public class SecurityConstraint extends Object implements Serializable
<security-constraint>
element in the
deployment descriptor.
WARNING: It is assumed that instances of this class will be created and modified only within the context of a single thread, before the instance is made visible to the remainder of the application. After that, only read access is expected. Therefore, none of the read and write access within this class is synchronized.
Modifier and Type | Field and Description |
---|---|
static String |
ROLE_ALL_AUTHENTICATED_USERS |
static String |
ROLE_ALL_ROLES |
Constructor and Description |
---|
SecurityConstraint()
Construct a new security constraint instance with default values.
|
Modifier and Type | Method and Description |
---|---|
void |
addAuthRole(String authRole)
Add an authorization role, which is a role name that will be
permitted access to the resources protected by this security constraint.
|
void |
addCollection(SecurityCollection collection)
Add a new web resource collection to those protected by this
security constraint.
|
static SecurityConstraint[] |
createConstraints(ServletSecurityElement element,
String urlPattern)
Convert a
ServletSecurityElement to an array of
SecurityConstraint (s). |
boolean |
findAuthRole(String role)
Check a role.
|
String[] |
findAuthRoles()
Return the set of roles that are permitted access to the resources
protected by this security constraint.
|
SecurityCollection |
findCollection(String name)
Return the web resource collection for the specified name, if any;
otherwise, return
null . |
SecurityCollection[] |
findCollections()
Return all of the web resource collections protected by this
security constraint.
|
static SecurityConstraint[] |
findUncoveredHttpMethods(SecurityConstraint[] constraints,
boolean denyUncoveredHttpMethods,
Log log) |
boolean |
getAllRoles()
Was the "all roles" wildcard included in this authentication
constraint?
|
boolean |
getAuthConstraint()
Return the authorization constraint present flag for this security
constraint.
|
boolean |
getAuthenticatedUsers()
Was the "all authenticated users" wildcard included in this
authentication constraint?
|
String |
getDisplayName() |
String |
getUserConstraint()
Return the user data constraint for this security constraint.
|
boolean |
included(String uri,
String method)
Check if the contraint applies to a URI and method.
|
void |
removeAuthRole(String authRole)
Remove the specified role from the set of roles permitted to access
the resources protected by this security constraint.
|
void |
removeCollection(SecurityCollection collection)
Remove the specified web resource collection from those protected by
this security constraint.
|
void |
setAuthConstraint(boolean authConstraint)
Set the authorization constraint present flag for this security
constraint.
|
void |
setDisplayName(String displayName)
Set the display name of this security constraint.
|
void |
setUserConstraint(String userConstraint)
Set the user data constraint for this security constraint.
|
String |
toString()
Return a String representation of this security constraint.
|
void |
treatAllAuthenticatedUsersAsApplicationRole()
Called in the unlikely event that an application defines a role named
"**".
|
public static final String ROLE_ALL_ROLES
public static final String ROLE_ALL_AUTHENTICATED_USERS
public SecurityConstraint()
public boolean getAllRoles()
true
if all rolespublic boolean getAuthenticatedUsers()
true
if all authenticated userspublic boolean getAuthConstraint()
true
if this needs authorizationpublic void setAuthConstraint(boolean authConstraint)
authConstraint
- The new valuepublic String getDisplayName()
public void setDisplayName(String displayName)
displayName
- The new valuepublic String getUserConstraint()
public void setUserConstraint(String userConstraint)
userConstraint
- The new user data constraintpublic void treatAllAuthenticatedUsersAsApplicationRole()
public void addAuthRole(String authRole)
authRole
- Role name to be addedpublic void addCollection(SecurityCollection collection)
collection
- The new web resource collectionpublic boolean findAuthRole(String role)
role
- Role name to be checkedtrue
if the specified role is permitted access to
the resources protected by this security constraint.public String[] findAuthRoles()
public SecurityCollection findCollection(String name)
null
.name
- Web resource collection name to returnpublic SecurityCollection[] findCollections()
public boolean included(String uri, String method)
uri
- Context-relative URI to checkmethod
- Request method being usedtrue
if the specified context-relative URI (and
associated HTTP method) are protected by this security constraint.public void removeAuthRole(String authRole)
authRole
- Role name to be removedpublic void removeCollection(SecurityCollection collection)
collection
- Web resource collection to be removedpublic String toString()
public static SecurityConstraint[] createConstraints(ServletSecurityElement element, String urlPattern)
ServletSecurityElement
to an array of
SecurityConstraint
(s).element
- The element to be convertedurlPattern
- The url pattern that the element should be applied
topublic static SecurityConstraint[] findUncoveredHttpMethods(SecurityConstraint[] constraints, boolean denyUncoveredHttpMethods, Log log)
Copyright © 2000-2016 Apache Software Foundation. All Rights Reserved.