collection.addMethod(methodElement.getMethodName()); result.add(constraint);
public SecurityConstaintBuilder addCollection(final String name, final String pattern, final String... methods) { final SecurityCollection collection = new SecurityCollection(); collection.setName(name); collection.addPattern(pattern); for (final String httpMethod : methods) { collection.addMethod(httpMethod); } securityConstraint.addCollection(collection); return this; }
public SecurityConstaintBuilder addCollection(final String name, final String pattern, final String... methods) { final SecurityCollection collection = new SecurityCollection(); collection.setName(name); collection.addPattern(pattern); for (final String httpMethod : methods) { collection.addMethod(httpMethod); } securityConstraint.addCollection(collection); return this; }
private static void handleOmittedMethods(Set<String> omittedMethods, String pattern, boolean denyUncoveredHttpMethods, List<SecurityConstraint> newConstraints, Log log) { if (omittedMethods.size() > 0) { StringBuilder msg = new StringBuilder(); for (String method : omittedMethods) { msg.append(method); msg.append(' '); } if (denyUncoveredHttpMethods) { log.info(sm.getString( "securityConstraint.uncoveredHttpOmittedMethodFix", pattern, msg.toString().trim())); SecurityCollection collection = new SecurityCollection(); for (String method : omittedMethods) { collection.addMethod(method); } collection.addPatternDecoded(pattern); collection.setName("deny-uncovered-http-methods"); SecurityConstraint constraint = new SecurityConstraint(); constraint.setAuthConstraint(true); constraint.addCollection(collection); newConstraints.add(constraint); } else { log.error(sm.getString( "securityConstraint.uncoveredHttpOmittedMethod", pattern, msg.toString().trim())); } } } }
private static void handleOmittedMethods(Set<String> omittedMethods, String pattern, boolean denyUncoveredHttpMethods, List<SecurityConstraint> newConstraints, Log log) { if (omittedMethods.size() > 0) { StringBuilder msg = new StringBuilder(); for (String method : omittedMethods) { msg.append(method); msg.append(' '); } if (denyUncoveredHttpMethods) { log.info(sm.getString( "securityConstraint.uncoveredHttpOmittedMethodFix", pattern, msg.toString().trim())); SecurityCollection collection = new SecurityCollection(); for (String method : omittedMethods) { collection.addMethod(method); } collection.addPatternDecoded(pattern); collection.setName("deny-uncovered-http-methods"); SecurityConstraint constraint = new SecurityConstraint(); constraint.setAuthConstraint(true); constraint.addCollection(collection); newConstraints.add(constraint); } else { log.error(sm.getString( "securityConstraint.uncoveredHttpOmittedMethod", pattern, msg.toString().trim())); } } } }
collection.addMethod(methodElement.getMethodName()); result.add(constraint);
collection.addMethod(methodElement.getMethodName()); result.add(constraint);
tomcatSecCollection.addMethod(method);
@Override public SecurityConstraint[] findSecurityConstraints(final Request request, final Context context) { final SecurityConstraint[] sc = super.findSecurityConstraints(request, context); if (beanManager() == null) { return sc; } final FindSecurityConstraintsEvent event = new FindSecurityConstraintsEvent(request.getRequest(), context.getPath()); beanManager().fireEvent(event); if (!event.getRoles().isEmpty()) { final SecurityConstraint s = new SecurityConstraint(); final SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); // only for the current request collection.addMethod(request.getMethod()); s.addCollection(collection); if (event.getUserConstraint() != null) { s.setUserConstraint(event.getUserConstraint()); } for(final String r: event.getRoles()) { s.addAuthRole(r); } return new SecurityConstraint[] { s }; } return sc; }