Mercurial Hosting > luan
view src/org/eclipse/jetty/util/security/Constraint.java @ 894:c33a99fca826
remove _confidentialScheme
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Thu, 06 Oct 2016 23:40:29 -0600 |
parents | 3428c60d7cfc |
children |
line wrap: on
line source
// // ======================================================================== // Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. // ------------------------------------------------------------------------ // All rights reserved. This program and the accompanying materials // are made available under the terms of the Eclipse Public License v1.0 // and Apache License v2.0 which accompanies this distribution. // // The Eclipse Public License is available at // http://www.eclipse.org/legal/epl-v10.html // // The Apache License v2.0 is available at // http://www.opensource.org/licenses/apache2.0.php // // You may elect to redistribute this code under either of these licenses. // ======================================================================== // package org.eclipse.jetty.util.security; import java.io.Serializable; import java.util.Arrays; /* ------------------------------------------------------------ */ /** * Describe an auth and/or data constraint. * * */ public class Constraint implements Cloneable, Serializable { /* ------------------------------------------------------------ */ public final static String __BASIC_AUTH = "BASIC"; public final static String __FORM_AUTH = "FORM"; public final static String __DIGEST_AUTH = "DIGEST"; public final static String __CERT_AUTH = "CLIENT_CERT"; public final static String __CERT_AUTH2 = "CLIENT-CERT"; public final static String __SPNEGO_AUTH = "SPNEGO"; public final static String __NEGOTIATE_AUTH = "NEGOTIATE"; public static boolean validateMethod (String method) { if (method == null) return false; method = method.trim(); return (method.equals(__FORM_AUTH) || method.equals(__BASIC_AUTH) || method.equals (__DIGEST_AUTH) || method.equals (__CERT_AUTH) || method.equals(__CERT_AUTH2) || method.equals(__SPNEGO_AUTH) || method.equals(__NEGOTIATE_AUTH)); } /* ------------------------------------------------------------ */ public final static int DC_UNSET = -1, DC_NONE = 0, DC_INTEGRAL = 1, DC_CONFIDENTIAL = 2, DC_FORBIDDEN = 3; /* ------------------------------------------------------------ */ public final static String NONE = "NONE"; public final static String ANY_ROLE = "*"; /* ------------------------------------------------------------ */ private String _name; private String[] _roles; private int _dataConstraint = DC_UNSET; private boolean _anyRole = false; private boolean _authenticate = false; /* ------------------------------------------------------------ */ /** * Constructor. */ public Constraint() { } /* ------------------------------------------------------------ */ /** * Conveniance Constructor. * * @param name * @param role */ public Constraint(String name, String role) { setName(name); setRoles(new String[] { role }); } /* ------------------------------------------------------------ */ @Override public Object clone() throws CloneNotSupportedException { return super.clone(); } /* ------------------------------------------------------------ */ /** * @param name */ public void setName(String name) { _name = name; } /* ------------------------------------------------------------ */ public void setRoles(String[] roles) { _roles = roles; _anyRole = false; if (roles != null) for (int i = roles.length; !_anyRole && i-- > 0;) _anyRole |= ANY_ROLE.equals(roles[i]); } /* ------------------------------------------------------------ */ /** * @return True if any user role is permitted. */ public boolean isAnyRole() { return _anyRole; } /* ------------------------------------------------------------ */ /** * @return List of roles for this constraint. */ public String[] getRoles() { return _roles; } /* ------------------------------------------------------------ */ /** * @param role * @return True if the constraint contains the role. */ public boolean hasRole(String role) { if (_anyRole) return true; if (_roles != null) for (int i = _roles.length; i-- > 0;) if (role.equals(_roles[i])) return true; return false; } /* ------------------------------------------------------------ */ /** * @param authenticate True if users must be authenticated */ public void setAuthenticate(boolean authenticate) { _authenticate = authenticate; } /* ------------------------------------------------------------ */ /** * @return True if the constraint requires request authentication */ public boolean getAuthenticate() { return _authenticate; } /* ------------------------------------------------------------ */ /** * @return True if authentication required but no roles set */ public boolean isForbidden() { return _authenticate && !_anyRole && (_roles == null || _roles.length == 0); } /* ------------------------------------------------------------ */ /** * @param c Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL & * 2=DC_CONFIDENTIAL */ public void setDataConstraint(int c) { if (c < 0 || c > DC_CONFIDENTIAL) throw new IllegalArgumentException("Constraint out of range"); _dataConstraint = c; } /* ------------------------------------------------------------ */ /** * @return Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL & * 2=DC_CONFIDENTIAL */ public int getDataConstraint() { return _dataConstraint; } /* ------------------------------------------------------------ */ /** * @return True if a data constraint has been set. */ public boolean hasDataConstraint() { return _dataConstraint >= DC_NONE; } /* ------------------------------------------------------------ */ @Override public String toString() { return "SC{" + _name + "," + (_anyRole ? "*" : (_roles == null ? "-" : Arrays.asList(_roles).toString())) + "," + (_dataConstraint == DC_UNSET ? "DC_UNSET}" : (_dataConstraint == DC_NONE ? "NONE}" : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}"))); } }