javax.servlet.annotation.HttpMethodConstraint Java Examples

The following examples show how to use javax.servlet.annotation.HttpMethodConstraint. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ServletSecurityElement.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
/**
 * Create from an annotation.
 * @param annotation Annotation to use as the basis for the new instance
 * @throws IllegalArgumentException if a method name is specified more than
 */
public ServletSecurityElement(ServletSecurity annotation) {
    this(new HttpConstraintElement(annotation.value().value(),
            annotation.value().transportGuarantee(),
            annotation.value().rolesAllowed()));

    List<HttpMethodConstraintElement> l = new ArrayList<>();
    HttpMethodConstraint[] constraints = annotation.httpMethodConstraints();
    if (constraints != null) {
        for (int i = 0; i < constraints.length; i++) {
            HttpMethodConstraintElement e =
                new HttpMethodConstraintElement(constraints[i].value(),
                        new HttpConstraintElement(
                                constraints[i].emptyRoleSemantic(),
                                constraints[i].transportGuarantee(),
                                constraints[i].rolesAllowed()));
            l.add(e);
        }
    }
    addHttpMethodConstraints(l);
}
 
Example #2
Source File: ServletSecurityElement.java    From Tomcat7.0.67 with Apache License 2.0 6 votes vote down vote up
/**
 * Create from an annotation.
 * @param annotation
 * @throws IllegalArgumentException if a method name is specified more than
 */
public ServletSecurityElement(ServletSecurity annotation) {
    this(new HttpConstraintElement(annotation.value().value(),
            annotation.value().transportGuarantee(),
            annotation.value().rolesAllowed()));
    
    List<HttpMethodConstraintElement> l =
        new ArrayList<HttpMethodConstraintElement>();
    HttpMethodConstraint[] constraints = annotation.httpMethodConstraints();
    if (constraints != null) {
        for (int i = 0; i < constraints.length; i++) {
            HttpMethodConstraintElement e =
                new HttpMethodConstraintElement(constraints[i].value(),
                        new HttpConstraintElement(
                                constraints[i].emptyRoleSemantic(),
                                constraints[i].transportGuarantee(),
                                constraints[i].rolesAllowed()));
            l.add(e);
        }
    }
    addHttpMethodConstraints(l);
}
 
Example #3
Source File: ServletSecurityElement.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Constructs an instance from a {@link ServletSecurity} annotation value.
 *
 * @param annotation the annotation value
 *
 * @throws IllegalArgumentException if duplicate method names are
 * detected
 */
public ServletSecurityElement(ServletSecurity annotation) {
    super(annotation.value().value(),
            annotation.value().transportGuarantee(),
            annotation.value().rolesAllowed());
    this.methodConstraints = new HashSet<HttpMethodConstraintElement>();
    for (HttpMethodConstraint constraint :
            annotation.httpMethodConstraints()) {
        this.methodConstraints.add(
            new HttpMethodConstraintElement(
                constraint.value(),
                new HttpConstraintElement(constraint.emptyRoleSemantic(),
                    constraint.transportGuarantee(),
                    constraint.rolesAllowed())));
    }
    methodNames = checkMethodNames(this.methodConstraints);
}
 
Example #4
Source File: ServletSecurityElement.java    From tomcatsrc with Apache License 2.0 6 votes vote down vote up
/**
 * Create from an annotation.
 * @param annotation
 * @throws IllegalArgumentException if a method name is specified more than
 */
public ServletSecurityElement(ServletSecurity annotation) {
    this(new HttpConstraintElement(annotation.value().value(),
            annotation.value().transportGuarantee(),
            annotation.value().rolesAllowed()));
    
    List<HttpMethodConstraintElement> l =
        new ArrayList<HttpMethodConstraintElement>();
    HttpMethodConstraint[] constraints = annotation.httpMethodConstraints();
    if (constraints != null) {
        for (int i = 0; i < constraints.length; i++) {
            HttpMethodConstraintElement e =
                new HttpMethodConstraintElement(constraints[i].value(),
                        new HttpConstraintElement(
                                constraints[i].emptyRoleSemantic(),
                                constraints[i].transportGuarantee(),
                                constraints[i].rolesAllowed()));
            l.add(e);
        }
    }
    addHttpMethodConstraints(l);
}
 
Example #5
Source File: ServletContextImpl.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
@Override
public Void run() {
    final ServletSecurity security = servletInfo.getServletClass().getAnnotation(ServletSecurity.class);
    if (security != null) {

        ServletSecurityInfo servletSecurityInfo = new ServletSecurityInfo()
                .setEmptyRoleSemantic(security.value().value() == ServletSecurity.EmptyRoleSemantic.DENY ? SecurityInfo.EmptyRoleSemantic.DENY : SecurityInfo.EmptyRoleSemantic.PERMIT)
                .setTransportGuaranteeType(security.value().transportGuarantee() == ServletSecurity.TransportGuarantee.CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                .addRolesAllowed(security.value().rolesAllowed());
        for (HttpMethodConstraint constraint : security.httpMethodConstraints()) {
            servletSecurityInfo.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo()
                    .setMethod(constraint.value()))
                    .setEmptyRoleSemantic(constraint.emptyRoleSemantic() == ServletSecurity.EmptyRoleSemantic.DENY ? SecurityInfo.EmptyRoleSemantic.DENY : SecurityInfo.EmptyRoleSemantic.PERMIT)
                    .setTransportGuaranteeType(constraint.transportGuarantee() == ServletSecurity.TransportGuarantee.CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                    .addRolesAllowed(constraint.rolesAllowed());
        }
        servletInfo.setServletSecurityInfo(servletSecurityInfo);
    }
    final MultipartConfig multipartConfig = servletInfo.getServletClass().getAnnotation(MultipartConfig.class);
    if (multipartConfig != null) {
        servletInfo.setMultipartConfig(new MultipartConfigElement(multipartConfig.location(), multipartConfig.maxFileSize(), multipartConfig.maxRequestSize(), multipartConfig.fileSizeThreshold()));
    }
    final RunAs runAs = servletInfo.getServletClass().getAnnotation(RunAs.class);
    if (runAs != null) {
        servletInfo.setRunAs(runAs.value());
    }
    final DeclareRoles declareRoles = servletInfo.getServletClass().getAnnotation(DeclareRoles.class);
    if (declareRoles != null) {
        deploymentInfo.addSecurityRoles(declareRoles.value());
    }
    return null;
}
 
Example #6
Source File: ServletSecurityElement.java    From piranha with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
/**
 * Constructor.
 *
 * @param annotation the annotation.
 */
public ServletSecurityElement(ServletSecurity annotation) {
    super(annotation.value().value(), annotation.value().transportGuarantee(), annotation.value().rolesAllowed());
    this.methodConstraints = new HashSet<>();
    for (HttpMethodConstraint constraint : annotation.httpMethodConstraints()) {
        this.methodConstraints.add(new HttpMethodConstraintElement(constraint.value(),
                new HttpConstraintElement(constraint.emptyRoleSemantic(),
                        constraint.transportGuarantee(),
                        constraint.rolesAllowed())));
    }
    methodNames = collectMethodNames(methodConstraints);
}
 
Example #7
Source File: ServletContextImpl.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
@Override
public Void run() {
    final ServletSecurity security = servletInfo.getServletClass().getAnnotation(ServletSecurity.class);
    if (security != null) {

        ServletSecurityInfo servletSecurityInfo = new ServletSecurityInfo()
                .setEmptyRoleSemantic(security.value().value() == ServletSecurity.EmptyRoleSemantic.DENY ? SecurityInfo.EmptyRoleSemantic.DENY : SecurityInfo.EmptyRoleSemantic.PERMIT)
                .setTransportGuaranteeType(security.value().transportGuarantee() == ServletSecurity.TransportGuarantee.CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                .addRolesAllowed(security.value().rolesAllowed());
        for (HttpMethodConstraint constraint : security.httpMethodConstraints()) {
            servletSecurityInfo.addHttpMethodSecurityInfo(new HttpMethodSecurityInfo()
                    .setMethod(constraint.value()))
                    .setEmptyRoleSemantic(constraint.emptyRoleSemantic() == ServletSecurity.EmptyRoleSemantic.DENY ? SecurityInfo.EmptyRoleSemantic.DENY : SecurityInfo.EmptyRoleSemantic.PERMIT)
                    .setTransportGuaranteeType(constraint.transportGuarantee() == ServletSecurity.TransportGuarantee.CONFIDENTIAL ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE)
                    .addRolesAllowed(constraint.rolesAllowed());
        }
        servletInfo.setServletSecurityInfo(servletSecurityInfo);
    }
    final MultipartConfig multipartConfig = servletInfo.getServletClass().getAnnotation(MultipartConfig.class);
    if (multipartConfig != null) {
        servletInfo.setMultipartConfig(new MultipartConfigElement(multipartConfig.location(), multipartConfig.maxFileSize(), multipartConfig.maxRequestSize(), multipartConfig.fileSizeThreshold()));
    }
    final RunAs runAs = servletInfo.getServletClass().getAnnotation(RunAs.class);
    if (runAs != null) {
        servletInfo.setRunAs(runAs.value());
    }
    final DeclareRoles declareRoles = servletInfo.getServletClass().getAnnotation(DeclareRoles.class);
    if (declareRoles != null) {
        deploymentInfo.addSecurityRoles(declareRoles.value());
    }
    return null;
}
 
Example #8
Source File: ServletSecurityElementTest.java    From piranha with BSD 3-Clause "New" or "Revised" License 4 votes vote down vote up
/**
 * Test constructor.
 */
@Test
public void testConstructor4() {
    ServletSecurity servletSecurity = new ServletSecurity() {
        @Override
        public HttpMethodConstraint[] httpMethodConstraints() {
            return new HttpMethodConstraint[]{
                new HttpMethodConstraint() {
                    @Override
                    public ServletSecurity.EmptyRoleSemantic emptyRoleSemantic() {
                        return ServletSecurity.EmptyRoleSemantic.PERMIT;
                    }

                    @Override
                    public String[] rolesAllowed() {
                        return new String[]{};
                    }

                    @Override
                    public ServletSecurity.TransportGuarantee transportGuarantee() {
                        return ServletSecurity.TransportGuarantee.NONE;
                    }

                    @Override
                    public String value() {
                        return "HEAD";
                    }

                    @Override
                    public Class<? extends Annotation> annotationType() {
                        throw new UnsupportedOperationException("Not supported yet.");
                    }
                }
            };
        }

        @Override
        public HttpConstraint value() {
            return new HttpConstraint() {
                @Override
                public String[] rolesAllowed() {
                    return new String[]{};
                }

                @Override
                public ServletSecurity.TransportGuarantee transportGuarantee() {
                    return ServletSecurity.TransportGuarantee.NONE;
                }

                @Override
                public ServletSecurity.EmptyRoleSemantic value() {
                    return ServletSecurity.EmptyRoleSemantic.PERMIT;
                }

                @Override
                public Class<? extends Annotation> annotationType() {
                    throw new UnsupportedOperationException("Not supported yet.");
                }
            };
        }

        @Override
        public Class<? extends Annotation> annotationType() {
            throw new UnsupportedOperationException("Not supported yet.");
        }
    };
    ServletSecurityElement servletSecurityElement = new ServletSecurityElement(servletSecurity);
    assertNotNull(servletSecurityElement);
}