comparison src/org/eclipse/jetty/util/security/Constraint.java @ 802:3428c60d7cfc

replace jetty jars with source
author Franklin Schmidt <fschmidt@gmail.com>
date Wed, 07 Sep 2016 21:15:48 -0600
parents
children
comparison
equal deleted inserted replaced
801:6a21393191c1 802:3428c60d7cfc
1 //
2 // ========================================================================
3 // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // All rights reserved. This program and the accompanying materials
6 // are made available under the terms of the Eclipse Public License v1.0
7 // and Apache License v2.0 which accompanies this distribution.
8 //
9 // The Eclipse Public License is available at
10 // http://www.eclipse.org/legal/epl-v10.html
11 //
12 // The Apache License v2.0 is available at
13 // http://www.opensource.org/licenses/apache2.0.php
14 //
15 // You may elect to redistribute this code under either of these licenses.
16 // ========================================================================
17 //
18
19 package org.eclipse.jetty.util.security;
20
21 import java.io.Serializable;
22 import java.util.Arrays;
23
24 /* ------------------------------------------------------------ */
25 /**
26 * Describe an auth and/or data constraint.
27 *
28 *
29 */
30 public class Constraint implements Cloneable, Serializable
31 {
32 /* ------------------------------------------------------------ */
33 public final static String __BASIC_AUTH = "BASIC";
34
35 public final static String __FORM_AUTH = "FORM";
36
37 public final static String __DIGEST_AUTH = "DIGEST";
38
39 public final static String __CERT_AUTH = "CLIENT_CERT";
40
41 public final static String __CERT_AUTH2 = "CLIENT-CERT";
42
43 public final static String __SPNEGO_AUTH = "SPNEGO";
44
45 public final static String __NEGOTIATE_AUTH = "NEGOTIATE";
46
47 public static boolean validateMethod (String method)
48 {
49 if (method == null)
50 return false;
51 method = method.trim();
52 return (method.equals(__FORM_AUTH)
53 || method.equals(__BASIC_AUTH)
54 || method.equals (__DIGEST_AUTH)
55 || method.equals (__CERT_AUTH)
56 || method.equals(__CERT_AUTH2)
57 || method.equals(__SPNEGO_AUTH)
58 || method.equals(__NEGOTIATE_AUTH));
59 }
60
61 /* ------------------------------------------------------------ */
62 public final static int DC_UNSET = -1, DC_NONE = 0, DC_INTEGRAL = 1, DC_CONFIDENTIAL = 2, DC_FORBIDDEN = 3;
63
64 /* ------------------------------------------------------------ */
65 public final static String NONE = "NONE";
66
67 public final static String ANY_ROLE = "*";
68
69 /* ------------------------------------------------------------ */
70 private String _name;
71
72 private String[] _roles;
73
74 private int _dataConstraint = DC_UNSET;
75
76 private boolean _anyRole = false;
77
78 private boolean _authenticate = false;
79
80 /* ------------------------------------------------------------ */
81 /**
82 * Constructor.
83 */
84 public Constraint()
85 {
86 }
87
88 /* ------------------------------------------------------------ */
89 /**
90 * Conveniance Constructor.
91 *
92 * @param name
93 * @param role
94 */
95 public Constraint(String name, String role)
96 {
97 setName(name);
98 setRoles(new String[] { role });
99 }
100
101 /* ------------------------------------------------------------ */
102 @Override
103 public Object clone() throws CloneNotSupportedException
104 {
105 return super.clone();
106 }
107
108 /* ------------------------------------------------------------ */
109 /**
110 * @param name
111 */
112 public void setName(String name)
113 {
114 _name = name;
115 }
116
117 /* ------------------------------------------------------------ */
118 public void setRoles(String[] roles)
119 {
120 _roles = roles;
121 _anyRole = false;
122 if (roles != null)
123 for (int i = roles.length; !_anyRole && i-- > 0;)
124 _anyRole |= ANY_ROLE.equals(roles[i]);
125 }
126
127 /* ------------------------------------------------------------ */
128 /**
129 * @return True if any user role is permitted.
130 */
131 public boolean isAnyRole()
132 {
133 return _anyRole;
134 }
135
136 /* ------------------------------------------------------------ */
137 /**
138 * @return List of roles for this constraint.
139 */
140 public String[] getRoles()
141 {
142 return _roles;
143 }
144
145 /* ------------------------------------------------------------ */
146 /**
147 * @param role
148 * @return True if the constraint contains the role.
149 */
150 public boolean hasRole(String role)
151 {
152 if (_anyRole) return true;
153 if (_roles != null) for (int i = _roles.length; i-- > 0;)
154 if (role.equals(_roles[i])) return true;
155 return false;
156 }
157
158 /* ------------------------------------------------------------ */
159 /**
160 * @param authenticate True if users must be authenticated
161 */
162 public void setAuthenticate(boolean authenticate)
163 {
164 _authenticate = authenticate;
165 }
166
167 /* ------------------------------------------------------------ */
168 /**
169 * @return True if the constraint requires request authentication
170 */
171 public boolean getAuthenticate()
172 {
173 return _authenticate;
174 }
175
176 /* ------------------------------------------------------------ */
177 /**
178 * @return True if authentication required but no roles set
179 */
180 public boolean isForbidden()
181 {
182 return _authenticate && !_anyRole && (_roles == null || _roles.length == 0);
183 }
184
185 /* ------------------------------------------------------------ */
186 /**
187 * @param c Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL &
188 * 2=DC_CONFIDENTIAL
189 */
190 public void setDataConstraint(int c)
191 {
192 if (c < 0 || c > DC_CONFIDENTIAL) throw new IllegalArgumentException("Constraint out of range");
193 _dataConstraint = c;
194 }
195
196 /* ------------------------------------------------------------ */
197 /**
198 * @return Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL &
199 * 2=DC_CONFIDENTIAL
200 */
201 public int getDataConstraint()
202 {
203 return _dataConstraint;
204 }
205
206 /* ------------------------------------------------------------ */
207 /**
208 * @return True if a data constraint has been set.
209 */
210 public boolean hasDataConstraint()
211 {
212 return _dataConstraint >= DC_NONE;
213 }
214
215 /* ------------------------------------------------------------ */
216 @Override
217 public String toString()
218 {
219 return "SC{" + _name
220 + ","
221 + (_anyRole ? "*" : (_roles == null ? "-" : Arrays.asList(_roles).toString()))
222 + ","
223 + (_dataConstraint == DC_UNSET ? "DC_UNSET}" : (_dataConstraint == DC_NONE ? "NONE}" : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
224 }
225
226 }