Examples of org.apache.tomcat.util.descriptor.web.SecurityConstraint

Package org.apache.tomcat.util.descriptor.web

Examples of org.apache.tomcat.util.descriptor.web.SecurityConstraint

org.apache.tomcat.util.descriptor.web.SecurityConstraint
Representation of a security constraint element for a web application, as represented in a <security-constraint> element in the deployment descriptor.
WARNING: It is assumed that instances of this class will be created and modified only within the context of a single thread, before the instance is made visible to the remainder of the application. After that, only read access is expected. Therefore, none of the read and write access within this class is synchronized. @author Craig R. McClanahan @version $Id: SecurityConstraint.java 1500964 2013-07-08 21:24:05Z markt $

        ctx.addServletMapping("/protected", "simple");


        // Security constraints
        SecurityCollection collection = new SecurityCollection();
        collection.addPattern("/protected");
        SecurityConstraint sc = new SecurityConstraint();
        sc.addAuthRole("testrole");
        sc.addCollection(collection);
        ctx.addConstraint(sc);


        // Configure the Realm
        TesterMapRealm realm = new TesterMapRealm();
        realm.addUser("CN=user1, C=US", "not used");

View Full Code Here

     */
    protected void authenticatorConfig() {


        LoginConfig loginConfig = context.getLoginConfig();


        SecurityConstraint constraints[] = context.findConstraints();
        if (context.getIgnoreAnnotations() &&
                (constraints == null || constraints.length ==0) &&
                !context.getPreemptiveAuthentication())  {
            return;
        } else {

View Full Code Here

     * instance variable to <code>false</code> as well).
     */
    protected void validateSecurityRoles() {


        // Check role names used in <security-constraint> elements
        SecurityConstraint constraints[] = context.findConstraints();
        for (int i = 0; i < constraints.length; i++) {
            String roles[] = constraints[i].findAuthRoles();
            for (int j = 0; j < roles.length; j++) {
                if (!"*".equals(roles[j]) &&
                    !context.findSecurityRole(roles[j])) {

View Full Code Here

            }
        }


        // Add this constraint to the set for our web application
        synchronized (constraintsLock) {
            SecurityConstraint results[] =
                new SecurityConstraint[constraints.length + 1];
            for (int i = 0; i < constraints.length; i++)
                results[i] = constraints[i];
            results[constraints.length] = constraint;
            constraints = results;

View Full Code Here

            if (n < 0)
                return;


            // Remove the specified constraint
            int j = 0;
            SecurityConstraint results[] =
                new SecurityConstraint[constraints.length - 1];
            for (int i = 0; i < constraints.length; i++) {
                if (i != n)
                    results[j++] = constraints[i];
            }

View Full Code Here

                    collection.addMethod("GET");
                    collection.addMethod("POST");
                    collection.addPattern("/*");
                    collection.setName(role);


                    final SecurityConstraint sc = new SecurityConstraint();
                    sc.addAuthRole("*");
                    sc.addCollection(collection);
                    sc.setAuthConstraint(true);
                    sc.setUserConstraint(transportGuarantee);


                    context.addConstraint(sc);
                    context.addSecurityRole(role);
                }
            }

View Full Code Here

                collection.addMethod("GET");
                collection.addMethod("POST");
                collection.addPattern("/*");
                collection.setName(role);


                final SecurityConstraint sc = new SecurityConstraint();
                sc.addAuthRole("*");
                sc.addCollection(collection);
                sc.setAuthConstraint(true);
                sc.setUserConstraint(transportGuarantee);


                context.addConstraint(sc);
                context.addSecurityRole(role);
            }

View Full Code Here

    public SecurityConstraint [] findSecurityConstraints(Request request,
                                                         Context context) {


        ArrayList<SecurityConstraint> results = null;
        // Are there any defined security constraints?
        SecurityConstraint constraints[] = context.findConstraints();
        if ((constraints == null) || (constraints.length == 0)) {
            if (log.isDebugEnabled())
                log.debug("  No applicable constraints defined");
            return (null);
        }

View Full Code Here

        // Which user principal have we already authenticated?
        Principal principal = request.getPrincipal();
        boolean status = false;
        boolean denyfromall = false;
        for(int i=0; i < constraints.length; i++) {
            SecurityConstraint constraint = constraints[i];


            String roles[];
            if (constraint.getAllRoles()) {
                // * means all roles defined in web.xml
                roles = request.getContext().findSecurityRoles();
            } else {
                roles = constraint.findAuthRoles();
            }


            if (roles == null)
                roles = new String[0];


            if (log.isDebugEnabled())
                log.debug("  Checking roles " + principal);


            if (constraint.getAuthenticatedUsers() && principal != null) {
                if (log.isDebugEnabled()) {
                    log.debug("Passing all authenticated users");
                }
                status = true;
            } else if (roles.length == 0 && !constraint.getAllRoles() &&
                    !constraint.getAuthenticatedUsers()) {
                if(constraint.getAuthConstraint()) {
                    if( log.isDebugEnabled() )
                        log.debug("No roles");
                    status = false; // No listed roles means no access at all
                    denyfromall = true;
                    break;
                }


                if(log.isDebugEnabled())
                    log.debug("Passing all access");
                status = true;
            } else if (principal == null) {
                if (log.isDebugEnabled())
                    log.debug("  No user authenticated, cannot grant access");
            } else {
                for (int j = 0; j < roles.length; j++) {
                    if (hasRole(null, principal, roles[j])) {
                        status = true;
                        if( log.isDebugEnabled() )
                            log.debug( "Role found:  " + roles[j]);
                    }
                    else if( log.isDebugEnabled() )
                        log.debug( "No role found:  " + roles[j]);
                }
            }
        }


        if (!denyfromall && allRolesMode != AllRolesMode.STRICT_MODE &&
                !status && principal != null) {
            if (log.isDebugEnabled()) {
                log.debug("Checking for all roles mode: " + allRolesMode);
            }
            // Check for an all roles(role-name="*")
            for (int i = 0; i < constraints.length; i++) {
                SecurityConstraint constraint = constraints[i];
                String roles[];
                // If the all roles mode exists, sets
                if (constraint.getAllRoles()) {
                    if (allRolesMode == AllRolesMode.AUTH_ONLY_MODE) {
                        if (log.isDebugEnabled()) {
                            log.debug("Granting access for role-name=*, auth-only");
                        }
                        status = true;

View Full Code Here

            if (log.isDebugEnabled())
                log.debug("  No applicable security constraint defined");
            return (true);
        }
        for(int i=0; i < constraints.length; i++) {
            SecurityConstraint constraint = constraints[i];
            String userConstraint = constraint.getUserConstraint();
            if (userConstraint == null) {
                if (log.isDebugEnabled())
                    log.debug("  No applicable user data constraint defined");
                return (true);
            }

View Full Code Here

0 1 2 3 4 5 6 7 8

TOP

Related Classes of org.apache.tomcat.util.descriptor.web.SecurityConstraint

com.cloudera.oryx.lambda.serving.ServingLayer

de.javakaffee.web.msm.integration.Tomcat8Builder

org.apache.catalina.authenticator.TestDigestAuthenticator

org.apache.catalina.authenticator.TestFormAuthenticator$FormAuthClientSelectedMethods

org.apache.catalina.authenticator.TestNonLoginAndBasicAuthenticator

org.apache.catalina.authenticator.TestSSOnonLoginAndBasicAuthenticator

org.apache.catalina.authenticator.TestSSOnonLoginAndDigestAuthenticator

org.apache.catalina.core.StandardContext

org.apache.catalina.realm.RealmBase

org.apache.catalina.realm.TestRealmBase

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.