io.undertow.servlet.api.WebResourceCollection Java Examples
The following examples show how to use
io.undertow.servlet.api.WebResourceCollection.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SecurityPathMatches.java From quarkus-http with Apache License 2.0 | 6 votes |
private void setupPathSecurityInformation(final PathSecurityInformation info, final SecurityInformation securityConstraint, final WebResourceCollection webResources) { if (webResources.getHttpMethods().isEmpty() && webResources.getHttpMethodOmissions().isEmpty()) { info.defaultRequiredRoles.add(securityConstraint); } else if (!webResources.getHttpMethods().isEmpty()) { for (String method : webResources.getHttpMethods()) { List<SecurityInformation> securityInformations = info.perMethodRequiredRoles.get(method); if (securityInformations == null) { info.perMethodRequiredRoles.put(method, securityInformations = new ArrayList<>()); } securityInformations.add(securityConstraint); } } else if (!webResources.getHttpMethodOmissions().isEmpty()) { info.excludedMethodRoles.add(new ExcludedMethodRoles(webResources.getHttpMethodOmissions(), securityConstraint)); } }
Example #2
Source File: KeycloakBaseSpringBootConfiguration.java From keycloak with Apache License 2.0 | 6 votes |
private List<io.undertow.servlet.api.SecurityConstraint> getSecurityConstraints() { List<io.undertow.servlet.api.SecurityConstraint> undertowSecurityConstraints = new ArrayList<io.undertow.servlet.api.SecurityConstraint>(); for (KeycloakSpringBootProperties.SecurityConstraint constraintDefinition : keycloakProperties.getSecurityConstraints()) { io.undertow.servlet.api.SecurityConstraint undertowSecurityConstraint = new io.undertow.servlet.api.SecurityConstraint(); undertowSecurityConstraint.addRolesAllowed(constraintDefinition.getAuthRoles()); for (KeycloakSpringBootProperties.SecurityCollection collectionDefinition : constraintDefinition.getSecurityCollections()) { WebResourceCollection webResourceCollection = new WebResourceCollection(); webResourceCollection.addHttpMethods(collectionDefinition.getMethods()); webResourceCollection.addHttpMethodOmissions(collectionDefinition.getOmittedMethods()); webResourceCollection.addUrlPatterns(collectionDefinition.getPatterns()); undertowSecurityConstraint.addWebResourceCollections(webResourceCollection); } undertowSecurityConstraints.add(undertowSecurityConstraint); } return undertowSecurityConstraints; }
Example #3
Source File: SecurityPathMatches.java From lams with GNU General Public License v2.0 | 6 votes |
private void setupPathSecurityInformation(final PathSecurityInformation info, final SecurityInformation securityConstraint, final WebResourceCollection webResources) { if (webResources.getHttpMethods().isEmpty() && webResources.getHttpMethodOmissions().isEmpty()) { info.defaultRequiredRoles.add(securityConstraint); } else if (!webResources.getHttpMethods().isEmpty()) { for (String method : webResources.getHttpMethods()) { List<SecurityInformation> securityInformations = info.perMethodRequiredRoles.get(method); if (securityInformations == null) { info.perMethodRequiredRoles.put(method, securityInformations = new ArrayList<>()); } securityInformations.add(securityConstraint); } } else if (!webResources.getHttpMethodOmissions().isEmpty()) { info.excludedMethodRoles.add(new ExcludedMethodRoles(webResources.getHttpMethodOmissions(), securityConstraint)); } }
Example #4
Source File: SamlServletExtension.java From keycloak with Apache License 2.0 | 5 votes |
/** * add security constraint to /saml so that the endpoint can be called and auth mechanism pinged. * @param deploymentInfo */ protected void addEndpointConstraint(DeploymentInfo deploymentInfo) { SecurityConstraint constraint = new SecurityConstraint(); WebResourceCollection collection = new WebResourceCollection(); collection.addUrlPattern("/saml"); constraint.addWebResourceCollection(collection); deploymentInfo.addSecurityConstraint(constraint); }
Example #5
Source File: ServletRegistrationImpl.java From quarkus-http with Apache License 2.0 | 5 votes |
@Override public Set<String> setServletSecurity(final ServletSecurityElement constraint) { if (constraint == null) { throw UndertowMessages.MESSAGES.argumentCannotBeNull("constraint"); } DeploymentInfo deploymentInfo = deployment.getDeploymentInfo(); //this is not super efficient, but it does not really matter final Set<String> urlPatterns = new HashSet<>(); for (SecurityConstraint sc : deploymentInfo.getSecurityConstraints()) { for (WebResourceCollection webResources : sc.getWebResourceCollections()) { urlPatterns.addAll(webResources.getUrlPatterns()); } } final Set<String> ret = new HashSet<>(); for (String url : servletInfo.getMappings()) { if (urlPatterns.contains(url)) { ret.add(url); } } ServletSecurityInfo info = new ServletSecurityInfo(); servletInfo.setServletSecurityInfo(info); info.setTransportGuaranteeType(constraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE) .setEmptyRoleSemantic(emptyRoleSemantic(constraint.getEmptyRoleSemantic())) .addRolesAllowed(constraint.getRolesAllowed()); for (final HttpMethodConstraintElement methodConstraint : constraint.getHttpMethodConstraints()) { info.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo() .setTransportGuaranteeType(methodConstraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE) .setMethod(methodConstraint.getMethodName()) .setEmptyRoleSemantic(emptyRoleSemantic(methodConstraint.getEmptyRoleSemantic())) .addRolesAllowed(methodConstraint.getRolesAllowed())); } return ret; }
Example #6
Source File: KeycloakBaseSpringBootConfiguration.java From keycloak with Apache License 2.0 | 5 votes |
public void customize(DeploymentInfo deploymentInfo) { io.undertow.servlet.api.LoginConfig loginConfig = new io.undertow.servlet.api.LoginConfig(keycloakProperties.getRealm()); loginConfig.addFirstAuthMethod("KEYCLOAK"); deploymentInfo.setLoginConfig(loginConfig); deploymentInfo.addInitParameter("keycloak.config.resolver", KeycloakSpringBootConfigResolverWrapper.class.getName()); /* Support for '*' as all roles allowed * We clear out the role in the SecurityConstraints * and set the EmptyRoleSemantic to Authenticate * But we will set EmptyRoleSemantic to DENY (default) * if roles are non existing or left empty */ Iterator<io.undertow.servlet.api.SecurityConstraint> it = this.getSecurityConstraints().iterator(); while (it.hasNext()) { io.undertow.servlet.api.SecurityConstraint securityConstraint = it.next(); Set<String> rolesAllowed = securityConstraint.getRolesAllowed(); if (rolesAllowed.contains("*") || rolesAllowed.contains("**") ) { io.undertow.servlet.api.SecurityConstraint allRolesAllowed = new io.undertow.servlet.api.SecurityConstraint(); allRolesAllowed.setEmptyRoleSemantic(EmptyRoleSemantic.AUTHENTICATE); allRolesAllowed.setTransportGuaranteeType(securityConstraint.getTransportGuaranteeType()); for (WebResourceCollection wr : securityConstraint.getWebResourceCollections()) { allRolesAllowed.addWebResourceCollection(wr); } deploymentInfo.addSecurityConstraint(allRolesAllowed); } else // left empty will fall back on default EmptyRoleSemantic.DENY deploymentInfo.addSecurityConstraint(securityConstraint); } deploymentInfo.addServletExtension(new KeycloakServletExtension()); }
Example #7
Source File: ServletRegistrationImpl.java From lams with GNU General Public License v2.0 | 5 votes |
@Override public Set<String> setServletSecurity(final ServletSecurityElement constraint) { if (constraint == null) { throw UndertowMessages.MESSAGES.argumentCannotBeNull("constraint"); } DeploymentInfo deploymentInfo = deployment.getDeploymentInfo(); //this is not super efficient, but it does not really matter final Set<String> urlPatterns = new HashSet<>(); for (SecurityConstraint sc : deploymentInfo.getSecurityConstraints()) { for (WebResourceCollection webResources : sc.getWebResourceCollections()) { urlPatterns.addAll(webResources.getUrlPatterns()); } } final Set<String> ret = new HashSet<>(); for (String url : servletInfo.getMappings()) { if (urlPatterns.contains(url)) { ret.add(url); } } ServletSecurityInfo info = new ServletSecurityInfo(); servletInfo.setServletSecurityInfo(info); info.setTransportGuaranteeType(constraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE) .setEmptyRoleSemantic(emptyRoleSemantic(constraint.getEmptyRoleSemantic())) .addRolesAllowed(constraint.getRolesAllowed()); for (final HttpMethodConstraintElement methodConstraint : constraint.getHttpMethodConstraints()) { info.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo() .setTransportGuaranteeType(methodConstraint.getTransportGuarantee() == CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE) .setMethod(methodConstraint.getMethodName()) .setEmptyRoleSemantic(emptyRoleSemantic(methodConstraint.getEmptyRoleSemantic())) .addRolesAllowed(methodConstraint.getRolesAllowed())); } return ret; }
Example #8
Source File: UndertowDeploymentRecorder.java From quarkus with Apache License 2.0 | 5 votes |
public void addSecurityConstraint(RuntimeValue<DeploymentInfo> deployment, SecurityInfo.EmptyRoleSemantic emptyRoleSemantic, TransportGuaranteeType transportGuaranteeType, Set<String> rolesAllowed, Set<WebResourceCollection> webResourceCollections) { SecurityConstraint securityConstraint = new SecurityConstraint() .setEmptyRoleSemantic(emptyRoleSemantic) .addRolesAllowed(rolesAllowed) .setTransportGuaranteeType(transportGuaranteeType) .addWebResourceCollections(webResourceCollections.toArray(new WebResourceCollection[0])); deployment.getValue().addSecurityConstraint(securityConstraint); }
Example #9
Source File: SecurityRedirectTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
@BeforeClass public static void setup() throws ServletException { final PathHandler root = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletIdentityManager identityManager = new ServletIdentityManager(); identityManager.addUser("user1", "password1", "role1"); DeploymentInfo builder = new DeploymentInfo() .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setClassLoader(ServletPathMappingTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setDeploymentName("servletContext.war") .setResourceManager(new TestResourceLoader(SecurityRedirectTestCase.class)) .addWelcomePages("index.html") .setIdentityManager(identityManager) .setLoginConfig(new LoginConfig("BASIC", "Test Realm")) .addSecurityConstraint(new SecurityConstraint() .addRoleAllowed("role1") .addWebResourceCollection(new WebResourceCollection() .addUrlPatterns("/index.html", "/filterpath/*"))); DeploymentManager manager = container.addDeployment(builder); manager.deploy(); root.addPrefixPath(builder.getContextPath(), manager.start()); DefaultServer.setRootHandler(root); }
Example #10
Source File: WelcomeFileSecurityTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
@BeforeClass public static void setup() throws ServletException { final PathHandler root = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletIdentityManager identityManager = new ServletIdentityManager(); identityManager.addUser("user1", "password1", "role1"); DeploymentInfo builder = new DeploymentInfo() .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setClassLoader(ServletPathMappingTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setDeploymentName("servletContext.war") .setResourceManager(new TestResourceLoader(WelcomeFileSecurityTestCase.class)) .addWelcomePages("doesnotexist.html", "index.html", "default") .setIdentityManager(identityManager) .setLoginConfig(new LoginConfig("BASIC", "Test Realm")) .addServlet( new ServletInfo("DefaultTestServlet", PathTestServlet.class) .setServletSecurityInfo( new ServletSecurityInfo() .addRoleAllowed("role1")) .addMapping("/path/default")) .addSecurityConstraint(new SecurityConstraint() .addRoleAllowed("role1") .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/index.html"))); DeploymentManager manager = container.addDeployment(builder); manager.deploy(); root.addPrefixPath(builder.getContextPath(), manager.start()); DefaultServer.setRootHandler(root); }
Example #11
Source File: DigestAuthTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
@BeforeClass public static void setup() throws ServletException { final PathHandler path = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletInfo usernameServlet = new ServletInfo("Username Servlet", SendUsernameServlet.class) .addMapping("/secured/username"); ServletInfo authTypeServlet = new ServletInfo("Auth Type Servlet", SendAuthTypeServlet.class) .addMapping("/secured/authType"); ServletIdentityManager identityManager = new ServletIdentityManager(); identityManager.addUser("user1", "password1", "role1"); DeploymentInfo builder = new DeploymentInfo() .setClassLoader(SimpleServletTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setDeploymentName("servletContext.war") .setIdentityManager(identityManager) .setLoginConfig(new LoginConfig("DIGEST", REALM_NAME)) .addServlets(usernameServlet, authTypeServlet); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/secured/*")) .addRoleAllowed("role1") .setEmptyRoleSemantic(EmptyRoleSemantic.DENY)); DeploymentManager manager = container.addDeployment(builder); manager.deploy(); path.addPrefixPath(builder.getContextPath(), manager.start()); DefaultServer.setRootHandler(path); }
Example #12
Source File: ServletClientCertAuthTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
@BeforeClass public static void setup() throws ServletException, IOException { DefaultServer.startSSLServer(); clientSSLContext = DefaultServer.getClientSSLContext(); final PathHandler path = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletInfo usernameServlet = new ServletInfo("Username Servlet", SendUsernameServlet.class) .addMapping("/secured/username"); ServletInfo authTypeServlet = new ServletInfo("Auth Type Servlet", SendAuthTypeServlet.class) .addMapping("/secured/authType"); LoginConfig loginConfig = new LoginConfig(REALM_NAME); loginConfig.addFirstAuthMethod(new AuthMethodConfig("CLIENT_CERT")); DeploymentInfo builder = new DeploymentInfo() .setClassLoader(SimpleServletTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setDeploymentName("servletContext.war") .setIdentityManager(identityManager) .setLoginConfig(loginConfig) .addServlets(usernameServlet, authTypeServlet); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/secured/*")) .addRoleAllowed("role1") .setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.DENY)); DeploymentManager manager = container.addDeployment(builder); manager.deploy(); path.addPrefixPath(builder.getContextPath(), manager.start()); DefaultServer.setRootHandler(path); }
Example #13
Source File: ConfidentialityConstraintUrlMappingTestCase.java From quarkus-http with Apache License 2.0 | 5 votes |
@BeforeClass public static void setup() throws Exception { DefaultServer.startSSLServer(); final PathHandler root = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletInfo s = new ServletInfo("servlet", SendSchemeServlet.class) .addMapping("/clear") .addMapping("/integral") .addMapping("/confidential"); DeploymentInfo info = new DeploymentInfo() .setClassLoader(SimpleServletTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setDeploymentName("servletContext.war") .setConfidentialPortManager(TestConfidentialPortManager.INSTANCE) .addServlet(s); info.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/integral")) .setTransportGuaranteeType(TransportGuaranteeType.INTEGRAL) .setEmptyRoleSemantic(EmptyRoleSemantic.PERMIT)); info.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/confidential")) .setTransportGuaranteeType(TransportGuaranteeType.CONFIDENTIAL) .setEmptyRoleSemantic(EmptyRoleSemantic.PERMIT)); DeploymentManager manager = container.addDeployment(info); manager.deploy(); root.addPrefixPath(info.getContextPath(), manager.start()); DefaultServer.setRootHandler(root); }
Example #14
Source File: ServletBasicAuthTestCase.java From quarkus-http with Apache License 2.0 | 4 votes |
@BeforeClass public static void setup() throws ServletException { final PathHandler path = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletInfo usernameServlet = new ServletInfo("Username Servlet", SendUsernameServlet.class) .addMapping("/secured/username"); ServletInfo authTypeServlet = new ServletInfo("Auth Type Servlet", SendAuthTypeServlet.class) .addMapping("/secured/authType"); ServletIdentityManager identityManager = new ServletIdentityManager(); identityManager.addUser("user1", "password1", "role1"); identityManager.addUser("charsetUser", "password-ΓΌ", "role1"); LoginConfig loginConfig = new LoginConfig(REALM_NAME); Map<String, String> props = new HashMap<>(); props.put("charset", "ISO_8859_1"); props.put("user-agent-charsets", "Chrome,UTF-8,OPR,UTF-8"); loginConfig.addFirstAuthMethod(new AuthMethodConfig("BASIC", props)); DeploymentInfo builder = new DeploymentInfo() .setClassLoader(SimpleServletTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setDeploymentName("servletContext.war") .setIdentityManager(identityManager) .setLoginConfig(loginConfig) .addServlets(usernameServlet, authTypeServlet); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/secured/*")) .addRoleAllowed("role1") .setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.DENY)); DeploymentManager manager = container.addDeployment(builder); manager.deploy(); path.addPrefixPath(builder.getContextPath(), manager.start()); DefaultServer.setRootHandler(path); }
Example #15
Source File: Servlets.java From lams with GNU General Public License v2.0 | 4 votes |
public static WebResourceCollection webResourceCollection() { return new WebResourceCollection(); }
Example #16
Source File: DeploymentManagerFactory.java From seed with Mozilla Public License 2.0 | 4 votes |
@SuppressFBWarnings(value = "BC_UNCONFIRMED_CAST_OF_RETURN_VALUE", justification = "False positive") private DeploymentInfo configureDeploymentInfo() { // Basic deployment attributes DeploymentInfo deploymentInfo = Servlets.deployment() .setEagerFilterInit(true) .setClassLoader(mostCompleteClassLoader) .setDeploymentName(applicationConfig.getId()) .setDisplayName(applicationConfig.getName()) .setDefaultSessionTimeout(serverConfig.getDefaultSessionTimeout()) .setResourceManager(new ClassPathResourceManager(mostCompleteClassLoader, META_INF_RESOURCES)) .addWelcomePages(serverConfig.getWelcomeFiles()) .addErrorPages(buildUndertowErrorPages(serverConfig.getErrorPages())) .setContextPath(serverConfig.getContextPath()); // Configure WebSockets if enabled if (serverConfig.webSocket().isEnabled()) { LOGGER.info("WebSocket support is enabled"); deploymentInfo.addServletContextAttribute( WebSocketDeploymentInfo.ATTRIBUTE_NAME, new WebSocketDeploymentInfo() .setBuffers(new DefaultByteBufferPool( undertowConfig.isDirectBuffers(), undertowConfig.getBufferSize())) .setWorker(xnioWorker) ); } // Redirect to HTTPS if configured if (serverConfig.isHttp() && serverConfig.isHttps() && serverConfig.isPreferHttps()) { LOGGER.info("Automatic redirection to HTTPS is enabled"); deploymentInfo .addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection().addUrlPattern("/*")) .setTransportGuaranteeType(TransportGuaranteeType.CONFIDENTIAL) .setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.PERMIT)) .setConfidentialPortManager(ex -> serverConfig.getSecurePort()); } // Add custom init parameters for (Map.Entry<String, String> initParameter : initParameters.entrySet()) { LOGGER.debug("Servlet init parameter {} = {}", initParameter.getKey(), initParameter.getValue()); deploymentInfo.addInitParameter(initParameter.getKey(), initParameter.getValue()); } // Register ServletContainerInitializers for (ServletContainerInitializer sci : loadServletContainerInitializers()) { LOGGER.debug("Registering ServletContainerInitializer {}", sci.getClass().getName()); deploymentInfo.addServletContainerInitializer(createServletContainerInitializerInfo(sci)); } return deploymentInfo; }
Example #17
Source File: EmptyRoleSemanticTestCase.java From quarkus-http with Apache License 2.0 | 4 votes |
@BeforeClass public static void setup() throws ServletException { final PathHandler root = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletInfo s = new ServletInfo("servlet", AuthenticationMessageServlet.class) .addInitParam(MessageServlet.MESSAGE, HELLO_WORLD) .addMapping("/permit") .addMapping("/deny") .addMapping("/authenticate"); ServletIdentityManager identityManager = new ServletIdentityManager(); identityManager.addUser("user1", "password1"); // Just one role less user. DeploymentInfo builder = new DeploymentInfo() .setClassLoader(SimpleServletTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setDeploymentName("servletContext.war") .setIdentityManager(identityManager) .setLoginConfig(new LoginConfig("BASIC", "Test Realm")) .addServlet(s); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection().addUrlPattern("/permit")) .setEmptyRoleSemantic(EmptyRoleSemantic.PERMIT)); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection().addUrlPattern("/deny")) .setEmptyRoleSemantic(EmptyRoleSemantic.DENY)); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection().addUrlPattern("/authenticate")) .setEmptyRoleSemantic(EmptyRoleSemantic.AUTHENTICATE)); DeploymentManager manager = container.addDeployment(builder); manager.deploy(); root.addPrefixPath(builder.getContextPath(), manager.start()); DefaultServer.setRootHandler(root); }
Example #18
Source File: SecurityConstraintUrlMappingTestCase.java From quarkus-http with Apache License 2.0 | 4 votes |
@BeforeClass public static void setup() throws ServletException { final PathHandler root = new PathHandler(); final ServletContainer container = ServletContainer.Factory.newInstance(); ServletInfo s = new ServletInfo("servlet", AuthenticationMessageServlet.class) .addInitParam(MessageServlet.MESSAGE, HELLO_WORLD) .addMapping("/role1") .addMapping("/role2") .addMapping("/starstar") .addMapping("/secured/role2/*") .addMapping("/secured/1/2/*") .addMapping("/public/*") .addMapping("/extension/*"); ServletIdentityManager identityManager = new ServletIdentityManager(); identityManager.addUser("user1", "password1", "role1"); identityManager.addUser("user2", "password2", "role2", "**"); identityManager.addUser("user3", "password3", "role1", "role2"); identityManager.addUser("user4", "password4", "badRole"); DeploymentInfo builder = new DeploymentInfo() .setClassLoader(SimpleServletTestCase.class.getClassLoader()) .setContextPath("/servletContext") .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setDeploymentName("servletContext.war") .setIdentityManager(identityManager) .setLoginConfig(new LoginConfig("BASIC", "Test Realm")) .addServlet(s); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/role1")) .addRoleAllowed("role1")); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/starstar")) .addRoleAllowed("**")); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/secured/*")) .addRoleAllowed("role2")); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/secured/*")) .addRoleAllowed("role2")); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/secured/1/*")) .addRoleAllowed("role1")); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/secured/1/2/*")) .addRoleAllowed("role2")); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("*.html")) .addRoleAllowed("role2")); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/public/*")).setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.PERMIT)); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/public/postSecured/*") .addHttpMethod("POST")) .addRoleAllowed("role1")); DeploymentManager manager = container.addDeployment(builder); manager.deploy(); root.addPrefixPath(builder.getContextPath(), manager.start()); builder = new DeploymentInfo() .setClassLoader(SimpleServletTestCase.class.getClassLoader()) .setContextPath("/star") .setClassIntrospecter(TestClassIntrospector.INSTANCE) .setDeploymentName("servletContext.war") .setIdentityManager(identityManager) .setLoginConfig(new LoginConfig("BASIC", "Test Realm")) .addSecurityRole("**") .addServlet(s); builder.addSecurityConstraint(new SecurityConstraint() .addWebResourceCollection(new WebResourceCollection() .addUrlPattern("/starstar")) .addRoleAllowed("**")); manager = container.addDeployment(builder); manager.deploy(); root.addPrefixPath(builder.getContextPath(), manager.start()); DefaultServer.setRootHandler(root); }
Example #19
Source File: Servlets.java From quarkus-http with Apache License 2.0 | 4 votes |
public static WebResourceCollection webResourceCollection() { return new WebResourceCollection(); }