Package javax.security.jacc

Examples of javax.security.jacc.WebResourcePermission

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));

        Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set<String> securityRoles = new HashSet<String>();
        securityRoles.add("content-administrator");
View Full Code Here
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));

        Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set<String> securityRoles = new HashSet<String>();
        securityRoles.add("content-administrator");
View Full Code Here
55
56
57
58
59
60
61
62
63
64
65
        }
    }

    public boolean isAuthMandatory(Request request, Object constraints) {
        try {
            defaultACC.checkPermission(new WebResourcePermission(request));
            return false;
        } catch (AccessControlException e) {
            return true;
        }
    }
View Full Code Here
69
70
71
72
73
74
75
76
77
78
79
            return false;
        }

        AccessControlContext acc = ((JACCUserIdentity)userIdentity).getAccessControlContext();
        try {
            acc.checkPermission(new WebResourcePermission(request));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }
View Full Code Here
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));
//        uncheckedPermissions.add(new WebResourcePermission("/auth/j_security_check", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/j_security_check", ""));

        Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set<String> securityRoles = new HashSet<String>();
        securityRoles.add("content-administrator");
View Full Code Here
143
144
145
146
147
148
149
150
151
152
153
        AccessControlContext acc = ((GeronimoUserIdentity)userIdentity).getAccessControlContext();
        return checkWebResourcePermission(request, acc);
    }

    private boolean checkWebResourcePermission(Request request, AccessControlContext acc) {
        WebResourcePermission webResourcePermission = new WebResourcePermission(request);
        /**
         * JACC v1.0 section 4.1.2
         */
        //user is not logged in: if access denied, try to log them in.
        try {
View Full Code Here
122
123
124
125
126
127
128
129
130
131
132
        //Setup default JSP Factory
        Class.forName("org.apache.jasper.compiler.JspRuntimeContext");
        if (securityHandlerFactory == null) {
            Permissions unchecked = new Permissions();
            unchecked.add(new WebUserDataPermission("/", null));
            unchecked.add(new WebResourcePermission("/", ""));
            ComponentPermissions componentPermissions = new ComponentPermissions(new Permissions(), unchecked, Collections.<String, PermissionCollection>emptyMap());
            applicationPolicyConfigurationManager = setUpJACC(Collections.<String, SubjectInfo>emptyMap(), Collections.<Principal, Set<String>>emptyMap(), componentPermissions, policyContextId);
            LoginService loginService = newLoginService();
//            final ServletCallbackHandler callbackHandler = new ServletCallbackHandler(loginService);
            final Subject subject = new Subject();
View Full Code Here
49
50
51
52
53
54
55
56
57
58
59
        WebAppInfoBuilder webAppInfoBuilder = new WebAppInfoBuilder(webApp, new DefaultWebAppInfoFactory());
        webAppInfoBuilder.build();
        SpecSecurityBuilder builder = new SpecSecurityBuilder(webAppInfoBuilder.getWebAppInfo());
        ComponentPermissions permissions = builder.buildSpecSecurityConfig();
        PermissionCollection unchecked = permissions.getUncheckedPermissions();
        assertTrue(unchecked.implies(new WebResourcePermission("/login.do", "!")));
        assertTrue(unchecked.implies(new WebResourcePermission("/foo", "!")));
        assertFalse(unchecked.implies(new WebResourcePermission("/foo.do", "!")));
        PermissionCollection adminPermissions = permissions.getRolePermissions().get("Admin");
        assertTrue(adminPermissions.implies(new WebResourcePermission("foo.do", "GET,POST")));
    }
View Full Code Here
67
68
69
70
71
72
73
74
75
76
        WebApp webApp = parse("security/web2.xml");
        WebAppInfoBuilder webAppInfoBuilder = new WebAppInfoBuilder(webApp, new DefaultWebAppInfoFactory());
        webAppInfoBuilder.build();
        SpecSecurityBuilder builder = new SpecSecurityBuilder(webAppInfoBuilder.getWebAppInfo());
        ComponentPermissions permissions = builder.buildSpecSecurityConfig();
        Permission p = new WebResourcePermission("/Test/Foo", "GET,POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(new WebResourcePermission("/Test", ""), permissions, null));
        assertFalse(implies(new WebResourcePermission("/Test", "!"), permissions, null));
    }
View Full Code Here
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
        WebApp webApp = parse("security/web3.xml");
        WebAppInfoBuilder webAppInfoBuilder = new WebAppInfoBuilder(webApp, new DefaultWebAppInfoFactory());
        webAppInfoBuilder.build();
        SpecSecurityBuilder builder = new SpecSecurityBuilder(webAppInfoBuilder.getWebAppInfo());
        ComponentPermissions permissions = builder.buildSpecSecurityConfig();
        Permission p = new WebResourcePermission("/Test/Foo", "GET,POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, null));
        p = new WebResourcePermission("/Test/Bar/Foo", "GET,POST");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, null));
        // check only GET method excluded here.
        p = new WebResourcePermission("/Test/Baz/Foo", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        p = new WebResourcePermission("/Test/Baz/Foo", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        // test excluding longer path than allowed
        p = new WebResourcePermission("/Foo/Baz", "GET");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
    }
View Full Code Here
TOP

Related Classes of javax.security.jacc.WebResourcePermission

  • com.sun.enterprise.security.web.integration.WebPermissionUtil
  • com.sun.web.security.WebPermissionUtil
  • org.apache.geronimo.axis.builder.AxisModuleBuilderExtension
  • org.apache.geronimo.jaxws.builder.JAXWSEJBModuleBuilderExtension
  • org.apache.geronimo.jaxws.ejb.builder.JAXWSEJBModuleBuilderExtension
  • org.apache.geronimo.jetty.deployment.JettyModuleBuilder
  • org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter
  • org.apache.geronimo.jetty.JettyWebAppJACCContext
  • org.apache.geronimo.jetty.JettyXMLConfiguration
  • org.apache.geronimo.jetty.SecurityTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.