1
2
3
4
5
6
7
8
9
10
11
12
13
14 package org.eclipse.jetty.http.security;
15
16 import java.io.Serializable;
17
18
19
20
21
22
23
24 public class Constraint implements Cloneable, Serializable
25 {
26
27 public final static String __BASIC_AUTH = "BASIC";
28
29 public final static String __FORM_AUTH = "FORM";
30
31 public final static String __DIGEST_AUTH = "DIGEST";
32
33 public final static String __CERT_AUTH = "CLIENT_CERT";
34
35 public final static String __CERT_AUTH2 = "CLIENT-CERT";
36
37 public final static String __SPNEGO_AUTH = "SPNEGO";
38
39 public static boolean validateMethod (String method)
40 {
41 if (method == null)
42 return false;
43 method = method.trim();
44 return (method.equals(__FORM_AUTH)
45 || method.equals(__BASIC_AUTH)
46 || method.equals (__DIGEST_AUTH)
47 || method.equals (__CERT_AUTH)
48 || method.equals(__CERT_AUTH2)
49 || method.equals(__SPNEGO_AUTH));
50 }
51
52
53 public final static int DC_UNSET = -1, DC_NONE = 0, DC_INTEGRAL = 1, DC_CONFIDENTIAL = 2, DC_FORBIDDEN = 3;
54
55
56 public final static String NONE = "NONE";
57
58 public final static String ANY_ROLE = "*";
59
60
61 private String _name;
62
63 private String[] _roles;
64
65 private int _dataConstraint = DC_UNSET;
66
67 private boolean _anyRole = false;
68
69 private boolean _authenticate = false;
70
71
72
73
74
75 public Constraint()
76 {
77 }
78
79
80
81
82
83
84
85
86 public Constraint(String name, String role)
87 {
88 setName(name);
89 setRoles(new String[] { role });
90 }
91
92
93 @Override
94 public Object clone() throws CloneNotSupportedException
95 {
96 return super.clone();
97 }
98
99
100
101
102
103 public void setName(String name)
104 {
105 _name = name;
106 }
107
108
109 public void setRoles(String[] roles)
110 {
111 _roles = roles;
112 _anyRole = false;
113 if (roles != null)
114 for (int i = roles.length; !_anyRole && i-- > 0;)
115 _anyRole |= ANY_ROLE.equals(roles[i]);
116 }
117
118
119
120
121
122 public boolean isAnyRole()
123 {
124 return _anyRole;
125 }
126
127
128
129
130
131 public String[] getRoles()
132 {
133 return _roles;
134 }
135
136
137
138
139
140
141 public boolean hasRole(String role)
142 {
143 if (_anyRole) return true;
144 if (_roles != null) for (int i = _roles.length; i-- > 0;)
145 if (role.equals(_roles[i])) return true;
146 return false;
147 }
148
149
150
151
152
153 public void setAuthenticate(boolean authenticate)
154 {
155 _authenticate = authenticate;
156 }
157
158
159
160
161
162 public boolean getAuthenticate()
163 {
164 return _authenticate;
165 }
166
167
168
169
170
171 public boolean isForbidden()
172 {
173 return _authenticate && !_anyRole && (_roles == null || _roles.length == 0);
174 }
175
176
177
178
179
180
181 public void setDataConstraint(int c)
182 {
183 if (c < 0 || c > DC_CONFIDENTIAL) throw new IllegalArgumentException("Constraint out of range");
184 _dataConstraint = c;
185 }
186
187
188
189
190
191
192 public int getDataConstraint()
193 {
194 return _dataConstraint;
195 }
196
197
198
199
200
201 public boolean hasDataConstraint()
202 {
203 return _dataConstraint >= DC_NONE;
204 }
205
206
207 @Override
208 public String toString()
209 {
210 return "SC{" + _name
211 + ","
212 + (_anyRole ? "*" : (_roles == null ? "-" : _roles.toString()))
213 + ","
214 + (_dataConstraint == DC_UNSET ? "DC_UNSET}" : (_dataConstraint == DC_NONE ? "NONE}" : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
215 }
216
217 }