javax.servlet.annotation.ServletSecurity.TransportGuarantee Java Examples
The following examples show how to use
javax.servlet.annotation.ServletSecurity.TransportGuarantee.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TestStandardContext.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
throws ServletException {
// Register and map servlet
Servlet s = new TesterServlet();
ServletRegistration.Dynamic sr = ctx.addServlet("test", s);
sr.addMapping("/test");
// Add a constraint with uncovered methods
HttpConstraintElement hce = new HttpConstraintElement(
TransportGuarantee.NONE, "tomcat");
HttpMethodConstraintElement hmce =
new HttpMethodConstraintElement("POST", hce);
Set<HttpMethodConstraintElement> hmces = new HashSet<>();
hmces.add(hmce);
ServletSecurityElement sse = new ServletSecurityElement(hmces);
sr.setServletSecurity(sse);
}
Example #2
| Source File: HttpConstraintElement.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Convenience constructor to specify transport guarantee and/or roles.
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee,
String... rolesAllowed) {
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
Example #3
| Source File: TestStandardContext.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
throws ServletException {
// Register and map servlet
Servlet s = new Bug50015Servlet();
ServletRegistration.Dynamic sr = ctx.addServlet("bug50015", s);
sr.addMapping("/bug50015");
// Limit access to users in the Tomcat role
HttpConstraintElement hce = new HttpConstraintElement(
TransportGuarantee.NONE, "tomcat");
ServletSecurityElement sse = new ServletSecurityElement(hce);
sr.setServletSecurity(sse);
}
Example #4
| Source File: HttpConstraintElement.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
*
* @param emptyRoleSemantic
* @param transportGuarantee
* @param rolesAllowed
* @throws IllegalArgumentException if roles are specified when DENY is used
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic,
TransportGuarantee transportGuarantee, String... rolesAllowed) {
if (rolesAllowed != null && rolesAllowed.length > 0 &&
EmptyRoleSemantic.DENY.equals(emptyRoleSemantic)) {
throw new IllegalArgumentException(lStrings.getString(
"httpConstraintElement.invalidRolesDeny"));
}
this.emptyRoleSemantic = emptyRoleSemantic;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
Example #5
| Source File: HttpConstraintElement.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Convenience constructor to specify transport guarantee and/or roles.
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee,
String... rolesAllowed) {
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
Example #6
| Source File: HttpConstraintElement.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Default constraint is permit with no transport guarantee.
*/
public HttpConstraintElement() {
// Default constructor
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
Example #7
| Source File: TestStandardContext.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
throws ServletException {
// Register and map servlet
Servlet s = new Bug50015Servlet();
ServletRegistration.Dynamic sr = ctx.addServlet("bug50015", s);
sr.addMapping("/bug50015");
// Limit access to users in the Tomcat role
HttpConstraintElement hce = new HttpConstraintElement(
TransportGuarantee.NONE, "tomcat");
ServletSecurityElement sse = new ServletSecurityElement(hce);
sr.setServletSecurity(sse);
}
Example #8
| Source File: HttpConstraintElement.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
*
* @param emptyRoleSemantic
* @param transportGuarantee
* @param rolesAllowed
* @throws IllegalArgumentException if roles are specified when DENY is used
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic,
TransportGuarantee transportGuarantee, String... rolesAllowed) {
if (rolesAllowed != null && rolesAllowed.length > 0 &&
EmptyRoleSemantic.DENY.equals(emptyRoleSemantic)) {
throw new IllegalArgumentException(lStrings.getString(
"httpConstraintElement.invalidRolesDeny"));
}
this.emptyRoleSemantic = emptyRoleSemantic;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
Example #9
| Source File: HttpConstraintElement.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Default constraint is permit with no transport guarantee.
*/
public HttpConstraintElement() {
// Default constructor
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
Example #10
| Source File: HttpConstraintElement.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
/**
* Default constraint is permit with no transport guarantee.
*/
public HttpConstraintElement() {
// Default constructor
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
Example #11
| Source File: TestStandardContext.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
throws ServletException {
// Register and map servlet
Servlet s = new TesterServlet();
ServletRegistration.Dynamic sr = ctx.addServlet("bug50015", s);
sr.addMapping("/bug50015");
// Limit access to users in the Tomcat role
HttpConstraintElement hce = new HttpConstraintElement(
TransportGuarantee.NONE, "tomcat");
ServletSecurityElement sse = new ServletSecurityElement(hce);
sr.setServletSecurity(sse);
}
Example #12
| Source File: HttpConstraintElement.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
public TransportGuarantee getTransportGuarantee() {
return transportGuarantee;
}
Example #13
| Source File: HttpConstraintElement.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
/**
* Convenience constructor for {@link EmptyRoleSemantic#DENY}.
*
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic) {
this.emptyRoleSemantic = emptyRoleSemantic;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
Example #14
| Source File: RealmBase.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
/**
* Enforce any user data constraint required by the security constraint
* guarding this request URI. Return <code>true</code> if this constraint
* was not violated and processing should continue, or <code>false</code>
* if we have created a response already.
*
* @param request Request we are processing
* @param response Response we are creating
* @param constraints Security constraint being checked
*
* @exception IOException if an input/output error occurs
*/
@Override
public boolean hasUserDataPermission(Request request,
Response response,
SecurityConstraint []constraints)
throws IOException {
// Is there a relevant user data constraint?
if (constraints == null || constraints.length == 0) {
if (log.isDebugEnabled())
log.debug(" No applicable security constraint defined");
return true;
}
for(int i=0; i < constraints.length; i++) {
SecurityConstraint constraint = constraints[i];
String userConstraint = constraint.getUserConstraint();
if (userConstraint == null) {
if (log.isDebugEnabled())
log.debug(" No applicable user data constraint defined");
return true;
}
if (userConstraint.equals(TransportGuarantee.NONE.name())) {
if (log.isDebugEnabled())
log.debug(" User data constraint has no restrictions");
return true;
}
}
// Validate the request against the user data constraint
if (request.getRequest().isSecure()) {
if (log.isDebugEnabled())
log.debug(" User data constraint already satisfied");
return true;
}
// Initialize variables we need to determine the appropriate action
int redirectPort = request.getConnector().getRedirectPort();
// Is redirecting disabled?
if (redirectPort <= 0) {
if (log.isDebugEnabled())
log.debug(" SSL redirect is disabled");
response.sendError
(HttpServletResponse.SC_FORBIDDEN,
request.getRequestURI());
return false;
}
// Redirect to the corresponding SSL port
StringBuilder file = new StringBuilder();
String protocol = "https";
String host = request.getServerName();
// Protocol
file.append(protocol).append("://").append(host);
// Host with port
if(redirectPort != 443) {
file.append(":").append(redirectPort);
}
// URI
file.append(request.getRequestURI());
String requestedSessionId = request.getRequestedSessionId();
if ((requestedSessionId != null) &&
request.isRequestedSessionIdFromURL()) {
file.append(";");
file.append(SessionConfig.getSessionUriParamName(
request.getContext()));
file.append("=");
file.append(requestedSessionId);
}
String queryString = request.getQueryString();
if (queryString != null) {
file.append('?');
file.append(queryString);
}
if (log.isDebugEnabled())
log.debug(" Redirecting to " + file.toString());
response.sendRedirect(file.toString(), transportGuaranteeRedirectStatus);
return false;
}
Example #15
| Source File: HttpConstraintElement.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
public TransportGuarantee getTransportGuarantee() {
return transportGuarantee;
}
Example #16
| Source File: HttpConstraintElement.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
/**
* Convenience constructor for {@link EmptyRoleSemantic#DENY}.
*
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic) {
this.emptyRoleSemantic = emptyRoleSemantic;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
Example #17
| Source File: HttpConstraintElement.java From Tomcat8-Source-Read with MIT License | 3 votes |
|
/**
* Construct a constraint with a transport guarantee and roles.
*
* @param transportGuarantee The transport guarantee to apply to the newly
* created constraint
* @param rolesAllowed The roles to associate with the newly created
* constraint
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee,
String... rolesAllowed) {
this.emptyRoleSemantic = EmptyRoleSemantic.PERMIT;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
Example #18
| Source File: HttpConstraintElement.java From Tomcat8-Source-Read with MIT License | 3 votes |
|
/**
* Construct a constraint with an empty role semantic, a transport guarantee
* and roles.
*
* @param emptyRoleSemantic The empty role semantic to apply to the newly
* created constraint
* @param transportGuarantee The transport guarantee to apply to the newly
* created constraint
* @param rolesAllowed The roles to associate with the newly created
* constraint
* @throws IllegalArgumentException if roles are specified when DENY is used
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic,
TransportGuarantee transportGuarantee, String... rolesAllowed) {
if (rolesAllowed != null && rolesAllowed.length > 0 &&
EmptyRoleSemantic.DENY.equals(emptyRoleSemantic)) {
throw new IllegalArgumentException(lStrings.getString(
"httpConstraintElement.invalidRolesDeny"));
}
this.emptyRoleSemantic = emptyRoleSemantic;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
Example #19
| Source File: HttpConstraintElement.java From lams with GNU General Public License v2.0 | 3 votes |
|
/**
* Constructor to establish all of getEmptyRoleSemantic,
* getRolesAllowed, and getTransportGuarantee.
*
* @param semantic <tt>EmptyRoleSemantic.DENY</tt> or
* <tt>EmptyRoleSemantic.PERMIT</tt>
* @param guarantee <tt>TransportGuarantee.NONE</tt> or
* <tt>TransportGuarantee.CONFIDENTIAL</tt>
* @param roleNames the names of the roles that are to be allowed
* access, or missing if the semantic is <tt>EmptyRoleSemantic.DENY</tt>
*/
public HttpConstraintElement(EmptyRoleSemantic semantic,
TransportGuarantee guarantee, String... roleNames) {
if (semantic == EmptyRoleSemantic.DENY && roleNames.length > 0) {
throw new IllegalArgumentException(
"Deny semantic with rolesAllowed");
}
this.emptyRoleSemantic = semantic;
this.transportGuarantee = guarantee;
this.rolesAllowed = copyStrings(roleNames);
}
Example #20
| Source File: HttpConstraintElement.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Convenience constructor to establish <tt>EmptyRoleSemantic.DENY</tt>
*
* @param semantic should be EmptyRoleSemantic.DENY
*/
public HttpConstraintElement(EmptyRoleSemantic semantic) {
this(semantic, TransportGuarantee.NONE, new String[0]);
}
Example #21
| Source File: HttpConstraintElement.java From Tomcat8-Source-Read with MIT License | 2 votes |
|
/**
* Construct a constraint with an empty role semantic. Typically used with
* {@link EmptyRoleSemantic#DENY}.
*
* @param emptyRoleSemantic The empty role semantic to apply to the newly
* created constraint
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic) {
this.emptyRoleSemantic = emptyRoleSemantic;
this.transportGuarantee = TransportGuarantee.NONE;
this.rolesAllowed = new String[0];
}
Example #22
| Source File: HttpConstraintElement.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Gets the data protection requirement (i.e., whether or not SSL/TLS is
* required) that must be satisfied by the transport connection.
*
* @return the {@link TransportGuarantee} indicating the data
* protection that must be provided by the connection
*/
public TransportGuarantee getTransportGuarantee() {
return this.transportGuarantee;
}
Example #23
| Source File: HttpConstraintElement.java From lams with GNU General Public License v2.0 | 2 votes |
|
/**
* Constructor to establish non-empty getRolesAllowed and/or
* <tt>TransportGuarantee.CONFIDENTIAL</tt>.
*
* @param guarantee <tt>TransportGuarantee.NONE</tt> or
* <tt>TransportGuarantee.CONFIDENTIAL</tt>
* @param roleNames the names of the roles that are to be
* allowed access
*/
public HttpConstraintElement(TransportGuarantee guarantee,
String... roleNames) {
this(EmptyRoleSemantic.PERMIT, guarantee, roleNames);
}
Example #24
| Source File: HttpConstraintElement.java From piranha with BSD 3-Clause "New" or "Revised" License | 2 votes |
|
/**
* Constructor.
*
* @param transportGuarantee the TransportGuarantee.
* @param rolesAllowed the roles allowed.
*/
public HttpConstraintElement(TransportGuarantee transportGuarantee, String... rolesAllowed) {
this(EmptyRoleSemantic.PERMIT, transportGuarantee, rolesAllowed);
}
Example #25
| Source File: HttpConstraintElement.java From Tomcat8-Source-Read with MIT License | 2 votes |
|
/**
* TODO
* @return TODO
*/
public TransportGuarantee getTransportGuarantee() {
return transportGuarantee;
}
Example #26
| Source File: HttpConstraintElement.java From piranha with BSD 3-Clause "New" or "Revised" License | 2 votes |
|
/**
* Constructor.
*
* @param emptyRoleSemantic the EmptyRoleSemantic.
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic) {
this(emptyRoleSemantic, TransportGuarantee.NONE, new String[0]);
}
Example #27
| Source File: HttpConstraintElement.java From piranha with BSD 3-Clause "New" or "Revised" License | 2 votes |
|
/**
* Get the transport guarantee.
*
* @return the transport guarantee.
*/
public TransportGuarantee getTransportGuarantee() {
return transportGuarantee;
}
Example #28
| Source File: HttpConstraintElement.java From piranha with BSD 3-Clause "New" or "Revised" License | 2 votes |
|
/**
* Constructor.
*
* @param emptyRoleSemantic the EmptyRoleSemantic.
* @param transportGuarantee the TransportGuarantee.
* @param rolesAllowed the roles allowed.
*/
public HttpConstraintElement(EmptyRoleSemantic emptyRoleSemantic, TransportGuarantee transportGuarantee, String... rolesAllowed) {
this.emptyRoleSemantic = emptyRoleSemantic;
this.transportGuarantee = transportGuarantee;
this.rolesAllowed = rolesAllowed;
}
