1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.util.security;
20
21 import java.io.Serializable;
22 import java.util.Arrays;
23
24
25
26
27
28
29
30
31
32 public class Constraint implements Cloneable, Serializable
33 {
34
35 public final static String __BASIC_AUTH = "BASIC";
36
37 public final static String __FORM_AUTH = "FORM";
38
39 public final static String __DIGEST_AUTH = "DIGEST";
40
41 public final static String __CERT_AUTH = "CLIENT_CERT";
42
43 public final static String __CERT_AUTH2 = "CLIENT-CERT";
44
45 public final static String __SPNEGO_AUTH = "SPNEGO";
46
47 public final static String __NEGOTIATE_AUTH = "NEGOTIATE";
48
49 public static boolean validateMethod (String method)
50 {
51 if (method == null)
52 return false;
53 method = method.trim();
54 return (method.equals(__FORM_AUTH)
55 || method.equals(__BASIC_AUTH)
56 || method.equals (__DIGEST_AUTH)
57 || method.equals (__CERT_AUTH)
58 || method.equals(__CERT_AUTH2)
59 || method.equals(__SPNEGO_AUTH)
60 || method.equals(__NEGOTIATE_AUTH));
61 }
62
63
64 public final static int DC_UNSET = -1, DC_NONE = 0, DC_INTEGRAL = 1, DC_CONFIDENTIAL = 2, DC_FORBIDDEN = 3;
65
66
67 public final static String NONE = "NONE";
68
69 public final static String ANY_ROLE = "*";
70
71 public final static String ANY_AUTH = "**";
72
73
74 private String _name;
75
76 private String[] _roles;
77
78 private int _dataConstraint = DC_UNSET;
79
80 private boolean _anyRole = false;
81
82 private boolean _anyAuth = false;
83
84 private boolean _authenticate = false;
85
86
87
88
89
90 public Constraint()
91 {
92 }
93
94
95
96
97
98
99
100
101 public Constraint(String name, String role)
102 {
103 setName(name);
104 setRoles(new String[] { role });
105 }
106
107
108 @Override
109 public Object clone() throws CloneNotSupportedException
110 {
111 return super.clone();
112 }
113
114
115
116
117
118 public void setName(String name)
119 {
120 _name = name;
121 }
122
123
124 public void setRoles(String[] roles)
125 {
126 _roles = roles;
127 _anyRole = false;
128 _anyAuth = false;
129 if (roles != null)
130 {
131 for (int i = roles.length; i-- > 0;)
132 {
133 _anyRole |= ANY_ROLE.equals(roles[i]);
134 _anyAuth |= ANY_AUTH.equals(roles[i]);
135 }
136 }
137 }
138
139
140
141
142
143 public boolean isAnyRole()
144 {
145 return _anyRole;
146 }
147
148
149
150
151
152
153 public boolean isAnyAuth()
154 {
155 return _anyAuth;
156 }
157
158
159
160
161
162 public String[] getRoles()
163 {
164 return _roles;
165 }
166
167
168
169
170
171
172 public boolean hasRole(String role)
173 {
174 if (_anyRole) return true;
175 if (_roles != null) for (int i = _roles.length; i-- > 0;)
176 if (role.equals(_roles[i])) return true;
177 return false;
178 }
179
180
181
182
183
184 public void setAuthenticate(boolean authenticate)
185 {
186 _authenticate = authenticate;
187 }
188
189
190
191
192
193 public boolean getAuthenticate()
194 {
195 return _authenticate;
196 }
197
198
199
200
201
202 public boolean isForbidden()
203 {
204 return _authenticate && !_anyRole && (_roles == null || _roles.length == 0);
205 }
206
207
208
209
210
211
212 public void setDataConstraint(int c)
213 {
214 if (c < 0 || c > DC_CONFIDENTIAL) throw new IllegalArgumentException("Constraint out of range");
215 _dataConstraint = c;
216 }
217
218
219
220
221
222
223 public int getDataConstraint()
224 {
225 return _dataConstraint;
226 }
227
228
229
230
231
232 public boolean hasDataConstraint()
233 {
234 return _dataConstraint >= DC_NONE;
235 }
236
237
238 @Override
239 public String toString()
240 {
241 return "SC{" + _name
242 + ","
243 + (_anyRole ? "*" : (_roles == null ? "-" : Arrays.asList(_roles).toString()))
244 + ","
245 + (_dataConstraint == DC_UNSET ? "DC_UNSET}" : (_dataConstraint == DC_NONE ? "NONE}" : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
246 }
247
248 }