Examples of com.sun.enterprise.security.web.integration.WebSecurityManager

Package com.sun.enterprise.security.web.integration

Examples of com.sun.enterprise.security.web.integration.WebSecurityManager

com.sun.enterprise.security.web.integration.WebSecurityManager
The class implements the JSR 115 - JavaTM Authorization Contract for Containers. This class is a companion class of EJBSecurityManager. All the security decisions required to allow access to a resource are defined in that class. @author Jean-Francois Arcand @author Harpreet Singh. @todo introduce a new class called AbstractSecurityManager. Move functionalityfrom this class and EJBSecurityManager class and extend this class from AbstractSecurityManager

    //public boolean hasRole(Principal principal, String role) {
    public boolean hasRole(HttpRequest request,
            HttpResponse response,
            Principal principal,
            String role) {
        WebSecurityManager secMgr = getWebSecurityManager(true);
        if (secMgr == null) {
            return false;
        }


        //add HttpResponse and HttpResponse to the parameters, and remove
        //instance variable currentRequest from this class. References to
        //this.currentRequest are also removed from other methods.
        //String servletName = getResourceName( currentRequest.getRequestURI(),
        //                                      currentRequest.getContextPath());
        String servletName = getCanonicalName(request);


        // END S1AS8PE 4966609
        boolean isGranted = secMgr.hasRoleRefPermission(servletName, role, principal);


        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("Checking if servlet " + servletName + " with principal " + principal + " has role " + role + " isGranted: " + isGranted);
        }

View Full Code Here

        return isGranted;


    }


    public boolean hasRole(String servletName, Principal principal, String role) {
        WebSecurityManager secMgr = getWebSecurityManager(true);
  if (secMgr == null) {
      return false;
  }
        return secMgr.hasRoleRefPermission(servletName, role, principal);
    }

View Full Code Here

        }


        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("[Web-Security] [ hasResourcePermission ] Principal: " + hrequest.getUserPrincipal() + " ContextPath: " + hrequest.getContextPath());
        }
        WebSecurityManager secMgr = getWebSecurityManager(true);


        if (secMgr == null) {
            return false;
        }
        return secMgr.hasResourcePermission(hrequest);
    }

View Full Code Here

                _logger.fine("[Web-Security] request.getRequest().isSecure(): " + request.getRequest().isSecure());
            }
            return true;
        }


        WebSecurityManager secMgr = getWebSecurityManager(true);
        if (secMgr == null) {
            return false;
        }


        int isGranted = 0;
        try {
      isGranted = secMgr.hasUserDataPermission(hrequest,uri,method);
        } catch (IllegalArgumentException e) {
            //end the request after getting IllegalArgumentException while checking
            //user data permission
            String msgWithId = rb.getString("realmAdapter.badRequestWithId");
            _logger.log(Level.WARNING, msgWithId, e);

View Full Code Here

    public SecurityConstraint[] findSecurityConstraints(HttpRequest request,
            Context context) {
       if (this.helper == null) {
            initConfigHelper(context.getServletContext());
        }
        WebSecurityManager secMgr = getWebSecurityManager(false);


        if (secMgr != null && secMgr.hasNoConstrainedResources() &&
       !isSecurityExtensionEnabled(context.getServletContext())) {
            return null;
        }
        SecurityConstraint[] constraints = RealmAdapter.emptyConstraints;
        return constraints;

View Full Code Here

    public SecurityConstraint[] findSecurityConstraints(String requestPathMB,
            String httpMethod, Context context) {
        if (this.helper == null) {
            initConfigHelper(context.getServletContext());
        }
        WebSecurityManager secMgr = getWebSecurityManager(false);


        if (secMgr != null && secMgr.hasNoConstrainedResources() &&
       !isSecurityExtensionEnabled(context.getServletContext())) {
            return null;
        }


        SecurityConstraint[] constraints = RealmAdapter.emptyConstraints;

View Full Code Here

                disableProxyCaching(request, response, disableProxyCaching,
                        securePagesWithPragma);
                if (ssoEnabled) {
                    HttpServletRequest hreq =
                            (HttpServletRequest) request.getRequest();
                    WebSecurityManager webSecMgr = getWebSecurityManager(true);
                    if (!webSecMgr.permitAll(hreq)) {
                        //create a session for protected sso association
                        hreq.getSession(true);
                    }
                }
            }

View Full Code Here

        MessageInfo messageInfo = new HttpMessageInfo(req, res);


        boolean rvalue = false;
        boolean isMandatory = true;
        try {
            WebSecurityManager webSecMgr = getWebSecurityManager(true);
            isMandatory = !webSecMgr.permitAll(req);
            //Issue  - 9578 - produce user challenge if call originates from HttpRequest.authenticate
            if (isMandatory || calledFromAuthenticate) {
                messageInfo.getMap().put(HttpServletConstants.IS_MANDATORY,
                        Boolean.TRUE.toString());
            }

View Full Code Here

    //public boolean hasRole(Principal principal, String role) {
    public boolean hasRole(HttpRequest request,
            HttpResponse response,
            Principal principal,
            String role) {
        WebSecurityManager secMgr = getWebSecurityManager(true);
        if (secMgr == null) {
            return false;
        }


        //add HttpResponse and HttpResponse to the parameters, and remove
        //instance variable currentRequest from this class. References to
        //this.currentRequest are also removed from other methods.
        //String servletName = getResourceName( currentRequest.getRequestURI(),
        //                                      currentRequest.getContextPath());
        String servletName = getCanonicalName(request);


        // END S1AS8PE 4966609
        boolean isGranted = secMgr.hasRoleRefPermission(servletName, role, principal);


        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("Checking if servlet " + servletName + " with principal " + principal + " has role " + role + " isGranted: " + isGranted);
        }

View Full Code Here

        return isGranted;


    }


    public boolean hasRole(String servletName, Principal principal, String role) {
        WebSecurityManager secMgr = getWebSecurityManager(true);
  if (secMgr == null) {
      return false;
  }
        return secMgr.hasRoleRefPermission(servletName, role, principal);
    }

View Full Code Here

0 1 2 3 4 5 6 7 8

TOP

Related Classes of com.sun.enterprise.security.web.integration.WebSecurityManager

com.sun.enterprise.deployment.runtime.web.SunWebApp

com.sun.enterprise.deployment.web.LoginConfiguration

com.sun.enterprise.security.audit.AuditManager

com.sun.enterprise.security.CachedPermissionImpl

com.sun.enterprise.security.ee.audit.AppServerAuditManager

com.sun.enterprise.security.ee.CachedPermissionImpl

com.sun.enterprise.security.ee.SecurityDeployer

com.sun.enterprise.security.SecurityContext

com.sun.enterprise.security.SecurityDeployer

com.sun.web.security.RealmAdapter

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.