for (URLPattern pattern : excludedPatterns.values()) {
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethods();
policyConfiguration.addToExcludedPolicy(new WebResourcePermission(name, actions));
policyConfiguration.addToExcludedPolicy(new WebUserDataPermission(name, actions));
}
}
for (Map.Entry<String, Map<String, URLPattern>> entry : rolesPatterns.entrySet()) {
Set<URLPattern> currentRolePatterns = new HashSet<URLPattern>(entry.getValue().values());
for (URLPattern pattern : entry.getValue().values()) {
String name = pattern.getQualifiedPattern(currentRolePatterns);
String actions = pattern.getMethods();
WebResourcePermission permission = new WebResourcePermission(name, actions);
policyConfiguration.addToRole(entry.getKey(), permission);
HTTPMethods methods = pattern.getHTTPMethods();
int transportType = pattern.getTransport();
addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
}
}
for (URLPattern pattern : uncheckedPatterns.values()) {
String name = pattern.getQualifiedPattern(allSet);
HTTPMethods methods = pattern.getHTTPMethods();
addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
int transportType = pattern.getTransport();
addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
}
/**
* A <code>WebResourcePermission</code> and a <code>WebUserDataPermission</code> must be instantiated for
* each <tt>url-pattern</tt> in the deployment descriptor and the default pattern "/", that is not combined
* by the <tt>web-resource-collection</tt> elements of the deployment descriptor with ever HTTP method
* value. The permission objects must be contructed using the qualified pattern as their name and with
* actions defined by the subset of the HTTP methods that do not occur in combination with the pattern.
* The resulting permissions that must be added to the unchecked policy statements by calling the
* <code>addToUncheckedPolcy</code> method on the <code>PolicyConfiguration</code> object.
*/
for (URLPattern pattern : allSet) {
String name = pattern.getQualifiedPattern(allSet);
HTTPMethods methods = pattern.getComplementedHTTPMethods();
if (methods.isNone()) {
continue;
}
addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
}
URLPattern pattern = new URLPattern("/");
if (!allSet.contains(pattern)) {
String name = pattern.getQualifiedPattern(allSet);
HTTPMethods methods = pattern.getComplementedHTTPMethods();
addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
}
//Create the uncheckedPermissions for WebResourcePermissions
for (UncheckedItem item : uncheckedResourcePatterns.keySet()) {
HTTPMethods methods = uncheckedResourcePatterns.get(item);
String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());
policyConfiguration.addToUncheckedPolicy(new WebResourcePermission(item.getName(), actions));
}
//Create the uncheckedPermissions for WebUserDataPermissions
for (UncheckedItem item : uncheckedUserPatterns.keySet()) {
HTTPMethods methods = uncheckedUserPatterns.get(item);
String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());
policyConfiguration.addToUncheckedPolicy(new WebUserDataPermission(item.getName(), actions));
}
//System.out.println(policyConfiguration.getAudit());
return policyConfiguration.getComponentPermissions();
}