Package javax.servlet.annotation

Examples of javax.servlet.annotation.HttpConstraint

510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
                    if (logger.isDebugEnabled()) {
                        logger.debug("No url pattern for the servlet class " + servletClassName + " is found in the deployment plan, SecurityConstraint annotation is ignored");
                    }
                    continue;
                }
                HttpConstraint httpConstraint = servletSecurity.value();
                if (servletSecurity.httpMethodConstraints().length > 0) {
                    String[] omissionMethods = new String[servletSecurity.httpMethodConstraints().length];
                    int iIndex = 0;
                    for (HttpMethodConstraint httpMethodConstraint : servletSecurity.httpMethodConstraints()) {
                        //Generate a security-constraint for each HttpMethodConstraint
                        String httpMethod = httpMethodConstraint.value().trim();
                        omissionMethods[iIndex++] = httpMethod;
                        addNewHTTPMethodSecurityConstraint(annotationSecurityWebApp, httpMethodConstraint.rolesAllowed(), httpMethodConstraint.transportGuarantee(), httpMethodConstraint
                                .emptyRoleSemantic(), httpMethod, urlPatterns);
                    }
                    addNewHTTPSecurityConstraint(annotationSecurityWebApp, httpConstraint.rolesAllowed(), httpConstraint.transportGuarantee(), httpConstraint.value(), omissionMethods, urlPatterns);
                } else {
                    addNewHTTPSecurityConstraint(annotationSecurityWebApp, httpConstraint.rolesAllowed(), httpConstraint.transportGuarantee(), httpConstraint.value(), new String[] {}, urlPatterns);
                }
            }
        } catch (ClassNotFoundException e) {
            //Should never occur, as webservice builder  have already checked it.
            logger.error("Fail to load class", e);
View Full Code Here
67
68
69
70
71
72
73
74
75
76
77
78
                        if (!WebDeploymentValidationUtils.isValidHTTPMethod(httpMethod)) {
                            throw new DeploymentException("Invalid HTTP method value is found in the ServletSecurity annotation of the class " + servletClassName);
                        }
                    }
                } else {
                    HttpConstraint httpConstraint = servletSecurity.value();
                    if (httpConstraint.rolesAllowed().length > 0 && httpConstraint.value().equals(ServletSecurity.EmptyRoleSemantic.DENY)) {
                        throw new DeploymentException("EmptyRoleSemantic with value DENY is not allowed in combination with a non-empty rolesAllowed list in the class " + servletClassName);
                    }
                }
            }
        } catch (ClassNotFoundException e) {
View Full Code Here
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
        Set<String> urlPatterns = getUrlPatternsWithoutSecurityConstraint(webCompDesc);

        if (urlPatterns != null && urlPatterns.size() > 0) {
            WebBundleDescriptor webBundleDesc = webCompDesc.getWebBundleDescriptor();
            ServletSecurity servletSecurityAn = (ServletSecurity)ainfo.getAnnotation();
            HttpConstraint httpConstraint = servletSecurityAn.value();

            SecurityConstraint securityConstraint =
                    createSecurityConstraint(webBundleDesc,
                    urlPatterns, httpConstraint.rolesAllowed(),
                    httpConstraint.value(),
                    httpConstraint.transportGuarantee(),
                    null);

            // we know there is one WebResourceCollection there
            WebResourceCollection webResColl =
                    securityConstraint.getWebResourceCollections().iterator().next();
View Full Code Here
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
                        urlPatterns, httpMethodConstraint.rolesAllowed(),
                        httpMethodConstraint.emptyRoleSemantic(),
                        httpMethodConstraint.transportGuarantee(),
                        httpMethod);
            }
            HttpConstraint httpConstraint = servletSecurityAn.value();
            boolean isDefault = isDefaultHttpConstraint(httpConstraint);
            if (isDefault && (httpMethodConstraints.length > 0)) {
                if (logger.isLoggable(Level.FINER)) {
                    StringBuilder methodString = new StringBuilder();
                    for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
                        methodString.append(" ");
                        methodString.append(httpMethodConstraint.value());
                    }
                    for (String pattern : urlPatterns) {
                        logger.finer(
                                "Pattern: " + pattern +
                                " assumes default unprotected configuration for all methods except:"
                                + methodString);
                    }
                }
            }
            if (!isDefault || (httpMethodConstraints.length == 0)) {
                SecurityConstraint securityConstraint =
                        createSecurityConstraint(webBundleDesc,
                        urlPatterns, httpConstraint.rolesAllowed(),
                        httpConstraint.value(),
                        httpConstraint.transportGuarantee(),
                        null);

                // we know there is one WebResourceCollection there
                WebResourceCollection webResColl =
                        securityConstraint.getWebResourceCollections().iterator().next();
View Full Code Here
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
        Set<String> urlPatterns = getUrlPatternsWithoutSecurityConstraint(webCompDesc);

        if (urlPatterns != null && urlPatterns.size() > 0) {
            WebBundleDescriptor webBundleDesc = webCompDesc.getWebBundleDescriptor();
            ServletSecurity servletSecurityAn = (ServletSecurity)ainfo.getAnnotation();
            HttpConstraint httpConstraint = servletSecurityAn.value();

            SecurityConstraint securityConstraint =
                    createSecurityConstraint(webBundleDesc,
                    urlPatterns, httpConstraint.rolesAllowed(),
                    httpConstraint.value(),
                    httpConstraint.transportGuarantee(),
                    null);

            // we know there is one WebResourceCollection there
            WebResourceCollection webResColl =
                    securityConstraint.getWebResourceCollections().iterator().next();
View Full Code Here
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
      ServletSecurity servletSecurity = finder.getAnnotation(element, ServletSecurity.class);
      if (servletSecurity == null)
         return null;

      ServletSecurityMetaData metaData = new ServletSecurityMetaData();
      HttpConstraint httpConstraint = servletSecurity.value();
      HttpMethodConstraint[] httpMethodConstraints = servletSecurity.httpMethodConstraints();
     
      metaData.setEmptyRoleSemantic(EmptyRoleSemanticType.valueOf(httpConstraint.value().toString()));
      metaData.setTransportGuarantee(TransportGuaranteeType.valueOf(httpConstraint.transportGuarantee().toString()));
      List<String> rolesAllowed = new ArrayList<String>();
      for (String role : httpConstraint.rolesAllowed())
      {
         rolesAllowed.add(role);
      }
      metaData.setRolesAllowed(rolesAllowed);
     
View Full Code Here
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
        Set<String> urlPatterns = getUrlPatternsWithoutSecurityConstraint(webCompDesc);

        if (urlPatterns != null && urlPatterns.size() > 0) {
            WebBundleDescriptor webBundleDesc = webCompDesc.getWebBundleDescriptor();
            ServletSecurity servletSecurityAn = (ServletSecurity)ainfo.getAnnotation();
            HttpConstraint httpConstraint = servletSecurityAn.value();

            SecurityConstraint securityConstraint =
                    createSecurityConstraint(webBundleDesc,
                    urlPatterns, httpConstraint.rolesAllowed(),
                    httpConstraint.value(),
                    httpConstraint.transportGuarantee(),
                    null);

            // we know there is one WebResourceCollection there
            WebResourceCollection webResColl =
                    securityConstraint.getWebResourceCollections().iterator().next();
View Full Code Here
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
                        urlPatterns, httpMethodConstraint.rolesAllowed(),
                        httpMethodConstraint.emptyRoleSemantic(),
                        httpMethodConstraint.transportGuarantee(),
                        httpMethod);
            }
            HttpConstraint httpConstraint = servletSecurityAn.value();
            boolean isDefault = isDefaultHttpConstraint(httpConstraint);
            if (isDefault && (httpMethodConstraints.length > 0)) {
                if (logger.isLoggable(Level.FINER)) {
                    StringBuilder methodString = new StringBuilder();
                    for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
                        methodString.append(" ");
                        methodString.append(httpMethodConstraint.value());
                    }
                    for (String pattern : urlPatterns) {
                        logger.finer(
                                "Pattern: " + pattern +
                                " assumes default unprotected configuration for all methods except:"
                                + methodString);
                    }
                }
            }
            if (!isDefault || (httpMethodConstraints.length == 0)) {
                SecurityConstraint securityConstraint =
                        createSecurityConstraint(webBundleDesc,
                        urlPatterns, httpConstraint.rolesAllowed(),
                        httpConstraint.value(),
                        httpConstraint.transportGuarantee(),
                        null);

                // we know there is one WebResourceCollection there
                WebResourceCollection webResColl =
                        securityConstraint.getWebResourceCollections().iterator().next();
View Full Code Here
TOP

Related Classes of javax.servlet.annotation.HttpConstraint

  • com.sun.enterprise.deployment.annotation.handlers.ServletSecurityHandler
  • org.apache.geronimo.web.security.SpecSecurityBuilder
  • org.apache.geronimo.web25.deployment.merge.annotation.ServletSecurityAnnotationMergeHandler
  • org.glassfish.web.deployment.annotation.handlers.ServletSecurityHandler
  • org.jboss.metadata.annotation.creator.web.ServletSecurityProcessor
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.