Examples of javax.servlet.ServletSecurityElement

javax.servlet.ServletSecurityElement
@since Servlet 3.0

        return containerCreatedDynamicServlets.containsKey(servlet);
    }


    public void addContainerCreatedDynamicServletEntry(ServletRegistration.Dynamic registration, String servletClass) {
        if (annotationScanRequired) {
            ServletSecurityElement servletSecurityElement = processServletConstraintAnnotation(servletClass);
            if (servletSecurityElement != null) {
                setDynamicServletSecurity(registration, servletSecurityElement);
            }
        }
    }

View Full Code Here

            }
            ServletSecurity servletSecurity = cls.getAnnotation(ServletSecurity.class);
            if (servletSecurity == null) {
                return null;
            }
            return new ServletSecurityElement(servletSecurity);
        } catch (ClassNotFoundException e) {
            //Should never occur, as webservice builder  have already checked it.
            logger.error("Fail to load class", e);
        }
        return null;

View Full Code Here

        }
        return null;
    }


    private void processServletSecurityAnnotation(List<SecurityConstraintInfo> securityConstraints, ServletSecurity servletSecurity, Collection<String> urlPatterns) {
        processServletSecurityElement(securityConstraints, new ServletSecurityElement(servletSecurity), urlPatterns);
    }

View Full Code Here

        ServletSecurity secAnnotation =
            clazz.getAnnotation(ServletSecurity.class);
        if (secAnnotation != null) {
            ctxt.addServletSecurity(
                    new ApplicationServletRegistration(this, ctxt),
                    new ServletSecurityElement(secAnnotation));
        }
    }

View Full Code Here

                                            annotationMethodConstraint.getMethod(), constraint2);
                                    methodConstraints.add(methodConstraint);
                                }
                            }


                            ServletSecurityElement servletSecurity = new ServletSecurityElement(constraint, methodConstraints);
                            wrapper.setServletSecurity(servletSecurity);
                        }


                    }
                }

View Full Code Here

                                            annotationMethodConstraint.getMethod(), constraint2);
                                    methodConstraints.add(methodConstraint);
                                }
                            }


                            ServletSecurityElement servletSecurity = new ServletSecurityElement(constraint, methodConstraints);
                            wrapper.setServletSecurity(servletSecurity);
                        }


                    }
                }

View Full Code Here

  }


  private void addServletSecurity(Class<? extends Servlet> servletClass,
                                  ServletSecurity security)
  {
    ServletSecurityElement securityElement
      = new ServletSecurityElement(security);


    _servletManager.addSecurityElement(servletClass, securityElement);
  }

View Full Code Here

  private void initSecurityConstraints()
  {
    Map<String, ServletConfigImpl> servlets = _servletManager.getServlets();


    for (Map.Entry<String, ServletConfigImpl> entry : servlets.entrySet()) {
      ServletSecurityElement securityElement
        = entry.getValue().getSecurityElement();


      if (securityElement == null)
        continue;


      /*
      ServletSecurity.EmptyRoleSemantic rootRoleSemantic
        = securityElement.getEmptyRoleSemantic();
        */


      final Set<String> patterns = _servletMapper.getUrlPatterns(entry.getKey());
      final Collection<HttpMethodConstraintElement> constraints
        = securityElement.getHttpMethodConstraints();


      if (constraints != null) {
        for (HttpMethodConstraintElement httpMethodConstraintElement : securityElement
            .getHttpMethodConstraints()) {
          ServletSecurity.EmptyRoleSemantic emptyRoleSemantic =
            httpMethodConstraintElement.getEmptyRoleSemantic();


          ServletSecurity.TransportGuarantee transportGuarantee =
            httpMethodConstraintElement.getTransportGuarantee();


          String[] roles = httpMethodConstraintElement.getRolesAllowed();


          SecurityConstraint constraint = new SecurityConstraint();
          constraint.setFallthrough(false);


          if (emptyRoleSemantic == ServletSecurity.EmptyRoleSemantic.DENY) {
            constraint.addConstraint(new PermitEmptyRolesConstraint(false));
          } else if (roles.length == 0
                     && transportGuarantee == ServletSecurity.TransportGuarantee.NONE) {
            constraint.addConstraint(new PermitEmptyRolesConstraint(true));
          } else {
            for (String role : roles)
              constraint.addRoleName(role);


            if (transportGuarantee == ServletSecurity.TransportGuarantee.CONFIDENTIAL)
              constraint.addConstraint(new TransportConstraint("CONFIDENTIAL"));
          }


          WebResourceCollection resources = new WebResourceCollection();
          resources.addHttpMethod(httpMethodConstraintElement.getMethodName());


          for (String pattern : patterns) {
            resources.addURLPattern(pattern);
            constraint.addURLPattern(pattern);
          }


          constraint.addWebResourceCollection(resources);


          _constraintManager.addConstraint(constraint);
        }
      }


      ServletSecurity.EmptyRoleSemantic emptyRoleSemantic
        = securityElement.getEmptyRoleSemantic();


      ServletSecurity.TransportGuarantee transportGuarantee
        = securityElement.getTransportGuarantee();


      String []roles = securityElement.getRolesAllowed();


      SecurityConstraint constraint = new SecurityConstraint();


      if (emptyRoleSemantic == ServletSecurity.EmptyRoleSemantic.DENY) {
        constraint.addConstraint(new PermitEmptyRolesConstraint(false));

View Full Code Here

            sr.addMapping("/bug50015");
            
            // Limit access to users in the Tomcat role
            HttpConstraintElement hce = new HttpConstraintElement(
                    TransportGuarantee.NONE, "tomcat");
            ServletSecurityElement sse = new ServletSecurityElement(hce);
            sr.setServletSecurity(sse);
        }

View Full Code Here

        ServletSecurity secAnnotation =
            clazz.getAnnotation(ServletSecurity.class);
        if (secAnnotation != null) {
            ctxt.addServletSecurity(
                    new ApplicationServletRegistration(this, ctxt),
                    new ServletSecurityElement(secAnnotation));
        }
    }

View Full Code Here

0 1 2 3 4 5 6 7 8

TOP

Related Classes of javax.servlet.ServletSecurityElement

com.acme.TestListener

com.caucho.server.webapp.WebApp

org.apache.catalina.core.StandardWrapper

org.apache.catalina.core.TestStandardContext$Bug50015SCI

org.apache.catalina.core.TestStandardContext$DenyUncoveredHttpMethodsSCI

org.apache.catalina.deploy.TestSecurityConstraint

org.apache.catalina.realm.TestRealmBase

org.apache.catalina.startup.ContextConfig

org.apache.geronimo.testsuite.servlet30.main.SampleServletContextListener

org.apache.geronimo.web.security.WebSecurityConstraintStore

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.