org.eclipse.jetty.security
Class ConstraintSecurityHandler
java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.server.handler.AbstractHandler
org.eclipse.jetty.server.handler.AbstractHandlerContainer
org.eclipse.jetty.server.handler.HandlerWrapper
org.eclipse.jetty.security.SecurityHandler
org.eclipse.jetty.security.ConstraintSecurityHandler
- All Implemented Interfaces:
- Authenticator.Configuration, ConstraintAware, Handler, HandlerContainer, LifeCycle
public class ConstraintSecurityHandler
- extends SecurityHandler
- implements ConstraintAware
Handler to enforce SecurityConstraints. This implementation is servlet spec
2.4 compliant and precomputes the constraint combinations for runtime
efficiency.
Method Summary |
protected boolean |
checkUserDataPermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo)
|
protected boolean |
checkWebResourcePermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo,
UserIdentity userIdentity)
|
protected void |
doStart()
|
protected void |
dump(StringBuilder b,
String indent)
|
ConstraintMapping[] |
getConstraintMappings()
|
Set<String> |
getRoles()
|
protected boolean |
isAuthMandatory(Request baseRequest,
Response base_response,
Object constraintInfo)
|
boolean |
isStrict()
Get the strict mode. |
protected Object |
prepareConstraintInfo(String pathInContext,
Request request)
|
void |
setConstraintMappings(ConstraintMapping[] constraintMappings)
Process the constraints following the combining rules in Servlet 3.0 EA
spec section 13.7.1 Note that much of the logic is in the RoleInfo class. |
void |
setConstraintMappings(ConstraintMapping[] constraintMappings,
Set<String> roles)
Process the constraints following the combining rules in Servlet 3.0 EA
spec section 13.7.1 Note that much of the logic is in the RoleInfo class. |
void |
setStrict(boolean strict)
Set the strict mode of the security handler. |
Methods inherited from class org.eclipse.jetty.security.SecurityHandler |
checkSecurity, doStop, findIdentityService, findLoginService, getAuthenticator, getAuthenticatorFactory, getAuthMethod, getIdentityService, getInitParameter, getInitParameterNames, getLoginService, getRealmName, handle, isCheckWelcomeFiles, setAuthenticator, setAuthenticatorFactory, setAuthMethod, setCheckWelcomeFiles, setIdentityService, setInitParameter, setLoginService, setRealmName |
Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle |
addLifeCycleListener, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop |
ConstraintSecurityHandler
public ConstraintSecurityHandler()
isStrict
public boolean isStrict()
- Get the strict mode.
- Returns:
- true if the security handler is running in strict mode.
setStrict
public void setStrict(boolean strict)
- Set the strict mode of the security handler.
When in strict mode (the default), the full servlet specification
will be implemented.
If not in strict mode, some additional flexibility in configuration
is allowed:
- All users do not need to have a role defined in the deployment descriptor
- The * role in a constraint applies to ANY role rather than all roles defined in
the deployment descriptor.
- Parameters:
strict
- the strict to set
getConstraintMappings
public ConstraintMapping[] getConstraintMappings()
- Specified by:
getConstraintMappings
in interface ConstraintAware
- Returns:
- Returns the contraintMappings.
getRoles
public Set<String> getRoles()
- Specified by:
getRoles
in interface ConstraintAware
setConstraintMappings
public void setConstraintMappings(ConstraintMapping[] constraintMappings)
- Process the constraints following the combining rules in Servlet 3.0 EA
spec section 13.7.1 Note that much of the logic is in the RoleInfo class.
- Parameters:
constraintMappings
- The contraintMappings to set, from which the set of known roles
is determined.
setConstraintMappings
public void setConstraintMappings(ConstraintMapping[] constraintMappings,
Set<String> roles)
- Process the constraints following the combining rules in Servlet 3.0 EA
spec section 13.7.1 Note that much of the logic is in the RoleInfo class.
- Specified by:
setConstraintMappings
in interface ConstraintAware
- Parameters:
constraintMappings
- The contraintMappings to set.roles
- The known roles (or null to determine them from the mappings)
doStart
protected void doStart()
throws Exception
- Overrides:
doStart
in class SecurityHandler
- Throws:
Exception
- See Also:
SecurityHandler.doStart()
prepareConstraintInfo
protected Object prepareConstraintInfo(String pathInContext,
Request request)
- Specified by:
prepareConstraintInfo
in class SecurityHandler
checkUserDataPermissions
protected boolean checkUserDataPermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo)
throws IOException
- Specified by:
checkUserDataPermissions
in class SecurityHandler
- Throws:
IOException
isAuthMandatory
protected boolean isAuthMandatory(Request baseRequest,
Response base_response,
Object constraintInfo)
- Specified by:
isAuthMandatory
in class SecurityHandler
checkWebResourcePermissions
protected boolean checkWebResourcePermissions(String pathInContext,
Request request,
Response response,
Object constraintInfo,
UserIdentity userIdentity)
throws IOException
- Specified by:
checkWebResourcePermissions
in class SecurityHandler
- Throws:
IOException
dump
protected void dump(StringBuilder b,
String indent)
- Overrides:
dump
in class AbstractHandlerContainer
Copyright © 1995-2009 Mort Bay Consulting. All Rights Reserved.