Examples of WebResourcePermission

Examples of javax.security.jacc.WebResourcePermission

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));

        Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set<String> securityRoles = new HashSet<String>();
        securityRoles.add("content-administrator");
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));

        Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set<String> securityRoles = new HashSet<String>();
        securityRoles.add("content-administrator");
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

55
56
57
58
59
60
61
62
63
64
65
        }
    }

    public boolean isAuthMandatory(Request request, Object constraints) {
        try {
            defaultACC.checkPermission(new WebResourcePermission(request));
            return false;
        } catch (AccessControlException e) {
            return true;
        }
    }
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

69
70
71
72
73
74
75
76
77
78
79
            return false;
        }

        AccessControlContext acc = ((JACCUserIdentity)userIdentity).getAccessControlContext();
        try {
            acc.checkPermission(new WebResourcePermission(request));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
        PermissionCollection uncheckedPermissions = new Permissions();
        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));

        PermissionCollection excludedPermissions = new Permissions();
        uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));
//        uncheckedPermissions.add(new WebResourcePermission("/auth/j_security_check", ""));
        uncheckedPermissions.add(new WebUserDataPermission("/auth/j_security_check", ""));

        Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
        PermissionCollection permissions = new Permissions();
        permissions.add(new WebResourcePermission("/protected/*", ""));
        rolePermissions.put("content-administrator", permissions);
        rolePermissions.put("auto-administrator", permissions);

        Set<String> securityRoles = new HashSet<String>();
        securityRoles.add("content-administrator");
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

143
144
145
146
147
148
149
150
151
152
153
        AccessControlContext acc = ((GeronimoUserIdentity)userIdentity).getAccessControlContext();
        return checkWebResourcePermission(request, acc);
    }

    private boolean checkWebResourcePermission(Request request, AccessControlContext acc) {
        WebResourcePermission webResourcePermission = new WebResourcePermission(request);
        /**
         * JACC v1.0 section 4.1.2
         */
        //user is not logged in: if access denied, try to log them in.
        try {
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

122
123
124
125
126
127
128
129
130
131
132
        //Setup default JSP Factory
        Class.forName("org.apache.jasper.compiler.JspRuntimeContext");
        if (securityHandlerFactory == null) {
            Permissions unchecked = new Permissions();
            unchecked.add(new WebUserDataPermission("/", null));
            unchecked.add(new WebResourcePermission("/", ""));
            ComponentPermissions componentPermissions = new ComponentPermissions(new Permissions(), unchecked, Collections.<String, PermissionCollection>emptyMap());
            applicationPolicyConfigurationManager = setUpJACC(Collections.<String, SubjectInfo>emptyMap(), Collections.<Principal, Set<String>>emptyMap(), componentPermissions, policyContextId);
            LoginService loginService = newLoginService();
//            final ServletCallbackHandler callbackHandler = new ServletCallbackHandler(loginService);
            final Subject subject = new Subject();
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

49
50
51
52
53
54
55
56
57
58
59
        WebAppInfoBuilder webAppInfoBuilder = new WebAppInfoBuilder(webApp, new DefaultWebAppInfoFactory());
        webAppInfoBuilder.build();
        SpecSecurityBuilder builder = new SpecSecurityBuilder(webAppInfoBuilder.getWebAppInfo());
        ComponentPermissions permissions = builder.buildSpecSecurityConfig();
        PermissionCollection unchecked = permissions.getUncheckedPermissions();
        assertTrue(unchecked.implies(new WebResourcePermission("/login.do", "!")));
        assertTrue(unchecked.implies(new WebResourcePermission("/foo", "!")));
        assertFalse(unchecked.implies(new WebResourcePermission("/foo.do", "!")));
        PermissionCollection adminPermissions = permissions.getRolePermissions().get("Admin");
        assertTrue(adminPermissions.implies(new WebResourcePermission("foo.do", "GET,POST")));
    }
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

67
68
69
70
71
72
73
74
75
76
        WebApp webApp = parse("security/web2.xml");
        WebAppInfoBuilder webAppInfoBuilder = new WebAppInfoBuilder(webApp, new DefaultWebAppInfoFactory());
        webAppInfoBuilder.build();
        SpecSecurityBuilder builder = new SpecSecurityBuilder(webAppInfoBuilder.getWebAppInfo());
        ComponentPermissions permissions = builder.buildSpecSecurityConfig();
        Permission p = new WebResourcePermission("/Test/Foo", "GET,POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(new WebResourcePermission("/Test", ""), permissions, null));
        assertFalse(implies(new WebResourcePermission("/Test", "!"), permissions, null));
    }
View Full Code Here

Examples of javax.security.jacc.WebResourcePermission

79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
        WebApp webApp = parse("security/web3.xml");
        WebAppInfoBuilder webAppInfoBuilder = new WebAppInfoBuilder(webApp, new DefaultWebAppInfoFactory());
        webAppInfoBuilder.build();
        SpecSecurityBuilder builder = new SpecSecurityBuilder(webAppInfoBuilder.getWebAppInfo());
        ComponentPermissions permissions = builder.buildSpecSecurityConfig();
        Permission p = new WebResourcePermission("/Test/Foo", "GET,POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, null));
        p = new WebResourcePermission("/Test/Bar/Foo", "GET,POST");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, null));
        // check only GET method excluded here.
        p = new WebResourcePermission("/Test/Baz/Foo", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        p = new WebResourcePermission("/Test/Baz/Foo", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        // test excluding longer path than allowed
        p = new WebResourcePermission("/Foo/Baz", "GET");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "POST");
        assertTrue(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
        p = new WebResourcePermission("/Foo/Bar/Foo", "GET");
        assertFalse(implies(p, permissions, "Admin"));
        assertFalse(implies(p, permissions, "Peon"));
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.