1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.util.security;
20
21 import java.io.Serializable;
22 import java.util.Arrays;
23
24
25
26
27
28
29 public class Constraint implements Cloneable, Serializable
30 {
31
32 public final static String __BASIC_AUTH = "BASIC";
33
34 public final static String __FORM_AUTH = "FORM";
35
36 public final static String __DIGEST_AUTH = "DIGEST";
37
38 public final static String __CERT_AUTH = "CLIENT_CERT";
39
40 public final static String __CERT_AUTH2 = "CLIENT-CERT";
41
42 public final static String __SPNEGO_AUTH = "SPNEGO";
43
44 public final static String __NEGOTIATE_AUTH = "NEGOTIATE";
45
46 public static boolean validateMethod (String method)
47 {
48 if (method == null)
49 return false;
50 method = method.trim();
51 return (method.equals(__FORM_AUTH)
52 || method.equals(__BASIC_AUTH)
53 || method.equals (__DIGEST_AUTH)
54 || method.equals (__CERT_AUTH)
55 || method.equals(__CERT_AUTH2)
56 || method.equals(__SPNEGO_AUTH)
57 || method.equals(__NEGOTIATE_AUTH));
58 }
59
60
61 public final static int DC_UNSET = -1, DC_NONE = 0, DC_INTEGRAL = 1, DC_CONFIDENTIAL = 2, DC_FORBIDDEN = 3;
62
63
64 public final static String NONE = "NONE";
65
66 public final static String ANY_ROLE = "*";
67
68 public final static String ANY_AUTH = "**";
69
70
71 private String _name;
72
73 private String[] _roles;
74
75 private int _dataConstraint = DC_UNSET;
76
77 private boolean _anyRole = false;
78
79 private boolean _anyAuth = false;
80
81 private boolean _authenticate = false;
82
83
84
85
86
87 public Constraint()
88 {
89 }
90
91
92
93
94
95
96
97
98 public Constraint(String name, String role)
99 {
100 setName(name);
101 setRoles(new String[] { role });
102 }
103
104
105 @Override
106 public Object clone() throws CloneNotSupportedException
107 {
108 return super.clone();
109 }
110
111
112
113
114
115 public void setName(String name)
116 {
117 _name = name;
118 }
119
120
121 public String getName()
122 {
123 return _name;
124 }
125
126
127 public void setRoles(String[] roles)
128 {
129 _roles = roles;
130 _anyRole = false;
131 _anyAuth = false;
132 if (roles != null)
133 {
134 for (int i = roles.length; i-- > 0;)
135 {
136 _anyRole |= ANY_ROLE.equals(roles[i]);
137 _anyAuth |= ANY_AUTH.equals(roles[i]);
138 }
139 }
140 }
141
142
143
144
145
146 public boolean isAnyRole()
147 {
148 return _anyRole;
149 }
150
151
152
153
154
155
156 public boolean isAnyAuth()
157 {
158 return _anyAuth;
159 }
160
161
162
163
164
165 public String[] getRoles()
166 {
167 return _roles;
168 }
169
170
171
172
173
174
175 public boolean hasRole(String role)
176 {
177 if (_anyRole) return true;
178 if (_roles != null) for (int i = _roles.length; i-- > 0;)
179 if (role.equals(_roles[i])) return true;
180 return false;
181 }
182
183
184
185
186
187 public void setAuthenticate(boolean authenticate)
188 {
189 _authenticate = authenticate;
190 }
191
192
193
194
195
196 public boolean getAuthenticate()
197 {
198 return _authenticate;
199 }
200
201
202
203
204
205 public boolean isForbidden()
206 {
207 return _authenticate && !_anyRole && (_roles == null || _roles.length == 0);
208 }
209
210
211
212
213
214
215 public void setDataConstraint(int c)
216 {
217 if (c < 0 || c > DC_CONFIDENTIAL) throw new IllegalArgumentException("Constraint out of range");
218 _dataConstraint = c;
219 }
220
221
222
223
224
225
226 public int getDataConstraint()
227 {
228 return _dataConstraint;
229 }
230
231
232
233
234
235 public boolean hasDataConstraint()
236 {
237 return _dataConstraint >= DC_NONE;
238 }
239
240
241 @Override
242 public String toString()
243 {
244 return "SC{" + _name
245 + ","
246 + (_anyRole ? "*" : (_roles == null ? "-" : Arrays.asList(_roles).toString()))
247 + ","
248 + (_dataConstraint == DC_UNSET ? "DC_UNSET}" : (_dataConstraint == DC_NONE ? "NONE}" : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
249 }
250
251 }