Package org.apache.catalina.deploy

Examples of org.apache.catalina.deploy.SecurityConstraint.findAuthRoles()


        // Which user principal have we already authenticated?
        Principal principal =
            ((HttpServletRequest) request.getRequest()).getUserPrincipal();
        for(int i=0; i < constraints.length; i++) {
            SecurityConstraint constraint = constraints[i];
            String roles[] = constraint.findAuthRoles();
            if (roles == null)
                roles = new String[0];

            if (constraint.getAllRoles())
                return (true);
View Full Code Here


        // Which user principal have we already authenticated?
        Principal principal =
            ((HttpServletRequest) request.getRequest()).getUserPrincipal();
        for(int i=0; i < constraints.length; i++) {
            SecurityConstraint constraint = constraints[i];
            String roles[] = constraint.findAuthRoles();
            if (roles == null)
                roles = new String[0];

            if (constraint.getAllRoles())
                return (true);
View Full Code Here

        SecurityConstraint[] constraints = context.findConstraints();
        for (int i = 0; i < constraints.length; i++) {
            SecurityConstraint sc = constraints[i];
            SecurityCollection[] resources = sc.findCollections();
            String transport = sc.getUserConstraint();
            if ((sc.getAuthConstraint() && (sc.findAuthRoles().length == 0 && !sc.getAllRoles())) || !sc.getAuthConstraint()) {
                // Process the permissions for the excluded/unchecked resources
                for (int j = 0; j < resources.length; j++) {
                    SecurityCollection wrc = resources[j];
                    String[] httpMethods = wrc.findMethods();
                    String[] urlPatterns = wrc.findPatterns();
View Full Code Here

                    String[] urlPatterns = wrc.findPatterns();
                    for (int n = 0; n < urlPatterns.length; n++) {
                        String url = urlPatterns[n];
                        PatternInfo info = (PatternInfo) patternMap.get(url);
                        // Add the excluded methods
                        if (sc.getAuthConstraint() && (sc.findAuthRoles().length == 0 && !sc.getAllRoles())) {
                            info.addExcludedMethods(Arrays.asList(httpMethods));
                        }
                        // SECURITY-63: Missing auth-constraint needs unchecked policy
                        if (!sc.getAuthConstraint())
                            info.isMissingAuthConstraint = true;
View Full Code Here

                    for (int n = 0; n < urlPatterns.length; n++) {
                        String url = urlPatterns[n];
                        // Get the qualified url pattern
                        PatternInfo info = (PatternInfo) patternMap.get(url);
                        HashSet<String> mappedRoles = new HashSet<String>();
                        String[] authRoles = sc.findAuthRoles();
                        for (int k = 0; k < authRoles.length; k++) {
                            String role = authRoles[k];
                            mappedRoles.add(role);
                        }
                        // was a wildcard role included?
View Full Code Here

            String roles[];
            if (constraint.getAllRoles()) {
                // * means all roles defined in web.xml
                roles = request.getContext().findSecurityRoles();
            } else {
                roles = constraint.findAuthRoles();
            }

            if (roles == null)
                roles = new String[0];

View Full Code Here

        // Which user principal have we already authenticated?
        Principal principal = request.getUserPrincipal();
        for(int i=0; i < constraints.length; i++) {
            SecurityConstraint constraint = constraints[i];
            String roles[] = constraint.findAuthRoles();
            if (roles == null)
                roles = new String[0];

            if (constraint.getAllRoles())
                return (true);
View Full Code Here

            String roles[];
            if (constraint.getAllRoles()) {
                // * means all roles defined in web.xml
                roles = request.getContext().findSecurityRoles();
            } else {
                roles = constraint.findAuthRoles();
            }

            if (roles == null)
                roles = new String[0];

View Full Code Here

            String roles[];
            if (constraint.getAllRoles()) {
                // * means all roles defined in web.xml
                roles = request.getContext().findSecurityRoles();
            } else {
                roles = constraint.findAuthRoles();
            }

            if (roles == null)
                roles = new String[0];

View Full Code Here

            String roles[];
            if (constraint.getAllRoles()) {
                // * means all roles defined in web.xml
                roles = request.getContext().findSecurityRoles();
            } else {
                roles = constraint.findAuthRoles();
            }

            if (roles == null)
                roles = new String[0];

View Full Code Here

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.