org.mortbay.http
Class SecurityConstraint
java.lang.Object
|
+--org.mortbay.http.SecurityConstraint
- All Implemented Interfaces:
- java.lang.Cloneable, java.io.Serializable
- public class SecurityConstraint
- extends java.lang.Object
- implements java.lang.Cloneable, java.io.Serializable
Describe an auth and/or data constraint.
- Version:
- $Revision: 1.28.2.1 $
- Author:
- Greg Wilkins (gregw)
- See Also:
- Serialized Form
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
__BASIC_AUTH
public static final java.lang.String __BASIC_AUTH
- See Also:
- Constant Field Values
__FORM_AUTH
public static final java.lang.String __FORM_AUTH
- See Also:
- Constant Field Values
__DIGEST_AUTH
public static final java.lang.String __DIGEST_AUTH
- See Also:
- Constant Field Values
__CERT_AUTH
public static final java.lang.String __CERT_AUTH
- See Also:
- Constant Field Values
__CERT_AUTH2
public static final java.lang.String __CERT_AUTH2
- See Also:
- Constant Field Values
__NOBODY
public static final SecurityConstraint.Nobody __NOBODY
DC_NONE
public static final int DC_NONE
- See Also:
- Constant Field Values
DC_INTEGRAL
public static final int DC_INTEGRAL
- See Also:
- Constant Field Values
DC_CONFIDENTIAL
public static final int DC_CONFIDENTIAL
- See Also:
- Constant Field Values
NONE
public static final java.lang.String NONE
- See Also:
- Constant Field Values
ANY_ROLE
public static final java.lang.String ANY_ROLE
- See Also:
- Constant Field Values
SecurityConstraint
public SecurityConstraint()
- Constructor.
SecurityConstraint
public SecurityConstraint(java.lang.String name,
java.lang.String role)
- Conveniance Constructor.
- Parameters:
name
- role
-
setName
public void setName(java.lang.String name)
- Parameters:
name
-
addMethod
public void addMethod(java.lang.String method)
- Parameters:
method
-
getMethods
public java.util.List getMethods()
forMethod
public boolean forMethod(java.lang.String method)
- Parameters:
method
- Method name.
- Returns:
- True if this constraint applies to the method. If no
method has been set, then the constraint applies to all methods.
addRole
public void addRole(java.lang.String role)
- Parameters:
role
- The rolename. If the rolename is '*' all other
roles are removed and anyRole is set true and subsequent
addRole calls are ignored.
Authenticate is forced true by this call.
isAnyRole
public boolean isAnyRole()
- Returns:
- True if any user role is permitted.
getRoles
public java.util.List getRoles()
- Returns:
- List of roles for this constraint.
hasRole
public boolean hasRole(java.lang.String role)
- Parameters:
role
-
- Returns:
- True if the constraint contains the role.
setAuthenticate
public void setAuthenticate(boolean authenticate)
- Parameters:
authenticate
- True if users must be authenticated
isAuthenticate
public boolean isAuthenticate()
- Returns:
- True if the constraint requires request authentication
isForbidden
public boolean isForbidden()
- Returns:
- True if authentication required but no roles set
setDataConstraint
public void setDataConstraint(int c)
- Parameters:
c
-
getDataConstraint
public int getDataConstraint()
- Returns:
- Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL & 2=DC_CONFIDENTIAL
hasDataConstraint
public boolean hasDataConstraint()
- Returns:
- True if there is a data constraint.
clone
public java.lang.Object clone()
- Overrides:
clone
in class java.lang.Object
toString
public java.lang.String toString()
- Overrides:
toString
in class java.lang.Object
check
public static int check(java.util.List constraints,
SecurityConstraint.Authenticator authenticator,
UserRealm realm,
java.lang.String pathInContext,
HttpRequest request,
HttpResponse response)
throws HttpException,
java.io.IOException
- Check security contraints
- Parameters:
constraints
- authenticator
- realm
- pathInContext
- request
- response
-
- Returns:
- -1 for failed, 0 for authentication in process, 1 for passed.
- Throws:
HttpException
java.io.IOException
Copyright ? 2000 Mortbay Consulting Pty. Ltd. All Rights Reserved.