annotate src/org/eclipse/jetty/util/security/Constraint.java @ 814:95cbe23a96fb

minor
author Franklin Schmidt <fschmidt@gmail.com>
date Fri, 09 Sep 2016 10:37:37 -0600
parents 3428c60d7cfc
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
802
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
1 //
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
2 // ========================================================================
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
4 // ------------------------------------------------------------------------
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
5 // All rights reserved. This program and the accompanying materials
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
6 // are made available under the terms of the Eclipse Public License v1.0
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
7 // and Apache License v2.0 which accompanies this distribution.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
8 //
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
9 // The Eclipse Public License is available at
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
10 // http://www.eclipse.org/legal/epl-v10.html
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
11 //
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
12 // The Apache License v2.0 is available at
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
13 // http://www.opensource.org/licenses/apache2.0.php
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
14 //
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
15 // You may elect to redistribute this code under either of these licenses.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
16 // ========================================================================
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
17 //
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
18
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
19 package org.eclipse.jetty.util.security;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
20
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
21 import java.io.Serializable;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
22 import java.util.Arrays;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
23
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
24 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
25 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
26 * Describe an auth and/or data constraint.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
27 *
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
28 *
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
29 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
30 public class Constraint implements Cloneable, Serializable
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
31 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
32 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
33 public final static String __BASIC_AUTH = "BASIC";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
34
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
35 public final static String __FORM_AUTH = "FORM";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
36
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
37 public final static String __DIGEST_AUTH = "DIGEST";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
38
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
39 public final static String __CERT_AUTH = "CLIENT_CERT";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
40
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
41 public final static String __CERT_AUTH2 = "CLIENT-CERT";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
42
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
43 public final static String __SPNEGO_AUTH = "SPNEGO";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
44
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
45 public final static String __NEGOTIATE_AUTH = "NEGOTIATE";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
46
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
47 public static boolean validateMethod (String method)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
48 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
49 if (method == null)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
50 return false;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
51 method = method.trim();
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
52 return (method.equals(__FORM_AUTH)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
53 || method.equals(__BASIC_AUTH)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
54 || method.equals (__DIGEST_AUTH)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
55 || method.equals (__CERT_AUTH)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
56 || method.equals(__CERT_AUTH2)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
57 || method.equals(__SPNEGO_AUTH)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
58 || method.equals(__NEGOTIATE_AUTH));
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
59 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
60
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
61 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
62 public final static int DC_UNSET = -1, DC_NONE = 0, DC_INTEGRAL = 1, DC_CONFIDENTIAL = 2, DC_FORBIDDEN = 3;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
63
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
64 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
65 public final static String NONE = "NONE";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
66
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
67 public final static String ANY_ROLE = "*";
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
68
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
69 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
70 private String _name;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
71
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
72 private String[] _roles;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
73
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
74 private int _dataConstraint = DC_UNSET;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
75
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
76 private boolean _anyRole = false;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
77
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
78 private boolean _authenticate = false;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
79
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
80 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
81 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
82 * Constructor.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
83 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
84 public Constraint()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
85 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
86 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
87
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
88 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
89 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
90 * Conveniance Constructor.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
91 *
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
92 * @param name
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
93 * @param role
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
94 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
95 public Constraint(String name, String role)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
96 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
97 setName(name);
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
98 setRoles(new String[] { role });
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
99 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
100
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
101 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
102 @Override
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
103 public Object clone() throws CloneNotSupportedException
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
104 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
105 return super.clone();
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
106 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
107
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
108 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
109 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
110 * @param name
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
111 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
112 public void setName(String name)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
113 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
114 _name = name;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
115 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
116
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
117 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
118 public void setRoles(String[] roles)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
119 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
120 _roles = roles;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
121 _anyRole = false;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
122 if (roles != null)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
123 for (int i = roles.length; !_anyRole && i-- > 0;)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
124 _anyRole |= ANY_ROLE.equals(roles[i]);
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
125 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
126
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
127 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
128 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
129 * @return True if any user role is permitted.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
130 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
131 public boolean isAnyRole()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
132 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
133 return _anyRole;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
134 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
135
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
136 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
137 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
138 * @return List of roles for this constraint.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
139 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
140 public String[] getRoles()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
141 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
142 return _roles;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
143 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
144
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
145 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
146 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
147 * @param role
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
148 * @return True if the constraint contains the role.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
149 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
150 public boolean hasRole(String role)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
151 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
152 if (_anyRole) return true;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
153 if (_roles != null) for (int i = _roles.length; i-- > 0;)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
154 if (role.equals(_roles[i])) return true;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
155 return false;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
156 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
157
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
158 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
159 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
160 * @param authenticate True if users must be authenticated
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
161 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
162 public void setAuthenticate(boolean authenticate)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
163 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
164 _authenticate = authenticate;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
165 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
166
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
167 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
168 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
169 * @return True if the constraint requires request authentication
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
170 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
171 public boolean getAuthenticate()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
172 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
173 return _authenticate;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
174 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
175
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
176 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
177 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
178 * @return True if authentication required but no roles set
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
179 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
180 public boolean isForbidden()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
181 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
182 return _authenticate && !_anyRole && (_roles == null || _roles.length == 0);
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
183 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
184
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
185 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
186 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
187 * @param c Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL &
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
188 * 2=DC_CONFIDENTIAL
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
189 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
190 public void setDataConstraint(int c)
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
191 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
192 if (c < 0 || c > DC_CONFIDENTIAL) throw new IllegalArgumentException("Constraint out of range");
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
193 _dataConstraint = c;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
194 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
195
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
196 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
197 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
198 * @return Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL &
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
199 * 2=DC_CONFIDENTIAL
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
200 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
201 public int getDataConstraint()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
202 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
203 return _dataConstraint;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
204 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
205
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
206 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
207 /**
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
208 * @return True if a data constraint has been set.
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
209 */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
210 public boolean hasDataConstraint()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
211 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
212 return _dataConstraint >= DC_NONE;
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
213 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
214
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
215 /* ------------------------------------------------------------ */
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
216 @Override
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
217 public String toString()
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
218 {
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
219 return "SC{" + _name
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
220 + ","
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
221 + (_anyRole ? "*" : (_roles == null ? "-" : Arrays.asList(_roles).toString()))
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
222 + ","
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
223 + (_dataConstraint == DC_UNSET ? "DC_UNSET}" : (_dataConstraint == DC_NONE ? "NONE}" : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
224 }
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
225
3428c60d7cfc replace jetty jars with source
Franklin Schmidt <fschmidt@gmail.com>
parents:
diff changeset
226 }