View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.security;
20  
21  import java.util.List;
22  import java.util.Set;
23  
24  /**
25   * @version $Rev: 4466 $ $Date: 2009-02-10 23:42:54 +0100 (Tue, 10 Feb 2009) $
26   */
27  public interface ConstraintAware
28  {
29      List<ConstraintMapping> getConstraintMappings();
30      Set<String> getRoles();
31      
32      /* ------------------------------------------------------------ */
33      /** Set Constraint Mappings and roles.
34       * Can only be called during initialization.
35       * @param constraintMappings
36       * @param roles
37       */
38      void setConstraintMappings(List<ConstraintMapping> constraintMappings, Set<String> roles);
39      
40      /* ------------------------------------------------------------ */
41      /** Add a Constraint Mapping.
42       * May be called for running webapplication as an annotated servlet is instantiated.
43       * @param mapping
44       */
45      void addConstraintMapping(ConstraintMapping mapping);
46      
47      
48      /* ------------------------------------------------------------ */
49      /** Add a Role definition.
50       * May be called on running webapplication as an annotated servlet is instantiated.
51       * @param role
52       */
53      void addRole(String role);
54      
55      /**
56       * See Servlet Spec 31, sec 13.8.4, pg 145
57       * When true, requests with http methods not explicitly covered either by inclusion or omissions
58       * in constraints, will have access denied.
59       * @param deny
60       */
61      void setDenyUncoveredHttpMethods(boolean deny);
62      
63      boolean isDenyUncoveredHttpMethods();
64      
65      /**
66       * See Servlet Spec 31, sec 13.8.4, pg 145
67       * Container must check if there are urls with uncovered http methods
68       */
69      boolean checkPathsWithUncoveredHttpMethods();
70  }