public SecurityConstraintDecorator(SecurityConstraint securityConstraint, WebModule webModule){ this.securityConstraint = securityConstraint; if (securityConstraint.getAuthorizationConstraint() != null){ setAuthConstraint(true); Enumeration enumeration = securityConstraint .getAuthorizationConstraint().getSecurityRoles(); SecurityRole securityRole; while (enumeration.hasMoreElements()){ securityRole = (SecurityRole)enumeration.nextElement(); super.addAuthRole(securityRole.getName()); if ( !securityRole.getName().equals("*")){ webModule.addSecurityRole(securityRole.getName()); } } setDisplayName(securityConstraint.getAuthorizationConstraint().getName()); } if (securityConstraint.getUserDataConstraint() != null){ setUserConstraint(securityConstraint.getUserDataConstraint() .getTransportGuarantee()); } }
public Collection<SecurityConstraint> getSecurityConstraintsForUrlPattern(String urlPattern) { Collection<SecurityConstraint> constraints = new HashSet<SecurityConstraint>(); for (Iterator<SecurityConstraint> i = getSecurityConstraintsSet().iterator(); i.hasNext();) { SecurityConstraint next = i.next(); boolean include = false; for (WebResourceCollection nextCol: next.getWebResourceCollections()) { for (String nextPattern: nextCol.getUrlPatterns()) { if ((urlPattern != null) && urlPattern.equals(nextPattern)) { include = true; break; } } if (include) { break; } } if (include) { constraints.add(next); } } return constraints; }
(SecurityConstraint)scEnum.nextElement(); for (WebResourceCollection wrc: sc.getWebResourceCollections()) { sc.getAuthorizationConstraint(); Enumeration rolesEnum = authCons.getSecurityRoles(); StringBuffer rsb = new StringBuffer(); UserDataConstraint udc =sc.getUserDataConstraint(); if (udc != null) { logger.finest(" Transport guarantee: "+
next.getUserDataConstraint(); String guarantee = (dataConstraint != null) ? dataConstraint.getTransportGuarantee() : null;
securityConstraint.addWebResourceCollection(webResourceColl); for (String urlPattern : urlPatterns) { webResourceColl.addUrlPattern(urlPattern); ac = new AuthorizationConstraintImpl(); securityConstraint.setAuthorizationConstraint(ac); UserDataConstraint.CONFIDENTIAL_TRANSPORT : UserDataConstraint.NONE_TRANSPORT)); securityConstraint.setUserDataConstraint(udc);
AuthorizationConstraint ac = sc.getAuthorizationConstraint(); UserDataConstraint udc = sc.getUserDataConstraint(); for (WebResourceCollection wrc: sc.getWebResourceCollections()) {
next.getUserDataConstraint(); String guarantee = (dataConstraint != null) ? dataConstraint.getTransportGuarantee() : null;
webResourceColl.addUrlPattern(urlPattern); securityConstraint.addWebResourceCollection(webResourceColl); ac = new AuthorizationConstraintImpl(); securityConstraint.setAuthorizationConstraint(ac); UserDataConstraint.CONFIDENTIAL_TRANSPORT : UserDataConstraint.NONE_TRANSPORT)); securityConstraint.setUserDataConstraint(udc);
AuthorizationConstraint ac = sc.getAuthorizationConstraint(); UserDataConstraint udc = sc.getUserDataConstraint(); for (WebResourceCollection wrc: sc.getWebResourceCollections()) {
next.getUserDataConstraint(); String guarantee = (dataConstraint != null) ? dataConstraint.getTransportGuarantee() : null;
protected void combineSecurityConstraints(Set<SecurityConstraint> firstScSet, Set<SecurityConstraint> secondScSet) { Set<String> allUrlPatterns = new HashSet<String>(); for (SecurityConstraint sc : firstScSet) { for (WebResourceCollection wrc : sc.getWebResourceCollections()) { allUrlPatterns.addAll(wrc.getUrlPatterns()); } } for (SecurityConstraint sc : secondScSet) { SecurityConstraint newSc = new SecurityConstraintImpl((SecurityConstraintImpl)sc); boolean addSc = false; Iterator<WebResourceCollection> iter = newSc.getWebResourceCollections().iterator(); while (iter.hasNext()) { WebResourceCollection wrc = iter.next(); Set<String> urlPatterns = wrc.getUrlPatterns(); urlPatterns.removeAll(allUrlPatterns); boolean isEmpty = (urlPatterns.size() == 0); addSc = (addSc || (!isEmpty)); if (isEmpty) { iter.remove(); } } if (addSc) { firstScSet.add(newSc); } } }
/** * Given a WebComponentDescriptor, find the set of urlPattern which does not have * any existing url pattern in SecurityConstraint * @param webCompDesc * @return a list of url String */ public static Set<String> getUrlPatternsWithoutSecurityConstraint(WebComponentDescriptor webCompDesc) { Set<String> urlPatternsWithoutSC = new HashSet<String>(webCompDesc.getUrlPatternsSet()); WebBundleDescriptor webBundleDesc = webCompDesc.getWebBundleDescriptor(); Set<String> urlPatterns = webCompDesc.getUrlPatternsSet(); Enumeration<SecurityConstraint> eSecConstr = webBundleDesc.getSecurityConstraints(); while (eSecConstr.hasMoreElements()) { SecurityConstraint sc = eSecConstr.nextElement(); for (WebResourceCollection wrc : sc.getWebResourceCollections()) { urlPatternsWithoutSC.removeAll(wrc.getUrlPatterns()); } } return urlPatternsWithoutSC; }
/** * Configure security constraint element for a web application, * as represented by a <code><security-constraint></code> element in * the deployment descriptor. * * Configure a web resource collection for a web application's security * constraint, as represented by a * <code><web-resource-collection></code> * element in the deployment descriptor. * */ protected static void configureSecurityConstraint( WebModule webModule, WebBundleDescriptor wmd) { Enumeration<com.sun.enterprise.deployment.web.SecurityConstraint> enumeration = wmd.getSecurityConstraints(); com.sun.enterprise.deployment.web.SecurityConstraint securityConstraint; SecurityConstraintDecorator decorator; SecurityCollectionDecorator secCollDecorator; while (enumeration.hasMoreElements()){ securityConstraint = enumeration.nextElement(); decorator = new SecurityConstraintDecorator(securityConstraint, webModule); for (WebResourceCollection wrc: securityConstraint.getWebResourceCollections()) { secCollDecorator = new SecurityCollectionDecorator(wrc); decorator.addCollection(secCollDecorator); } webModule.addConstraint(decorator); } }
void processServletSecurityElement(ServletSecurityElement servletSecurityElement, WebBundleDescriptor wbd, WebComponentDescriptor wcd) { Set<String> urlPatterns = ServletSecurityHandler.getUrlPatternsWithoutSecurityConstraint(wcd); if (urlPatterns.size() > 0) { SecurityConstraint securityConstraint = ServletSecurityHandler.createSecurityConstraint(wbd, urlPatterns, servletSecurityElement.getRolesAllowed(), servletSecurityElement.getEmptyRoleSemantic(), servletSecurityElement.getTransportGuarantee(), null); //we know there is one WebResourceCollection there WebResourceCollection webResColl = securityConstraint.getWebResourceCollections().iterator().next(); for (HttpMethodConstraintElement httpMethodConstraintElement : servletSecurityElement.getHttpMethodConstraints()) { String httpMethod = httpMethodConstraintElement.getMethodName(); ServletSecurityHandler.createSecurityConstraint(wbd, urlPatterns, httpMethodConstraintElement.getRolesAllowed(), httpMethodConstraintElement.getEmptyRoleSemantic(), httpMethodConstraintElement.getTransportGuarantee(), httpMethod); //exclude this from the top level constraint webResColl.addHttpMethodOmission(httpMethod); } } }
securityConstraint.getWebResourceCollections().iterator().next(); HttpMethodConstraint[] httpMethodConstraints = servletSecurityAn.httpMethodConstraints(); for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {