javax.servlet.HttpMethodConstraintElement Java Examples

The following examples show how to use javax.servlet.HttpMethodConstraintElement. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TestStandardContext.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up 
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
        throws ServletException {
    // Register and map servlet
    Servlet s = new TesterServlet();
    ServletRegistration.Dynamic sr = ctx.addServlet("test", s);
    sr.addMapping("/test");

    // Add a constraint with uncovered methods
    HttpConstraintElement hce = new HttpConstraintElement(
            TransportGuarantee.NONE, "tomcat");
    HttpMethodConstraintElement hmce =
            new HttpMethodConstraintElement("POST", hce);
    Set<HttpMethodConstraintElement> hmces = new HashSet<>();
    hmces.add(hmce);
    ServletSecurityElement sse = new ServletSecurityElement(hmces);
    sr.setServletSecurity(sse);
}
Example #2
Source File: ServletRegistrationImpl.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up 
@Override
public Set<String> setServletSecurity(final ServletSecurityElement constraint) {
    if (constraint == null) {
        throw UndertowMessages.MESSAGES.argumentCannotBeNull("constraint");
    }
    DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();

    //this is not super efficient, but it does not really matter
    final Set<String> urlPatterns = new HashSet<>();
    for (SecurityConstraint sc : deploymentInfo.getSecurityConstraints()) {
        for (WebResourceCollection webResources : sc.getWebResourceCollections()) {
            urlPatterns.addAll(webResources.getUrlPatterns());
        }
    }
    final Set<String> ret = new HashSet<>();
    for (String url : servletInfo.getMappings()) {
        if (urlPatterns.contains(url)) {
            ret.add(url);
        }
    }
    ServletSecurityInfo info = new ServletSecurityInfo();
    servletInfo.setServletSecurityInfo(info);
    info.setTransportGuaranteeType(constraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
            .setEmptyRoleSemantic(emptyRoleSemantic(constraint.getEmptyRoleSemantic()))
            .addRolesAllowed(constraint.getRolesAllowed());

    for (final HttpMethodConstraintElement methodConstraint : constraint.getHttpMethodConstraints()) {
        info.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo()
                .setTransportGuaranteeType(methodConstraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                .setMethod(methodConstraint.getMethodName())
                .setEmptyRoleSemantic(emptyRoleSemantic(methodConstraint.getEmptyRoleSemantic()))
                .addRolesAllowed(methodConstraint.getRolesAllowed()));
    }
    return ret;
}
Example #3
Source File: ServletRegistrationImpl.java    From lams with GNU General Public License v2.0 5 votes vote down vote up 
@Override
public Set<String> setServletSecurity(final ServletSecurityElement constraint) {
    if (constraint == null) {
        throw UndertowMessages.MESSAGES.argumentCannotBeNull("constraint");
    }
    DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();

    //this is not super efficient, but it does not really matter
    final Set<String> urlPatterns = new HashSet<>();
    for (SecurityConstraint sc : deploymentInfo.getSecurityConstraints()) {
        for (WebResourceCollection webResources : sc.getWebResourceCollections()) {
            urlPatterns.addAll(webResources.getUrlPatterns());
        }
    }
    final Set<String> ret = new HashSet<>();
    for (String url : servletInfo.getMappings()) {
        if (urlPatterns.contains(url)) {
            ret.add(url);
        }
    }
    ServletSecurityInfo info = new ServletSecurityInfo();
    servletInfo.setServletSecurityInfo(info);
    info.setTransportGuaranteeType(constraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
            .setEmptyRoleSemantic(emptyRoleSemantic(constraint.getEmptyRoleSemantic()))
            .addRolesAllowed(constraint.getRolesAllowed());

    for (final HttpMethodConstraintElement methodConstraint : constraint.getHttpMethodConstraints()) {
        info.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo()
                .setTransportGuaranteeType(methodConstraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                .setMethod(methodConstraint.getMethodName())
                .setEmptyRoleSemantic(emptyRoleSemantic(methodConstraint.getEmptyRoleSemantic()))
                .addRolesAllowed(methodConstraint.getRolesAllowed()));
    }
    return ret;
}