Examples of org.apache.catalina.deploy.SecurityConstraint

org.apache.catalina.deploy.SecurityConstraint
Representation of a security constraint element for a web application, as represented in a <security-constraint> element in the deployment descriptor.
WARNING: It is assumed that instances of this class will be created and modified only within the context of a single thread, before the instance is made visible to the remainder of the application. After that, only read access is expected. Therefore, none of the read and write access within this class is synchronized. @author Craig R. McClanahan @version $Revision: 1237 $ $Date: 2009-11-03 02:55:48 +0100 (Tue, 03 Nov 2009) $

        // Which user principal have we already authenticated?
        Principal principal = request.getPrincipal();
        boolean status = false;
        boolean denyfromall = false;
        for(int i=0; i < constraints.length; i++) {
            SecurityConstraint constraint = constraints[i];
            String roles[] = constraint.findAuthRoles();
            if (roles == null)
                roles = new String[0];


            if (constraint.getAllRoles() && !denyfromall)
                status = true;


            if (log.isDebugEnabled())
                log.debug("  Checking roles " + principal);


            if (roles.length == 0) {
                if(constraint.getAuthConstraint()) {
                    if( log.isDebugEnabled() )
                        log.debug("No roles ");
                    status = false; // No listed roles means no access at all
                    denyfromall = true;
                } else {

View Full Code Here

            if (log.isDebugEnabled())
                log.debug("  No applicable security constraint defined");
            return (true);
        }
        for(int i=0; i < constraints.length; i++) {
            SecurityConstraint constraint = constraints[i];
            String userConstraint = constraint.getUserConstraint();
            if (userConstraint == null) {
                if (log.isDebugEnabled())
                    log.debug("  No applicable user data constraint defined");
                return (true);
            }

View Full Code Here

            }
        }


        // Add this constraint to the set for our web application
        synchronized (constraints) {
            SecurityConstraint results[] =
                new SecurityConstraint[constraints.length + 1];
            for (int i = 0; i < constraints.length; i++)
                results[i] = constraints[i];
            results[constraints.length] = constraint;
            constraints = results;

View Full Code Here

            if (n < 0)
                return;


            // Remove the specified constraint
            int j = 0;
            SecurityConstraint results[] =
                new SecurityConstraint[constraints.length - 1];
            for (int i = 0; i < constraints.length; i++) {
                if (i != n)
                    results[j++] = constraints[i];
            }

View Full Code Here

     * already been configured.
     */
    private synchronized void authenticatorConfig() {


        // Does this Context require an Authenticator?
        SecurityConstraint constraints[] = context.findConstraints();
        if ((constraints == null) || (constraints.length == 0))
            return;
        LoginConfig loginConfig = context.getLoginConfig();
        if (loginConfig == null) {
            loginConfig = new LoginConfig("NONE", null, null, null);

View Full Code Here

     * instance variable to <code>false</code> as well).
     */
    private void validateSecurityRoles() {


        // Check role names used in <security-constraint> elements
        SecurityConstraint constraints[] = context.findConstraints();
        for (int i = 0; i < constraints.length; i++) {
            String roles[] = constraints[i].findAuthRoles();
            for (int j = 0; j < roles.length; j++) {
                if (!"*".equals(roles[j]) &&
                    !context.findSecurityRole(roles[j])) {

View Full Code Here

     */
    protected void authenticatorConfig() {


        LoginConfig loginConfig = context.getLoginConfig();


        SecurityConstraint constraints[] = context.findConstraints();
        if (context.getIgnoreAnnotations() &&
                (constraints == null || constraints.length ==0) &&
                !context.getPreemptiveAuthentication())  {
            return;
        } else {

View Full Code Here

     * instance variable to <code>false</code> as well).
     */
    protected void validateSecurityRoles() {


        // Check role names used in <security-constraint> elements
        SecurityConstraint constraints[] = context.findConstraints();
        for (int i = 0; i < constraints.length; i++) {
            String roles[] = constraints[i].findAuthRoles();
            for (int j = 0; j < roles.length; j++) {
                if (!"*".equals(roles[j]) &&
                    !context.findSecurityRole(roles[j])) {

View Full Code Here

            }
        }


        // Add this constraint to the set for our web application
        synchronized (constraintsLock) {
            SecurityConstraint results[] =
                new SecurityConstraint[constraints.length + 1];
            for (int i = 0; i < constraints.length; i++)
                results[i] = constraints[i];
            results[constraints.length] = constraint;
            constraints = results;

View Full Code Here

            if (n < 0)
                return;


            // Remove the specified constraint
            int j = 0;
            SecurityConstraint results[] =
                new SecurityConstraint[constraints.length - 1];
            for (int i = 0; i < constraints.length; i++) {
                if (i != n)
                    results[j++] = constraints[i];
            }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.catalina.deploy.SecurityConstraint

de.javakaffee.web.msm.integration.Tomcat6Builder

de.javakaffee.web.msm.integration.Tomcat7Builder

net.myrrix.web.Runner

org.apache.beehive.netui.tomcat.PageflowHelperImpl

org.apache.catalina.authenticator.AuthenticatorBase

org.apache.catalina.authenticator.TestDigestAuthenticator

org.apache.catalina.authenticator.TesterDigestAuthenticatorPerformance

org.apache.catalina.authenticator.TestFormAuthenticator$FormAuthClientSelectedMethods

org.apache.catalina.authenticator.TestNonLoginAndBasicAuthenticator

org.apache.catalina.authenticator.TestSSOnonLoginAndBasicAuthenticator

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.