javax.servlet.ServletSecurityElement源码实例Demo

类javax.servlet.ServletSecurityElement源码实例Demo

下面列出了javax.servlet.ServletSecurityElement 类实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。

@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
    if (constraint == null) {
        throw new IllegalArgumentException(sm.getString(
                "applicationServletRegistration.setServletSecurity.iae",
                getName(), context.getName()));
    }

    if (!context.getState().equals(LifecycleState.STARTING_PREP)) {
        throw new IllegalStateException(sm.getString(
                "applicationServletRegistration.setServletSecurity.ise",
                getName(), context.getName()));
    }

    this.constraint = constraint;
    return context.addServletSecurity(this, constraint);
}
 
源代码2 项目: Tomcat8-Source-Read   文件: TestStandardContext.java
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
        throws ServletException {
    // Register and map servlet
    Servlet s = new TesterServlet();
    ServletRegistration.Dynamic sr = ctx.addServlet("test", s);
    sr.addMapping("/test");

    // Add a constraint with uncovered methods
    HttpConstraintElement hce = new HttpConstraintElement(
            TransportGuarantee.NONE, "tomcat");
    HttpMethodConstraintElement hmce =
            new HttpMethodConstraintElement("POST", hce);
    Set<HttpMethodConstraintElement> hmces = new HashSet<>();
    hmces.add(hmce);
    ServletSecurityElement sse = new ServletSecurityElement(hmces);
    sr.setServletSecurity(sse);
}
 
源代码3 项目: piranha   文件: AuthorizationPreInitializer.java
public List<SecurityConstraint> getConstraintsFromSecurityElements(ServletContext servletContext, AuthorizationService authorizationService) throws ServletException {
    List<Entry<List<String>, ServletSecurityElement>> elements = getOptionalAttribute(servletContext, SECURITY_ELEMENTS);
    if (elements == null) {
        return null;
    }

    List<SecurityConstraint> constraints = new ArrayList<>();

    for (Entry<List<String>, ServletSecurityElement> elementEntry : elements) {
        constraints.addAll(ElementsToConstraintsTransformer.createConstraints(
                new HashSet<>(elementEntry.getKey()),
                elementEntry.getValue()));
    }

    return constraints;
}
 
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
    if (constraint == null) {
        throw new IllegalArgumentException(sm.getString(
                "applicationServletRegistration.setServletSecurity.iae",
                getName(), context.getName()));
    }
    
    if (!context.getState().equals(LifecycleState.STARTING_PREP)) {
        throw new IllegalStateException(sm.getString(
                "applicationServletRegistration.setServletSecurity.ise",
                getName(), context.getName()));
    }

    return context.addServletSecurity(this, constraint);
}
 
源代码5 项目: Tomcat7.0.67   文件: StandardWrapper.java
private void processServletSecurityAnnotation(Class<?> clazz) {
    // Calling this twice isn't harmful so no syncs
    servletSecurityAnnotationScanRequired = false;

    Context ctxt = (Context) getParent();
    
    if (ctxt.getIgnoreAnnotations()) {
        return;
    }

    ServletSecurity secAnnotation =
        clazz.getAnnotation(ServletSecurity.class);
    if (secAnnotation != null) {
        ctxt.addServletSecurity(
                new ApplicationServletRegistration(this, ctxt),
                new ServletSecurityElement(secAnnotation));
    }
}
 
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
    if (constraint == null) {
        throw new IllegalArgumentException(sm.getString(
                "applicationServletRegistration.setServletSecurity.iae",
                getName(), context.getName()));
    }
    
    if (!context.getState().equals(LifecycleState.STARTING_PREP)) {
        throw new IllegalStateException(sm.getString(
                "applicationServletRegistration.setServletSecurity.ise",
                getName(), context.getName()));
    }

    return context.addServletSecurity(this, constraint);
}
 
源代码7 项目: Tomcat8-Source-Read   文件: WebAnnotationSet.java
/**
 * Process the annotations for the servlets.
 *
 * @param context The context which will have its annotations processed
 */
protected static void loadApplicationServletAnnotations(Context context) {

    Container[] children = context.findChildren();
    for (Container child : children) {
        if (child instanceof Wrapper) {

            Wrapper wrapper = (Wrapper) child;
            if (wrapper.getServletClass() == null) {
                continue;
            }

            Class<?> clazz = Introspection.loadClass(context, wrapper.getServletClass());
            if (clazz == null) {
                continue;
            }

            loadClassAnnotation(context, clazz);
            loadFieldsAnnotation(context, clazz);
            loadMethodsAnnotation(context, clazz);

            /* Process RunAs annotation which can be only on servlets.
             * Ref JSR 250, equivalent to the run-as element in
             * the deployment descriptor
             */
            RunAs runAs = clazz.getAnnotation(RunAs.class);
            if (runAs != null) {
                wrapper.setRunAs(runAs.value());
            }

            // Process ServletSecurity annotation
            ServletSecurity servletSecurity = clazz.getAnnotation(ServletSecurity.class);
            if (servletSecurity != null) {
                context.addServletSecurity(
                        new ApplicationServletRegistration(wrapper, context),
                        new ServletSecurityElement(servletSecurity));
            }
        }
    }
}
 
源代码8 项目: Tomcat8-Source-Read   文件: TestStandardContext.java
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
        throws ServletException {
    // Register and map servlet
    Servlet s = new TesterServlet();
    ServletRegistration.Dynamic sr = ctx.addServlet("bug50015", s);
    sr.addMapping("/bug50015");

    // Limit access to users in the Tomcat role
    HttpConstraintElement hce = new HttpConstraintElement(
            TransportGuarantee.NONE, "tomcat");
    ServletSecurityElement sse = new ServletSecurityElement(hce);
    sr.setServletSecurity(sse);
}
 
源代码9 项目: quarkus-http   文件: ServletRegistrationImpl.java
@Override
public Set<String> setServletSecurity(final ServletSecurityElement constraint) {
    if (constraint == null) {
        throw UndertowMessages.MESSAGES.argumentCannotBeNull("constraint");
    }
    DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();

    //this is not super efficient, but it does not really matter
    final Set<String> urlPatterns = new HashSet<>();
    for (SecurityConstraint sc : deploymentInfo.getSecurityConstraints()) {
        for (WebResourceCollection webResources : sc.getWebResourceCollections()) {
            urlPatterns.addAll(webResources.getUrlPatterns());
        }
    }
    final Set<String> ret = new HashSet<>();
    for (String url : servletInfo.getMappings()) {
        if (urlPatterns.contains(url)) {
            ret.add(url);
        }
    }
    ServletSecurityInfo info = new ServletSecurityInfo();
    servletInfo.setServletSecurityInfo(info);
    info.setTransportGuaranteeType(constraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
            .setEmptyRoleSemantic(emptyRoleSemantic(constraint.getEmptyRoleSemantic()))
            .addRolesAllowed(constraint.getRolesAllowed());

    for (final HttpMethodConstraintElement methodConstraint : constraint.getHttpMethodConstraints()) {
        info.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo()
                .setTransportGuaranteeType(methodConstraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                .setMethod(methodConstraint.getMethodName())
                .setEmptyRoleSemantic(emptyRoleSemantic(methodConstraint.getEmptyRoleSemantic()))
                .addRolesAllowed(methodConstraint.getRolesAllowed()));
    }
    return ret;
}
 
源代码10 项目: Tomcat7.0.67   文件: TestStandardContext.java
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
        throws ServletException {
    // Register and map servlet
    Servlet s = new Bug50015Servlet();
    ServletRegistration.Dynamic sr = ctx.addServlet("bug50015", s);
    sr.addMapping("/bug50015");

    // Limit access to users in the Tomcat role
    HttpConstraintElement hce = new HttpConstraintElement(
            TransportGuarantee.NONE, "tomcat");
    ServletSecurityElement sse = new ServletSecurityElement(hce);
    sr.setServletSecurity(sse);
}
 
源代码11 项目: lams   文件: ServletRegistrationImpl.java
@Override
public Set<String> setServletSecurity(final ServletSecurityElement constraint) {
    if (constraint == null) {
        throw UndertowMessages.MESSAGES.argumentCannotBeNull("constraint");
    }
    DeploymentInfo deploymentInfo = deployment.getDeploymentInfo();

    //this is not super efficient, but it does not really matter
    final Set<String> urlPatterns = new HashSet<>();
    for (SecurityConstraint sc : deploymentInfo.getSecurityConstraints()) {
        for (WebResourceCollection webResources : sc.getWebResourceCollections()) {
            urlPatterns.addAll(webResources.getUrlPatterns());
        }
    }
    final Set<String> ret = new HashSet<>();
    for (String url : servletInfo.getMappings()) {
        if (urlPatterns.contains(url)) {
            ret.add(url);
        }
    }
    ServletSecurityInfo info = new ServletSecurityInfo();
    servletInfo.setServletSecurityInfo(info);
    info.setTransportGuaranteeType(constraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
            .setEmptyRoleSemantic(emptyRoleSemantic(constraint.getEmptyRoleSemantic()))
            .addRolesAllowed(constraint.getRolesAllowed());

    for (final HttpMethodConstraintElement methodConstraint : constraint.getHttpMethodConstraints()) {
        info.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo()
                .setTransportGuaranteeType(methodConstraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                .setMethod(methodConstraint.getMethodName())
                .setEmptyRoleSemantic(emptyRoleSemantic(methodConstraint.getEmptyRoleSemantic()))
                .addRolesAllowed(methodConstraint.getRolesAllowed()));
    }
    return ret;
}
 
源代码12 项目: Brutusin-RPC   文件: RpcWebInitializer.java
private RpcServlet registerRpcServlet(ServletContext ctx) {
    LOGGER.info("Starting HTTP RPC runtime");
    RpcServlet servlet = new RpcServlet();
    ServletRegistration.Dynamic regInfo = ctx.addServlet(RpcServlet.class.getName(), servlet);
    ServletSecurityElement sec = new ServletSecurityElement(new HttpConstraintElement());
    regInfo.setServletSecurity(sec);
    regInfo.setLoadOnStartup(1);
    regInfo.addMapping(RpcConfig.getInstance().getPath() + "/http");
    return servlet;
}
 
源代码13 项目: tomcatsrc   文件: TestStandardContext.java
@Override
public void onStartup(Set<Class<?>> c, ServletContext ctx)
        throws ServletException {
    // Register and map servlet
    Servlet s = new Bug50015Servlet();
    ServletRegistration.Dynamic sr = ctx.addServlet("bug50015", s);
    sr.addMapping("/bug50015");

    // Limit access to users in the Tomcat role
    HttpConstraintElement hce = new HttpConstraintElement(
            TransportGuarantee.NONE, "tomcat");
    ServletSecurityElement sse = new ServletSecurityElement(hce);
    sr.setServletSecurity(sse);
}
 
源代码14 项目: tomee   文件: LowTypedRealm.java
@Override
public SecurityConstraint[] findSecurityConstraints(final Request request, final Context context) {
    final Map<String, ServletSecurityElement> map = (Map<String, ServletSecurityElement>) invoke(findSecurityConstraintsMethod, request.getRequest(), context.getPath());
    final List<SecurityConstraint> constraints = new ArrayList<SecurityConstraint>();
    for (final Map.Entry<String, ServletSecurityElement> entry : map.entrySet()) {
        constraints.addAll(Arrays.asList(SecurityConstraint.createConstraints(entry.getValue(), entry.getKey())));
    }
    return constraints.toArray(new SecurityConstraint[constraints.size()]);
}
 
源代码15 项目: Tomcat8-Source-Read   文件: FailedContext.java
@Override
public Set<String> addServletSecurity(
        ServletRegistration.Dynamic registration,
        ServletSecurityElement servletSecurityElement) { return null; }
 
源代码16 项目: Tomcat8-Source-Read   文件: ApplicationContext.java
private ServletRegistration.Dynamic addServlet(String servletName, String servletClass,
        Servlet servlet, Map<String,String> initParams) throws IllegalStateException {

    if (servletName == null || servletName.equals("")) {
        throw new IllegalArgumentException(sm.getString(
                "applicationContext.invalidServletName", servletName));
    }

    if (!context.getState().equals(LifecycleState.STARTING_PREP)) {
        //TODO Spec breaking enhancement to ignore this restriction
        throw new IllegalStateException(
                sm.getString("applicationContext.addServlet.ise",
                        getContextPath()));
    }

    Wrapper wrapper = (Wrapper) context.findChild(servletName);

    // Assume a 'complete' ServletRegistration is one that has a class and
    // a name
    if (wrapper == null) {
        wrapper = context.createWrapper();
        wrapper.setName(servletName);
        context.addChild(wrapper);
    } else {
        if (wrapper.getName() != null &&
                wrapper.getServletClass() != null) {
            if (wrapper.isOverridable()) {
                wrapper.setOverridable(false);
            } else {
                return null;
            }
        }
    }

    ServletSecurity annotation = null;
    if (servlet == null) {
        wrapper.setServletClass(servletClass);
        Class<?> clazz = Introspection.loadClass(context, servletClass);
        if (clazz != null) {
            annotation = clazz.getAnnotation(ServletSecurity.class);
        }
    } else {
        wrapper.setServletClass(servlet.getClass().getName());
        wrapper.setServlet(servlet);
        if (context.wasCreatedDynamicServlet(servlet)) {
            annotation = servlet.getClass().getAnnotation(ServletSecurity.class);
        }
    }

    if (initParams != null) {
        for (Map.Entry<String, String> initParam: initParams.entrySet()) {
            wrapper.addInitParameter(initParam.getKey(), initParam.getValue());
        }
    }

    ServletRegistration.Dynamic registration =
            new ApplicationServletRegistration(wrapper, context);
    if (annotation != null) {
        registration.setServletSecurity(new ServletSecurityElement(annotation));
    }
    return registration;
}
 
源代码17 项目: Tomcat8-Source-Read   文件: TesterContext.java
@Override
public Set<String> addServletSecurity(Dynamic registration,
        ServletSecurityElement servletSecurityElement) {
    return null;
}
 
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
	return null;
}
 
源代码19 项目: flair-engine   文件: WebConfigurerTest.java
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
    return null;
}
 
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
	return null;
}
 
源代码21 项目: spring-boot-protocol   文件: ServletRegistration.java
public ServletSecurityElement getServletSecurityElement() {
    return servletSecurityElement;
}
 
源代码22 项目: spring-boot-protocol   文件: ServletRegistration.java
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
    this.servletSecurityElement = constraint;
    servletSecuritys.addAll(servletSecurityElement.getMethodNames());
    return servletSecuritys;
}
 
源代码23 项目: Jinx   文件: NettyServletRegistration.java
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
    return null;
}
 
源代码24 项目: Tomcat7.0.67   文件: FailedContext.java
@Override
public Set<String> addServletSecurity(
        ApplicationServletRegistration registration,
        ServletSecurityElement servletSecurityElement) { return null; }
 
源代码25 项目: Tomcat7.0.67   文件: TesterContext.java
@Override
public Set<String> addServletSecurity(
        ApplicationServletRegistration registration,
        ServletSecurityElement servletSecurityElement) {
    return null;
}
 
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
	return null;
}
 
源代码27 项目: joinfaces   文件: MockServletRegistrationDynamic.java
@Override
public Set<String> setServletSecurity(ServletSecurityElement constraint) {
	throw new UnsupportedOperationException(NOT_SUPPORTED_YET); //To change body of generated methods, choose Tools | Templates.
}
 
源代码28 项目: tomcatsrc   文件: FailedContext.java
@Override
public Set<String> addServletSecurity(
        ApplicationServletRegistration registration,
        ServletSecurityElement servletSecurityElement) { return null; }
 
源代码29 项目: tomcatsrc   文件: TesterContext.java
@Override
public Set<String> addServletSecurity(
        ApplicationServletRegistration registration,
        ServletSecurityElement servletSecurityElement) {
    return null;
}
 
源代码30 项目: iaf   文件: ServletManager.java
public void registerServlet(String servletName, Servlet servletClass, String urlMapping, String[] roles, int loadOnStartup, Map<String, String> initParameters) {
	log.info("instantiating IbisInitializer servlet name ["+servletName+"] servletClass ["+servletClass+"] loadOnStartup ["+loadOnStartup+"]");
	getServletContext().log("instantiating IbisInitializer servlet ["+servletName+"]");


	AppConstants appConstants = AppConstants.getInstance();
	String propertyPrefix = "servlet."+servletName+".";

	if(!appConstants.getBoolean(propertyPrefix+"enabled", true))
		return;

	ServletRegistration.Dynamic serv = getServletContext().addServlet(servletName, servletClass);
	ServletSecurity.TransportGuarantee transportGuarantee = getTransportGuarantee(propertyPrefix+"transportGuarantee");

	String stage = appConstants.getString("dtap.stage", null);
	String[] rolesCopy = new String[0];
	if(roles != null && !stage.equalsIgnoreCase("LOC"))
		rolesCopy = roles;
	String roleNames = appConstants.getString(propertyPrefix+"securityroles", null);
	if(StringUtils.isNotEmpty(roleNames))
		rolesCopy = roleNames.split(",");
	declareRoles(rolesCopy);

	HttpConstraintElement httpConstraintElement = new HttpConstraintElement(transportGuarantee, rolesCopy);
	ServletSecurityElement constraint = new ServletSecurityElement(httpConstraintElement);

	String urlMappingCopy = appConstants.getString(propertyPrefix+"urlMapping", urlMapping);
	if(!urlMappingCopy.startsWith("/") && !urlMappingCopy.startsWith("*")) {
		urlMappingCopy = "/"+urlMappingCopy;
	}
	serv.addMapping(urlMappingCopy);

	int loadOnStartupCopy = appConstants.getInt(propertyPrefix+"loadOnStartup", loadOnStartup);
	serv.setLoadOnStartup(loadOnStartupCopy);
	serv.setServletSecurity(constraint);

	if(initParameters != null && !initParameters.isEmpty()) {
		//Manually loop through the map as serv.setInitParameters will fail all parameters even if only 1 fails...
		for (String key : initParameters.keySet()) {
			String value = initParameters.get(key);
			if(!serv.setInitParameter(key, value)) {
				log("unable to set init-parameter ["+key+"] with value ["+value+"] for servlet ["+servletName+"]", Level.ERROR);
			}
		}
	}

	if(log.isDebugEnabled()) log.debug("registered servlet ["+servletName+"] class ["+servletClass+"] url ["+urlMapping+"] loadOnStartup ["+loadOnStartup+"]");
}
 
源代码评论
动弹
沙发等你来抢
 类所在包
 类方法
 同包方法