methods.add(method.getMethod());
if (method.getRolesAllowed().isEmpty() && method.getEmptyRoleSemantic() == EmptyRoleSemantic.PERMIT) {
//this is an implict allow
continue;
}
SecurityConstraint newConstraint = new SecurityConstraint()
.addRolesAllowed(method.getRolesAllowed())
.setTransportGuaranteeType(method.getTransportGuaranteeType())
.addWebResourceCollection(new WebResourceCollection().addUrlPatterns(mappings)
.addHttpMethod(method.getMethod()));
builder.addSecurityConstraint(newConstraint);
}
//now add the constraint, unless it has all default values and method constrains where specified
if (!securityInfo.getRolesAllowed().isEmpty()
|| securityInfo.getEmptyRoleSemantic() != EmptyRoleSemantic.PERMIT
|| methods.isEmpty()) {
SecurityConstraint newConstraint = new SecurityConstraint()
.setEmptyRoleSemantic(securityInfo.getEmptyRoleSemantic())
.addRolesAllowed(securityInfo.getRolesAllowed())
.setTransportGuaranteeType(securityInfo.getTransportGuaranteeType())
.addWebResourceCollection(new WebResourceCollection().addUrlPatterns(mappings)
.addHttpMethodOmissions(methods));