public class ConstraintSecurityHandler extends SecurityHandler implements ConstraintAware
SecurityHandler.NotChecked
AbstractLifeCycle.AbstractLifeCycleListener
LifeCycle.Listener
__NO_USER, __NOBODY
_handler
_listeners, FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING
Constructor and Description |
---|
ConstraintSecurityHandler() |
Modifier and Type | Method and Description |
---|---|
void |
addConstraintMapping(ConstraintMapping mapping)
Add a Constraint Mapping.
|
void |
addRole(String role)
Add a Role definition.
|
protected boolean |
checkUserDataPermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo) |
protected boolean |
checkWebResourcePermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo,
UserIdentity userIdentity) |
protected void |
doStart()
Start the managed lifecycle beans in the order they were added.
|
protected void |
doStop()
Stop the joined lifecycle beans in the reverse order they were added.
|
void |
dump(Appendable out,
String indent) |
List<ConstraintMapping> |
getConstraintMappings() |
Set<String> |
getRoles() |
protected boolean |
isAuthMandatory(Request baseRequest,
Response base_response,
Object constraintInfo) |
boolean |
isStrict()
Get the strict mode.
|
protected Object |
prepareConstraintInfo(String pathInContext,
Request request) |
protected void |
processConstraintMapping(ConstraintMapping mapping) |
void |
setConstraintMappings(ConstraintMapping[] constraintMappings)
Process the constraints following the combining rules in Servlet 3.0 EA
spec section 13.7.1 Note that much of the logic is in the RoleInfo class.
|
void |
setConstraintMappings(List<ConstraintMapping> constraintMappings)
Process the constraints following the combining rules in Servlet 3.0 EA
spec section 13.7.1 Note that much of the logic is in the RoleInfo class.
|
void |
setConstraintMappings(List<ConstraintMapping> constraintMappings,
Set<String> roles)
Process the constraints following the combining rules in Servlet 3.0 EA
spec section 13.7.1 Note that much of the logic is in the RoleInfo class.
|
void |
setRoles(Set<String> roles)
Set the known roles.
|
void |
setStrict(boolean strict)
Set the strict mode of the security handler.
|
checkSecurity, findIdentityService, findLoginService, getAuthenticator, getAuthenticatorFactory, getAuthMethod, getCurrentSecurityHandler, getIdentityService, getInitParameter, getInitParameterNames, getLoginService, getRealmName, handle, isCheckWelcomeFiles, isSessionRenewedOnAuthentication, logout, setAuthenticator, setAuthenticatorFactory, setAuthMethod, setCheckWelcomeFiles, setIdentityService, setInitParameter, setLoginService, setRealmName, setSessionRenewedOnAuthentication
destroy, expandChildren, getHandler, getHandlers, getNestedHandlerByClass, setHandler, setServer
expandHandler, findContainerOf, getChildHandlerByClass, getChildHandlers, getChildHandlersByClass
dumpThis, getServer
addBean, addBean, contains, dump, dump, dump, dump, dumpObject, dumpStdErr, getBean, getBeans, getBeans, isManaged, manage, removeBean, removeBeans, unmanage
addLifeCycleListener, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop
public boolean isStrict()
public void setStrict(boolean strict)
When in strict mode (the default), the full servlet specification will be implemented. If not in strict mode, some additional flexibility in configuration is allowed:
strict
- the strict to setsetRoles(Set)
,
setConstraintMappings(List, Set)
public List<ConstraintMapping> getConstraintMappings()
getConstraintMappings
in interface ConstraintAware
public Set<String> getRoles()
getRoles
in interface ConstraintAware
public void setConstraintMappings(List<ConstraintMapping> constraintMappings)
constraintMappings
- The constraintMappings to set, from which the set of known roles
is determined.public void setConstraintMappings(ConstraintMapping[] constraintMappings)
constraintMappings
- The constraintMappings to set as array, from which the set of known roles
is determined. Needed to retain API compatibility for 7.xpublic void setConstraintMappings(List<ConstraintMapping> constraintMappings, Set<String> roles)
setConstraintMappings
in interface ConstraintAware
constraintMappings
- The constraintMappings to set.roles
- The known roles (or null to determine them from the mappings)public void setRoles(Set<String> roles)
setConstraintMappings(ConstraintMapping[])
or
setConstraintMappings(List, Set)
.roles
- The known roles (or null to determine them from the mappings)setStrict(boolean)
public void addConstraintMapping(ConstraintMapping mapping)
ConstraintAware
addConstraintMapping
in interface ConstraintAware
ConstraintAware.addConstraintMapping(org.eclipse.jetty.security.ConstraintMapping)
public void addRole(String role)
ConstraintAware
addRole
in interface ConstraintAware
ConstraintAware.addRole(java.lang.String)
protected void doStart() throws Exception
AggregateLifeCycle
doStart
in class SecurityHandler
Exception
SecurityHandler.doStart()
protected void doStop() throws Exception
AggregateLifeCycle
doStop
in class SecurityHandler
Exception
HandlerWrapper.doStop()
protected void processConstraintMapping(ConstraintMapping mapping)
protected Object prepareConstraintInfo(String pathInContext, Request request)
prepareConstraintInfo
in class SecurityHandler
protected boolean checkUserDataPermissions(String pathInContext, Request request, Response response, Object constraintInfo) throws IOException
checkUserDataPermissions
in class SecurityHandler
IOException
protected boolean isAuthMandatory(Request baseRequest, Response base_response, Object constraintInfo)
isAuthMandatory
in class SecurityHandler
protected boolean checkWebResourcePermissions(String pathInContext, Request request, Response response, Object constraintInfo, UserIdentity userIdentity) throws IOException
checkWebResourcePermissions
in class SecurityHandler
IOException
public void dump(Appendable out, String indent) throws IOException
dump
in interface Dumpable
dump
in class AbstractHandlerContainer
IOException
Copyright © 1995-2012 Mort Bay Consulting. All Rights Reserved.