Package javax.security.jacc

Examples of javax.security.jacc.WebResourcePermission


  
   
  
   private void checkUncheckedPermissions(Permissions p)
   {
      assertTrue(p.implies(new WebResourcePermission("/sslprotected.jsp", "!GET,POST")));
      assertTrue(p.implies(new WebResourcePermission("/:/secured.jsp:/unchecked.jsp:/excluded.jsp:/sslprotected.jsp",
            (String) null)));
      assertTrue(p.implies(new WebResourcePermission("/excluded.jsp", "!GET,POST")));
      assertTrue(p.implies(new WebResourcePermission("/secured.jsp", "!GET,POST")));
      assertTrue(p.implies(new WebResourcePermission("/unchecked.jsp", (String) null)));
     
      assertTrue(p.implies(new WebUserDataPermission("/sslprotected.jsp", "GET,POST:CONFIDENTIAL")));
      assertTrue(p.implies(new WebUserDataPermission("/excluded.jsp", "!GET,POST")));
      assertTrue(p.implies(new WebUserDataPermission("/sslprotected.jsp", "!GET,POST")));
      assertTrue(p.implies(new WebUserDataPermission("/secured.jsp", (String) null)));
View Full Code Here


      assertTrue(p.implies(new WebUserDataPermission("/unchecked.jsp", (String) null)));
   }
  
   private void checkExcludedPermissions(Permissions p)
   {
      assertTrue(p.implies(new WebResourcePermission("/excluded.jsp", "GET,POST")));
      assertTrue(p.implies(new WebUserDataPermission("/excluded.jsp", "GET,POST")));
   }
View Full Code Here

      assertTrue(p.implies(new WebRoleRefPermission("", "Manager")));
   }
  
   private void checkAddToRoleForAdministrator(Permissions p)
   {
      assertTrue(p.implies(new WebResourcePermission("/secured.jsp", "GET,POST")));
      assertTrue(p.implies(new WebResourcePermission("/sslprotected.jsp", "GET,POST")));
     
      assertTrue(p.implies(new WebRoleRefPermission("secured", "ADM")));
      assertTrue(p.implies(new WebRoleRefPermission("secured", "Administrator")));
      assertTrue(p.implies(new WebRoleRefPermission("sslprotected", "ADM")));
      assertTrue(p.implies(new WebRoleRefPermission("sslprotected", "Administrator")));
View Full Code Here

     
         try
         {
            Permissions perms = this.getPermissionsForRole("*");
            if(perms != null)
               implied = perms.implies(new WebResourcePermission("/*",(String)null));
         }
         catch (PolicyContextException e)
         {
            throw new RuntimeException(e);
        
View Full Code Here

         // Create the excluded permissions
         String[] httpMethods = info.getExcludedMethods();
         if( httpMethods != null )
         {
            // There were excluded security-constraints
            WebResourcePermission wrp = new WebResourcePermission(qurl, httpMethods);
            WebUserDataPermission wudp = new WebUserDataPermission(qurl,
               httpMethods, null);
            pc.addToExcludedPolicy(wrp);
            pc.addToExcludedPolicy(wudp);
           
            //!(excluded methods)  [JACC 1.1]
            String excludedString = "!" + getCommaSeparatedString(httpMethods);
            WebResourcePermission wrp1 = new WebResourcePermission(info.pattern, excludedString);
            WebUserDataPermission wudp1 = new WebUserDataPermission(info.pattern,excludedString);
            pc.addToUncheckedPolicy(wrp1);
            pc.addToUncheckedPolicy(wudp1);
         }

         // Create the role permissions
         Iterator<Map.Entry<String, Set<String>>> roles = info.getRoleMethods();
         while( roles.hasNext() )
         {
            Map.Entry<String, Set<String>> roleMethods = roles.next();
            String role = (String) roleMethods.getKey();
            WebResourcePermission wrp;
            if("*".equals(role))
            {
               //JBAS-1824: <role-name>*</role-name>   
               wrp = new WebResourcePermission(qurl, (String)null);
            }
            else
            {
               Set<String> methods = roleMethods.getValue();
               httpMethods = new String[methods.size()];
               methods.toArray(httpMethods);
               wrp = new WebResourcePermission(qurl, httpMethods);
            }
            pc.addToRole(role, wrp);
           
            //JACC 1.1: create !(httpmethods) in unchecked perms
            if(httpMethods != null)
            {
               final String pattern = info.pattern;
               final String methodsAsString = "!" + getCommaSeparatedString(httpMethods);
               WebResourcePermission wrpUnchecked = null;
               try
               {
                  wrpUnchecked = new WebResourcePermission(pattern, methodsAsString);
               }
               catch (final IllegalArgumentException iae)
               {
                  throw new IllegalArgumentException("Could not create resource permission with pattern \"" + pattern
                        + "\" and methods: " + methodsAsString, iae);
               }
               pc.addToUncheckedPolicy(wrpUnchecked);
            }
         }

         // Create the unchecked permissions
         String[] missingHttpMethods = info.getMissingMethods();
         if( missingHttpMethods.length > 0 )
         {
            // Create the unchecked permissions WebResourcePermissions
            WebResourcePermission wrp = new WebResourcePermission(qurl, missingHttpMethods);
            pc.addToUncheckedPolicy(wrp)
         }
         else
            pc.addToUncheckedPolicy(new WebResourcePermission(qurl, (String)null));
        
         //SECURITY-63: Missing auth-constraint needs unchecked policy
         if(info.isMissingAuthConstraint)
         {
            pc.addToUncheckedPolicy(new WebResourcePermission(qurl, (String)null));
         }

         // Create the unchecked permissions WebUserDataPermissions
         Iterator<Map.Entry<String, Set<String>>> transportContraints = info.getTransportMethods();
         while( transportContraints.hasNext() )
View Full Code Here

        for (URLPattern pattern : excludedPatterns.values()) {
            String name = pattern.getQualifiedPattern(allSet);
            String actions = pattern.getMethods();

            excludedPermissions.add(new WebResourcePermission(name, actions));
            excludedPermissions.add(new WebUserDataPermission(name, actions));
        }

        for (URLPattern pattern : rolesPatterns.values()) {
            String name = pattern.getQualifiedPattern(allSet);
            String actions = pattern.getMethods();
            WebResourcePermission permission = new WebResourcePermission(name, actions);

            for (String roleName : pattern.getRoles()) {
                addPermissionToRole(roleName, permission, rolePermissions);
            }
            HTTPMethods methods = pattern.getHTTPMethods();
            int transportType = pattern.getTransport();

            addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
        }

        for (URLPattern pattern : uncheckedPatterns.values()) {
            String name = pattern.getQualifiedPattern(allSet);
            HTTPMethods methods = pattern.getHTTPMethods();

            addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);

            int transportType = pattern.getTransport();
            addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
        }

        /**
         * A <code>WebResourcePermission</code> and a <code>WebUserDataPermission</code> must be instantiated for
         * each <tt>url-pattern</tt> in the deployment descriptor and the default pattern "/", that is not combined
         * by the <tt>web-resource-collection</tt> elements of the deployment descriptor with ever HTTP method
         * value.  The permission objects must be contructed using the qualified pattern as their name and with
         * actions defined by the subset of the HTTP methods that do not occur in combination with the pattern.
         * The resulting permissions that must be added to the unchecked policy statements by calling the
         * <code>addToUncheckedPolcy</code> method on the <code>PolicyConfiguration</code> object.
         */
        for (URLPattern pattern : allSet) {
            String name = pattern.getQualifiedPattern(allSet);
            HTTPMethods methods = pattern.getComplementedHTTPMethods();

            if (methods.isNone()) {
                continue;
            }

            addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
            addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
        }

        URLPattern pattern = new URLPattern("/");
        if (!allSet.contains(pattern)) {
            String name = pattern.getQualifiedPattern(allSet);
            HTTPMethods methods = pattern.getComplementedHTTPMethods();

            addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
            addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
        }

        //Create the uncheckedPermissions for WebResourcePermissions
        for (UncheckedItem item : uncheckedResourcePatterns.keySet()) {
            HTTPMethods methods = uncheckedResourcePatterns.get(item);
            String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());

            uncheckedPermissions.add(new WebResourcePermission(item.getName(), actions));
        }
        //Create the uncheckedPermissions for WebUserDataPermissions
        for (UncheckedItem item : uncheckedUserPatterns.keySet()) {
            HTTPMethods methods = uncheckedUserPatterns.get(item);
            String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());
View Full Code Here

            AccessControlContext acc = ContextManager.getCurrentContext();

            /**
             * JACC v1.0 section 4.1.2
             */
            acc.checkPermission(new WebResourcePermission(request));

        } catch (AccessControlException ace) {
            response.sendError(Response.SC_FORBIDDEN);
            return false;
        }
View Full Code Here

        buildPrincipalRoleMap(securityConfig, roleDesignates, principalRoleMap);

        PermissionCollection uncheckedPermissions = new Permissions();

        PermissionCollection excludedPermissions = new Permissions();
        excludedPermissions.add(new WebResourcePermission("/auth/login.html", ""));
        excludedPermissions.add(new WebUserDataPermission("/auth/login.html", ""));

        Map rolePermissions = new HashMap();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebUserDataPermission("/protected/*", ""));
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        ComponentPermissions componentPermissions = new ComponentPermissions(excludedPermissions, uncheckedPermissions, rolePermissions);

View Full Code Here

        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));

        Map rolePermissions = new HashMap();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set securityRoles = new HashSet();
        securityRoles.add("content-administrator");
View Full Code Here

             * JACC v1.0 section 4.1.1
             */
            WebUserDataPermission wudp = new WebUserDataPermission(substitutedPathInContext, new String[]{request.getMethod()}, transportType);
            acc.checkPermission(wudp);

            WebResourcePermission webResourcePermission = new WebResourcePermission(request);
            /**
             * JACC v1.0 section 4.1.2
             */
            if (isAuthenticated) {
                //current user is logged in, this is the actual check
View Full Code Here

TOP

Related Classes of javax.security.jacc.WebResourcePermission

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.