1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.util.security;
20
21 import java.io.Serializable;
22 import java.util.Arrays;
23
24
25
26
27
28
29
30 public class Constraint implements Cloneable, Serializable
31 {
32
33 public final static String __BASIC_AUTH = "BASIC";
34
35 public final static String __FORM_AUTH = "FORM";
36
37 public final static String __DIGEST_AUTH = "DIGEST";
38
39 public final static String __CERT_AUTH = "CLIENT_CERT";
40
41 public final static String __CERT_AUTH2 = "CLIENT-CERT";
42
43 public final static String __SPNEGO_AUTH = "SPNEGO";
44
45 public final static String __NEGOTIATE_AUTH = "NEGOTIATE";
46
47 public static boolean validateMethod (String method)
48 {
49 if (method == null)
50 return false;
51 method = method.trim();
52 return (method.equals(__FORM_AUTH)
53 || method.equals(__BASIC_AUTH)
54 || method.equals (__DIGEST_AUTH)
55 || method.equals (__CERT_AUTH)
56 || method.equals(__CERT_AUTH2)
57 || method.equals(__SPNEGO_AUTH)
58 || method.equals(__NEGOTIATE_AUTH));
59 }
60
61
62 public final static int DC_UNSET = -1, DC_NONE = 0, DC_INTEGRAL = 1, DC_CONFIDENTIAL = 2, DC_FORBIDDEN = 3;
63
64
65 public final static String NONE = "NONE";
66
67 public final static String ANY_ROLE = "*";
68
69
70 private String _name;
71
72 private String[] _roles;
73
74 private int _dataConstraint = DC_UNSET;
75
76 private boolean _anyRole = false;
77
78 private boolean _authenticate = false;
79
80
81
82
83
84 public Constraint()
85 {
86 }
87
88
89
90
91
92
93
94
95 public Constraint(String name, String role)
96 {
97 setName(name);
98 setRoles(new String[] { role });
99 }
100
101
102 @Override
103 public Object clone() throws CloneNotSupportedException
104 {
105 return super.clone();
106 }
107
108
109
110
111
112 public void setName(String name)
113 {
114 _name = name;
115 }
116
117
118 public void setRoles(String[] roles)
119 {
120 _roles = roles;
121 _anyRole = false;
122 if (roles != null)
123 for (int i = roles.length; !_anyRole && i-- > 0;)
124 _anyRole |= ANY_ROLE.equals(roles[i]);
125 }
126
127
128
129
130
131 public boolean isAnyRole()
132 {
133 return _anyRole;
134 }
135
136
137
138
139
140 public String[] getRoles()
141 {
142 return _roles;
143 }
144
145
146
147
148
149
150 public boolean hasRole(String role)
151 {
152 if (_anyRole) return true;
153 if (_roles != null) for (int i = _roles.length; i-- > 0;)
154 if (role.equals(_roles[i])) return true;
155 return false;
156 }
157
158
159
160
161
162 public void setAuthenticate(boolean authenticate)
163 {
164 _authenticate = authenticate;
165 }
166
167
168
169
170
171 public boolean getAuthenticate()
172 {
173 return _authenticate;
174 }
175
176
177
178
179
180 public boolean isForbidden()
181 {
182 return _authenticate && !_anyRole && (_roles == null || _roles.length == 0);
183 }
184
185
186
187
188
189
190 public void setDataConstraint(int c)
191 {
192 if (c < 0 || c > DC_CONFIDENTIAL) throw new IllegalArgumentException("Constraint out of range");
193 _dataConstraint = c;
194 }
195
196
197
198
199
200
201 public int getDataConstraint()
202 {
203 return _dataConstraint;
204 }
205
206
207
208
209
210 public boolean hasDataConstraint()
211 {
212 return _dataConstraint >= DC_NONE;
213 }
214
215
216 @Override
217 public String toString()
218 {
219 return "SC{" + _name
220 + ","
221 + (_anyRole ? "*" : (_roles == null ? "-" : Arrays.asList(_roles).toString()))
222 + ","
223 + (_dataConstraint == DC_UNSET ? "DC_UNSET}" : (_dataConstraint == DC_NONE ? "NONE}" : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
224 }
225
226 }