.setName("deny-uncovered-http-methods"); SecurityConstraint constraint = new SecurityConstraint(); constraint.setAuthConstraint(true); constraint.addCollection(collection); newConstraints.add(constraint); } else { log.error(sm.getString( "securityConstraint.uncoveredHttpOmittedMethod", pattern, msg.toString().trim())); } } } }
if (constraint.getAllRoles()) { roles = constraint.findAuthRoles(); log.debug(" Checking roles " + principal); if (constraint.getAuthenticatedUsers() && principal != null) { if (log.isDebugEnabled()) { log.debug("Passing all authenticated users"); } else if (roles.length == 0 && !constraint.getAllRoles() && !constraint.getAuthenticatedUsers()) { if(constraint.getAuthConstraint()) { if( log.isDebugEnabled() ) log.debug("No roles"); String roles[]; if (constraint.getAllRoles()) { if (allRolesMode == AllRolesMode.AUTH_ONLY_MODE) { if (log.isDebugEnabled()) {
public SecurityConstaintBuilder userConstraint(final String constraint) { securityConstraint.setUserConstraint(constraint); return this; }
sb.append(" <security-constraint>\n"); appendElement(sb, INDENT4, "display-name", constraint.getDisplayName()); for (SecurityCollection collection : constraint.findCollections()) { sb.append(" <web-resource-collection>\n"); appendElement(sb, INDENT6, "web-resource-name", if (constraint.findAuthRoles().length > 0) { sb.append(" <auth-constraint>\n"); for (String role : constraint.findAuthRoles()) { appendElement(sb, INDENT6, "role-name", role); if (constraint.getUserConstraint() != null) { sb.append(" <user-data-constraint>\n"); appendElement(sb, INDENT6, "transport-guarantee", constraint.getUserConstraint()); sb.append(" </user-data-constraint>\n");
public SecurityConstaintBuilder addCollection(final String name, final String pattern, final String... methods) { final SecurityCollection collection = new SecurityCollection(); collection.setName(name); collection.addPattern(pattern); for (final String httpMethod : methods) { collection.addMethod(httpMethod); } securityConstraint.addCollection(collection); return this; }
securityConstraint.findCollections(); for (SecurityCollection collection : collections) { if (collection.findPattern(urlPattern)) { securityConstraint.removeCollection(collection); if (securityConstraint.findCollections().length == 0) { removeConstraint(securityConstraint); SecurityConstraint.createConstraints( servletSecurityElement, urlPattern);
for (HttpMethodConstraintElement methodElement : methods) { SecurityConstraint constraint = createConstraint(methodElement, urlPattern, true); SecurityCollection collection = constraint.findCollections()[0]; collection.addMethod(methodElement.getMethodName()); result.add(constraint); SecurityConstraint constraint = createConstraint(element, urlPattern, false); if (constraint != null) { SecurityCollection collection = constraint.findCollections()[0]; for (String name : element.getMethodNames()) { collection.addOmittedMethod(name);
boolean found = false; for (i = 0; i < constraints.length; i++) { SecurityCollection [] collection = constraints[i].findCollections(); log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); SecurityCollection [] collection = constraints[i].findCollections(); log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); SecurityCollection [] collection = constraints[i].findCollections(); log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method)); SecurityCollection [] collection = constraints[i].findCollections(); log.debug(" Checking constraint '" + constraints[i] + "' against " + method + " " + uri + " --> " + constraints[i].included(uri, method));
public SecurityConstaintBuilder addAuthRole(final String authRole) { securityConstraint.addAuthRole(authRole); return this; }
SecurityCollection collections[] = constraint.findCollections(); for (int i = 0; i < collections.length; i++) { String patterns[] = collections[i].findPatterns();
String roles[] = constraints[i].findAuthRoles(); for (int j = 0; j < roles.length; j++) { if (!"*".equals(roles[j]) &&
@Override public SecurityConstraint[] findSecurityConstraints(final Request request, final Context context) { final Map<String, ServletSecurityElement> map = (Map<String, ServletSecurityElement>) invoke(findSecurityConstraintsMethod, request.getRequest(), context.getPath()); final List<SecurityConstraint> constraints = new ArrayList<SecurityConstraint>(); for (final Map.Entry<String, ServletSecurityElement> entry : map.entrySet()) { constraints.addAll(Arrays.asList(SecurityConstraint.createConstraints(entry.getValue(), entry.getKey()))); } return constraints.toArray(new SecurityConstraint[constraints.size()]); }
@Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } };
SecurityCollection[] collections = constraint.findCollections(); for (SecurityCollection collection : collections) { String[] patterns = collection.findPatterns(); SecurityConstraint constraint = new SecurityConstraint(); constraint.setAuthConstraint(true); constraint.addCollection(collection); newConstraints.add(constraint); } else { handleOmittedMethods(omittedMethods, pattern, denyUncoveredHttpMethods, newConstraints, log); handleOmittedMethods(entry.getValue(), pattern, denyUncoveredHttpMethods, newConstraints, log);
private static void handleOmittedMethods(Set<String> omittedMethods, String pattern, boolean denyUncoveredHttpMethods, List<SecurityConstraint> newConstraints, Log log) { if (omittedMethods.size() > 0) { StringBuilder msg = new StringBuilder(); for (String method : omittedMethods) { msg.append(method); msg.append(' '); } if (denyUncoveredHttpMethods) { log.info(sm.getString( "securityConstraint.uncoveredHttpOmittedMethodFix", pattern, msg.toString().trim())); SecurityCollection collection = new SecurityCollection(); for (String method : omittedMethods) { collection.addMethod(method); } collection.addPatternDecoded(pattern); collection.setName("deny-uncovered-http-methods"); SecurityConstraint constraint = new SecurityConstraint(); constraint.setAuthConstraint(true); constraint.addCollection(collection); newConstraints.add(constraint); } else { log.error(sm.getString( "securityConstraint.uncoveredHttpOmittedMethod", pattern, msg.toString().trim())); } } } }
if (constraint.getAllRoles()) { roles = constraint.findAuthRoles(); log.debug(" Checking roles " + principal); if (constraint.getAuthenticatedUsers() && principal != null) { if (log.isDebugEnabled()) { log.debug("Passing all authenticated users"); } else if (roles.length == 0 && !constraint.getAllRoles() && !constraint.getAuthenticatedUsers()) { if(constraint.getAuthConstraint()) { if( log.isDebugEnabled() ) log.debug("No roles"); String roles[]; if (constraint.getAllRoles()) { if (allRolesMode == AllRolesMode.AUTH_ONLY_MODE) { if (log.isDebugEnabled()) {