You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2007/01/18 10:27:37 UTC
svn commit: r497370 - in /geronimo/server/trunk/modules:
geronimo-security/src/main/java/org/apache/geronimo/security/util/
geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/
Author: djencks
Date: Thu Jan 18 01:27:36 2007
New Revision: 497370
URL: http://svn.apache.org/viewvc?view=rev&rev=497370
Log:
GERONIMO-2749 make AbstractWebModuleBuilder deal with http extension methods for jacc 1.1
Added:
geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java (with props)
Modified:
geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/URLPattern.java
geronimo/server/trunk/modules/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java
Added: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java?view=auto&rev=497370
==============================================================================
--- geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java (added)
+++ geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java Thu Jan 18 01:27:36 2007
@@ -0,0 +1,119 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.geronimo.security.util;
+
+import java.util.Set;
+import java.util.HashSet;
+import java.util.regex.Pattern;
+
+/**
+ * Tracks sets of HTTP actions for use while computing permissions during web deployment.
+ *
+ * @version $Rev:$ $Date:$
+ */
+public class HTTPMethods {
+ private static final Pattern TOKEN_PATTERN = Pattern.compile("[!-~&&[^\\(\\)\\<\\>@,;:\\\\\"/\\[\\]\\?=\\{\\}]]*");
+
+ private final Set<String> methods = new HashSet<String>();
+ private boolean isExcluded = false;
+
+
+ public HTTPMethods() {
+ }
+
+ public HTTPMethods(HTTPMethods httpMethods, boolean complemented) {
+ isExcluded = httpMethods.isExcluded ^ complemented;
+ methods.addAll(httpMethods.methods);
+ }
+
+ public void add(String httpMethod) {
+ if (isExcluded) {
+ return;
+ }
+ if (httpMethod.length() == 0) {
+ isExcluded = true;
+ methods.clear();
+ }
+ checkToken(httpMethod);
+ methods.add(httpMethod);
+ }
+
+ public HTTPMethods add(HTTPMethods httpMethods) {
+ if (isExcluded) {
+ if (httpMethods.isExcluded) {
+ methods.retainAll(httpMethods.methods);
+ } else {
+ methods.removeAll(httpMethods.methods);
+ }
+ } else {
+ if (httpMethods.isExcluded) {
+ isExcluded = true;
+ Set<String> toRemove = new HashSet<String>(methods);
+ methods.clear();
+ methods.addAll(httpMethods.methods);
+ methods.removeAll(toRemove);
+ } else {
+ methods.addAll(httpMethods.methods);
+ }
+ }
+ return this;
+ }
+
+ public String getHttpMethods() {
+ return getHttpMethodsBuffer(isExcluded).toString();
+ }
+
+ public StringBuffer getHttpMethodsBuffer() {
+ return getHttpMethodsBuffer(isExcluded);
+ }
+
+ public String getComplementedHttpMethods() {
+ return getHttpMethodsBuffer(!isExcluded).toString();
+ }
+
+ private StringBuffer getHttpMethodsBuffer( boolean excluded) {
+ StringBuffer buffer = new StringBuffer();
+ if (excluded) {
+ buffer.append("!");
+ }
+ boolean afterFirst = false;
+ for (String method : methods) {
+ if (afterFirst) {
+ buffer.append(",");
+ } else {
+ afterFirst = true;
+ }
+ buffer.append(method);
+ }
+ return buffer;
+ }
+
+ private void checkToken(String method) {
+ if (!TOKEN_PATTERN.matcher(method).matches()) {
+ throw new IllegalArgumentException("Invalid HTTPMethodSpec");
+ }
+ }
+
+
+ public boolean isNone() {
+ return isExcluded && methods.isEmpty();
+ }
+}
Propchange: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/HTTPMethods.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/URLPattern.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/URLPattern.java?view=diff&rev=497370&r1=497369&r2=497370
==============================================================================
--- geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/URLPattern.java (original)
+++ geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/util/URLPattern.java Thu Jan 18 01:27:36 2007
@@ -19,7 +19,6 @@
import java.util.Collection;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.Set;
@@ -27,23 +26,30 @@
* Utility class for <code>ModuleConfiguration</code>. This class is used to generate qualified patterns, HTTP
* method sets, complements of HTTP method sets, and HTTP method sets w/ transport restrictions for URL patterns that
* are found in the web deployment descriptor.
+ *
* @version $Rev$ $Date$
*/
public class URLPattern {
- private final static String[] HTTP_METHODS = {"GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS", "TRACE"};
- private final static int[] HTTP_MASKS = {0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40};
- private final static int NA = 0x00;
- private final static int INTEGRAL = 0x01;
- private final static int CONFIDENTIAL = 0x02;
+// private final static String[] HTTP_METHODS = {"GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS", "TRACE"};
+// private final static int[] HTTP_MASKS = {0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40};
+// private static final String[] NO_METHODS = new String[0];
+// private static final Pattern TOKEN_PATTERN = Pattern.compile("[!-~&&[^\\(\\)\\<\\>@,;:\\\\\"/\\[\\]\\?=\\{\\}]]*");
+ public final static int NA = 0x00;
+ public final static int INTEGRAL = 0x01;
+ public final static int CONFIDENTIAL = 0x02;
private final URLPatternCheck type;
private final String pattern;
- private int httpMethodsMask;
+// private int httpMethodsMask;
+// private ArrayList<String> extensionMethods;
+// private boolean isExcluded;
+ private final HTTPMethods httpMethods = new HTTPMethods();
private int transport;
- private final HashSet roles = new HashSet();
+ private final HashSet<String> roles = new HashSet<String>();
/**
* Construct an instance of the utility class for <code>WebModuleConfiguration</code>.
+ *
* @param pat the URL pattern that this instance is to collect information on
* @see "JSR 115, section 3.1.3" Translating Servlet Deployment Descriptors
*/
@@ -66,30 +72,28 @@
/**
* Get a qualifed URL pattern relative to a particular set of URL patterns. This algorithm is described in
* JSR 115, section 3.1.3.1 "Qualified URL Pattern Names".
+ *
* @param patterns the set of possible URL patterns that could be used to qualify this pattern
* @return a qualifed URL pattern
*/
- public String getQualifiedPattern(Set patterns) {
+ public String getQualifiedPattern(Set<URLPattern> patterns) {
if (type == EXACT) {
return pattern;
} else {
- HashSet bucket = new HashSet();
+ HashSet<String> bucket = new HashSet<String>();
StringBuffer result = new StringBuffer(pattern);
- Iterator iter = patterns.iterator();
// Collect a set of qualifying patterns, depending on the type of this pattern.
- while (iter.hasNext()) {
- URLPattern p = (URLPattern) iter.next();
+ for (URLPattern p : patterns) {
if (type.check(this, p)) {
bucket.add(p.pattern);
}
}
// append the set of qualifying patterns
- iter = bucket.iterator();
- while (iter.hasNext()) {
+ for (String aBucket : bucket) {
result.append(':');
- result.append((String) iter.next());
+ result.append(aBucket);
}
return result.toString();
}
@@ -98,66 +102,41 @@
/**
* Add a method to the union of HTTP methods associated with this URL pattern. An empty string is short hand for
* the set of all HTTP methods.
+ *
* @param method the HTTP method to be added to the set.
*/
public void addMethod(String method) {
- if (method.length() == 0) {
- httpMethodsMask = 0xFF;
- return;
- }
-
- boolean found = false;
- for (int j = 0; j < HTTP_METHODS.length; j++) {
- if (method.equals(HTTP_METHODS[j])) {
- httpMethodsMask |= HTTP_MASKS[j];
- found = true;
-
- break;
- }
- }
- if (!found) throw new IllegalArgumentException("Invalid HTTP method");
+ httpMethods.add(method);
}
/**
* Return the set of HTTP methods that have been associated with this URL pattern.
+ *
* @return a set of HTTP methods
*/
public String getMethods() {
- StringBuffer buffer = null;
-
- for (int i = 0; i < HTTP_MASKS.length; i++) {
- if ((httpMethodsMask & HTTP_MASKS[i]) > 0) {
- if (buffer == null) {
- buffer = new StringBuffer();
- } else {
- buffer.append(",");
- }
- buffer.append(HTTP_METHODS[i]);
- }
- }
-
- return (buffer == null ? "" : buffer.toString());
+ return httpMethods.getHttpMethods();
}
+
public String getComplementedMethods() {
- StringBuffer buffer = null;
+ return httpMethods.getComplementedHttpMethods();
+ }
- for (int i = 0; i < HTTP_MASKS.length; i++) {
- if ((httpMethodsMask & HTTP_MASKS[i]) == 0) {
- if (buffer == null) {
- buffer = new StringBuffer();
- } else {
- buffer.append(",");
- }
- buffer.append(HTTP_METHODS[i]);
- }
- }
+ public HTTPMethods getHTTPMethods() {
+ return httpMethods;
+ }
- return (buffer == null ? "" : buffer.toString());
+ public HTTPMethods getComplementedHTTPMethods() {
+ return new HTTPMethods(httpMethods, true);
}
public String getMethodsWithTransport() {
- StringBuffer buffer = new StringBuffer(getMethods());
+ return getMethodsWithTransport(httpMethods, transport);
+ }
+
+ public static String getMethodsWithTransport(HTTPMethods methods, int transport) {
+ StringBuffer buffer = methods.getHttpMethodsBuffer();
if (transport != NA) {
@@ -177,38 +156,46 @@
public void setTransport(String trans) {
switch (transport) {
- case NA:
- {
- if ("INTEGRAL".equals(trans)) {
- transport = INTEGRAL;
- } else if ("CONFIDENTIAL".equals(trans)) {
- transport = CONFIDENTIAL;
- }
- break;
+ case NA: {
+ if ("INTEGRAL".equals(trans)) {
+ transport = INTEGRAL;
+ } else if ("CONFIDENTIAL".equals(trans)) {
+ transport = CONFIDENTIAL;
}
+ break;
+ }
- case INTEGRAL:
- {
- if ("CONFIDENTIAL".equals(trans)) {
- transport = CONFIDENTIAL;
- }
- break;
+ case INTEGRAL: {
+ if ("CONFIDENTIAL".equals(trans)) {
+ transport = CONFIDENTIAL;
}
+ break;
+ }
}
}
+ public int getTransport() {
+ return transport;
+ }
+
public void addRole(String role) {
roles.add(role);
}
- public void addAllRoles(Collection collection) {
+ public void addAllRoles(Collection<String> collection) {
roles.addAll(collection);
}
- public HashSet getRoles() {
+ public HashSet<String> getRoles() {
return roles;
}
+
+ /**
+ * TODO this is kinda weird without an explanation
+ * @param obj
+ * @return if this equals obj
+ */
public boolean equals(Object obj) {
if (!(obj instanceof URLPattern)) return false;
@@ -251,6 +238,7 @@
* This pattern is a path-prefix pattern (that is, it starts with "/" and ends with "/*") and the argument
* pattern starts with the substring of this pattern, minus its last 2 characters, and the next character of
* the argument pattern, if there is one, is "/"
+ *
* @param base the base pattern
* @param test the pattern to be tested
* @return <code>true</code> if <code>test</code> is matched by <code>base</code>
@@ -283,6 +271,7 @@
/**
* This pattern is an extension pattern (that is, it startswith "*.") and the argument pattern ends with
* this pattern.
+ *
* @param base the base pattern
* @param test the pattern to be tested
* @return <code>true</code> if <code>test</code> is matched by <code>base</code>
@@ -300,6 +289,7 @@
/**
* This pattern is the path-prefix pattern "/*" or the reference pattern is the special default pattern,
* "/", which matches all argument patterns.
+ *
* @param base the base pattern
* @param test the pattern to be tested
* @return <code>true</code> if <code>test</code> is matched by <code>base</code>
Modified: geronimo/server/trunk/modules/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java?view=diff&rev=497370&r1=497369&r2=497370
==============================================================================
--- geronimo/server/trunk/modules/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java (original)
+++ geronimo/server/trunk/modules/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java Thu Jan 18 01:27:36 2007
@@ -30,10 +30,10 @@
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import java.util.Set;
+import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import java.util.zip.ZipEntry;
@@ -45,11 +45,11 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.common.DeploymentException;
-import org.apache.geronimo.deployment.util.DeploymentUtil;
import org.apache.geronimo.deployment.ModuleIDBuilder;
import org.apache.geronimo.deployment.NamespaceDrivenBuilderCollection;
-import org.apache.geronimo.deployment.xmlbeans.XmlBeansUtil;
+import org.apache.geronimo.deployment.util.DeploymentUtil;
import org.apache.geronimo.deployment.xbeans.ServiceDocument;
+import org.apache.geronimo.deployment.xmlbeans.XmlBeansUtil;
import org.apache.geronimo.gbean.AbstractName;
import org.apache.geronimo.gbean.AbstractNameQuery;
import org.apache.geronimo.j2ee.deployment.EARContext;
@@ -65,8 +65,11 @@
import org.apache.geronimo.kernel.repository.Environment;
import org.apache.geronimo.kernel.repository.ImportType;
import org.apache.geronimo.naming.deployment.ResourceEnvironmentSetter;
+import org.apache.geronimo.schema.SchemaConversionUtils;
import org.apache.geronimo.security.jacc.ComponentPermissions;
import org.apache.geronimo.security.util.URLPattern;
+import org.apache.geronimo.security.util.HTTPMethods;
+import org.apache.geronimo.xbeans.geronimo.j2ee.GerSecurityDocument;
import org.apache.geronimo.xbeans.javaee.FilterMappingType;
import org.apache.geronimo.xbeans.javaee.RoleNameType;
import org.apache.geronimo.xbeans.javaee.SecurityConstraintType;
@@ -75,15 +78,13 @@
import org.apache.geronimo.xbeans.javaee.ServletMappingType;
import org.apache.geronimo.xbeans.javaee.ServletType;
import org.apache.geronimo.xbeans.javaee.UrlPatternType;
+import org.apache.geronimo.xbeans.javaee.WebAppDocument;
import org.apache.geronimo.xbeans.javaee.WebAppType;
import org.apache.geronimo.xbeans.javaee.WebResourceCollectionType;
-import org.apache.geronimo.xbeans.javaee.WebAppDocument;
-import org.apache.geronimo.xbeans.geronimo.j2ee.GerSecurityDocument;
-import org.apache.geronimo.schema.SchemaConversionUtils;
-import org.apache.xmlbeans.XmlObject;
-import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlDocumentProperties;
+import org.apache.xmlbeans.XmlException;
+import org.apache.xmlbeans.XmlObject;
/**
* @version $Rev$ $Date$
@@ -167,17 +168,16 @@
* @param contextRoot
* @return map of servlet names to path mapped to them. Possibly inaccurate except for web services.
*/
- protected Map buildServletNameToPathMap(WebAppType webApp, String contextRoot) {
+ protected Map<String,String> buildServletNameToPathMap(WebAppType webApp, String contextRoot) {
contextRoot = "/" + contextRoot;
- Map map = new HashMap();
+ Map<String,String> map = new HashMap<String, String>();
ServletMappingType[] servletMappings = webApp.getServletMappingArray();
- for (int j = 0; j < servletMappings.length; j++) {
- ServletMappingType servletMapping = servletMappings[j];
+ for (ServletMappingType servletMapping : servletMappings) {
String servletName = servletMapping.getServletName().getStringValue().trim();
UrlPatternType[] urlPatterns = servletMapping.getUrlPatternArray();
- for (int i=0; urlPatterns != null && (i < urlPatterns.length); i++) {
- map.put(servletName, contextRoot +urlPatterns[i].getStringValue().trim());
+ for (int i = 0; urlPatterns != null && (i < urlPatterns.length); i++) {
+ map.put(servletName, contextRoot + urlPatterns[i].getStringValue().trim());
}
}
return map;
@@ -250,9 +250,9 @@
try {
// add the warfile's content to the configuration
JarFile warFile = module.getModuleFile();
- Enumeration entries = warFile.entries();
+ Enumeration<JarEntry> entries = warFile.entries();
while (entries.hasMoreElements()) {
- ZipEntry entry = (ZipEntry) entries.nextElement();
+ ZipEntry entry = entries.nextElement();
URI targetPath = new URI(null, entry.getName(), null);
if (entry.getName().equals("WEB-INF/web.xml")) {
moduleContext.addFile(targetPath, module.getOriginalSpecDD());
@@ -367,26 +367,24 @@
}
- protected void addUnmappedJSPPermissions(Set securityRoles, Map rolePermissions) {
- for (Iterator iter = securityRoles.iterator(); iter.hasNext();) {
- String roleName = (String) iter.next();
+ protected void addUnmappedJSPPermissions(Set<String> securityRoles, Map<String, PermissionCollection> rolePermissions) {
+ for (String roleName : securityRoles) {
addPermissionToRole(roleName, new WebRoleRefPermission("", roleName), rolePermissions);
}
}
- protected ComponentPermissions buildSpecSecurityConfig(WebAppType webApp, Set securityRoles, Map rolePermissions) {
- Map uncheckedPatterns = new HashMap();
- Map uncheckedResourcePatterns = new HashMap();
- Map uncheckedUserPatterns = new HashMap();
- Map excludedPatterns = new HashMap();
- Map rolesPatterns = new HashMap();
- Set allSet = new HashSet(); // == allMap.values()
- Map allMap = new HashMap(); //uncheckedPatterns union excludedPatterns union rolesPatterns.
+ protected ComponentPermissions buildSpecSecurityConfig(WebAppType webApp, Set<String> securityRoles, Map<String, PermissionCollection> rolePermissions) {
+ Map<String, URLPattern> uncheckedPatterns = new HashMap<String, URLPattern>();
+ Map<UncheckedItem, HTTPMethods> uncheckedResourcePatterns = new HashMap<UncheckedItem, HTTPMethods>();
+ Map<UncheckedItem, HTTPMethods> uncheckedUserPatterns = new HashMap<UncheckedItem, HTTPMethods>();
+ Map<String, URLPattern> excludedPatterns = new HashMap<String, URLPattern>();
+ Map<String, URLPattern> rolesPatterns = new HashMap<String, URLPattern>();
+ Set<URLPattern> allSet = new HashSet<URLPattern>(); // == allMap.values()
+ Map<String,URLPattern> allMap = new HashMap<String, URLPattern>(); //uncheckedPatterns union excludedPatterns union rolesPatterns.
SecurityConstraintType[] securityConstraintArray = webApp.getSecurityConstraintArray();
- for (int i = 0; i < securityConstraintArray.length; i++) {
- SecurityConstraintType securityConstraintType = securityConstraintArray[i];
- Map currentPatterns;
+ for (SecurityConstraintType securityConstraintType : securityConstraintArray) {
+ Map<String, URLPattern> currentPatterns;
if (securityConstraintType.isSetAuthConstraint()) {
if (securityConstraintType.getAuthConstraint().getRoleNameArray().length == 0) {
currentPatterns = excludedPatterns;
@@ -403,19 +401,17 @@
}
WebResourceCollectionType[] webResourceCollectionTypeArray = securityConstraintType.getWebResourceCollectionArray();
- for (int j = 0; j < webResourceCollectionTypeArray.length; j++) {
- WebResourceCollectionType webResourceCollectionType = webResourceCollectionTypeArray[j];
+ for (WebResourceCollectionType webResourceCollectionType : webResourceCollectionTypeArray) {
UrlPatternType[] urlPatternTypeArray = webResourceCollectionType.getUrlPatternArray();
- for (int k = 0; k < urlPatternTypeArray.length; k++) {
- UrlPatternType urlPatternType = urlPatternTypeArray[k];
+ for (UrlPatternType urlPatternType : urlPatternTypeArray) {
String url = urlPatternType.getStringValue().trim();
- URLPattern pattern = (URLPattern) currentPatterns.get(url);
+ URLPattern pattern = currentPatterns.get(url);
if (pattern == null) {
pattern = new URLPattern(url);
currentPatterns.put(url, pattern);
}
- URLPattern allPattern = (URLPattern) allMap.get(url);
+ URLPattern allPattern = allMap.get(url);
if (allPattern == null) {
allPattern = new URLPattern(url);
allSet.add(allPattern);
@@ -427,9 +423,8 @@
pattern.addMethod("");
allPattern.addMethod("");
} else {
- for (int l = 0; l < httpMethodTypeArray.length; l++) {
- //TODO is trim OK?
- String method = (httpMethodTypeArray[l]==null?null:httpMethodTypeArray[l].trim());
+ for (String aHttpMethodTypeArray : httpMethodTypeArray) {
+ String method = (aHttpMethodTypeArray == null ? null : aHttpMethodTypeArray.trim());
if (method != null) {
pattern.addMethod(method);
allPattern.addMethod(method);
@@ -438,8 +433,7 @@
}
if (currentPatterns == rolesPatterns) {
RoleNameType[] roleNameTypeArray = securityConstraintType.getAuthConstraint().getRoleNameArray();
- for (int l = 0; l < roleNameTypeArray.length; l++) {
- RoleNameType roleNameType = roleNameTypeArray[l];
+ for (RoleNameType roleNameType : roleNameTypeArray) {
String role = roleNameType.getStringValue().trim();
if (role.equals("*")) {
pattern.addAllRoles(securityRoles);
@@ -457,9 +451,7 @@
PermissionCollection excludedPermissions = new Permissions();
PermissionCollection uncheckedPermissions = new Permissions();
- Iterator iter = excludedPatterns.keySet().iterator();
- while (iter.hasNext()) {
- URLPattern pattern = (URLPattern) excludedPatterns.get(iter.next());
+ for (URLPattern pattern : excludedPatterns.values()) {
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethods();
@@ -467,44 +459,28 @@
excludedPermissions.add(new WebUserDataPermission(name, actions));
}
- iter = rolesPatterns.keySet().iterator();
- while (iter.hasNext()) {
- URLPattern pattern = (URLPattern) rolesPatterns.get(iter.next());
+ for (URLPattern pattern : rolesPatterns.values()) {
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethods();
WebResourcePermission permission = new WebResourcePermission(name, actions);
- for (Iterator names = pattern.getRoles().iterator(); names.hasNext();) {
- String roleName = (String) names.next();
+ for (String roleName : pattern.getRoles()) {
addPermissionToRole(roleName, permission, rolePermissions);
}
- }
-
- iter = uncheckedPatterns.keySet().iterator();
- while (iter.hasNext()) {
- URLPattern pattern = (URLPattern) uncheckedPatterns.get(iter.next());
- String name = pattern.getQualifiedPattern(allSet);
- String actions = pattern.getMethods();
+ HTTPMethods methods = pattern.getHTTPMethods();
+ int transportType = pattern.getTransport();
- addOrUpdatePattern(uncheckedResourcePatterns, name, actions);
+ addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
}
- iter = rolesPatterns.keySet().iterator();
- while (iter.hasNext()) {
- URLPattern pattern = (URLPattern) rolesPatterns.get(iter.next());
+ for (URLPattern pattern : uncheckedPatterns.values()) {
String name = pattern.getQualifiedPattern(allSet);
- String actions = pattern.getMethodsWithTransport();
-
- addOrUpdatePattern(uncheckedUserPatterns, name, actions);
- }
+ HTTPMethods methods = pattern.getHTTPMethods();
- iter = uncheckedPatterns.keySet().iterator();
- while (iter.hasNext()) {
- URLPattern pattern = (URLPattern) uncheckedPatterns.get(iter.next());
- String name = pattern.getQualifiedPattern(allSet);
- String actions = pattern.getMethodsWithTransport();
+ addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
- addOrUpdatePattern(uncheckedUserPatterns, name, actions);
+ int transportType = pattern.getTransport();
+ addOrUpdatePattern(uncheckedUserPatterns, name, methods, transportType);
}
/**
@@ -516,42 +492,38 @@
* The resulting permissions that must be added to the unchecked policy statements by calling the
* <code>addToUncheckedPolcy</code> method on the <code>PolicyConfiguration</code> object.
*/
- iter = allSet.iterator();
- while (iter.hasNext()) {
- URLPattern pattern = (URLPattern) iter.next();
+ for (URLPattern pattern : allSet) {
String name = pattern.getQualifiedPattern(allSet);
- String actions = pattern.getComplementedMethods();
+ HTTPMethods methods = pattern.getComplementedHTTPMethods();
- if (actions.length() == 0) {
+ if (methods.isNone()) {
continue;
}
- addOrUpdatePattern(uncheckedResourcePatterns, name, actions);
- addOrUpdatePattern(uncheckedUserPatterns, name, actions);
+ addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
+ addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
}
URLPattern pattern = new URLPattern("/");
if (!allSet.contains(pattern)) {
String name = pattern.getQualifiedPattern(allSet);
- String actions = pattern.getComplementedMethods();
+ HTTPMethods methods = pattern.getComplementedHTTPMethods();
- addOrUpdatePattern(uncheckedResourcePatterns, name, actions);
- addOrUpdatePattern(uncheckedUserPatterns, name, actions);
+ addOrUpdatePattern(uncheckedResourcePatterns, name, methods, URLPattern.NA);
+ addOrUpdatePattern(uncheckedUserPatterns, name, methods, URLPattern.NA);
}
//Create the uncheckedPermissions for WebResourcePermissions
- iter = uncheckedResourcePatterns.keySet().iterator();
- while (iter.hasNext()) {
- UncheckedItem item = (UncheckedItem) iter.next();
- String actions = (String) uncheckedResourcePatterns.get(item);
+ for (UncheckedItem item : uncheckedResourcePatterns.keySet()) {
+ HTTPMethods methods = uncheckedResourcePatterns.get(item);
+ String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());
uncheckedPermissions.add(new WebResourcePermission(item.getName(), actions));
}
//Create the uncheckedPermissions for WebUserDataPermissions
- iter = uncheckedUserPatterns.keySet().iterator();
- while (iter.hasNext()) {
- UncheckedItem item = (UncheckedItem) iter.next();
- String actions = (String) uncheckedUserPatterns.get(item);
+ for (UncheckedItem item : uncheckedUserPatterns.keySet()) {
+ HTTPMethods methods = uncheckedUserPatterns.get(item);
+ String actions = URLPattern.getMethodsWithTransport(methods, item.getTransportType());
uncheckedPermissions.add(new WebUserDataPermission(item.getName(), actions));
}
@@ -560,8 +532,8 @@
}
- protected void addPermissionToRole(String roleName, Permission permission, Map rolePermissions) {
- PermissionCollection permissionsForRole = (PermissionCollection) rolePermissions.get(roleName);
+ protected void addPermissionToRole(String roleName, Permission permission, Map<String, PermissionCollection> rolePermissions) {
+ PermissionCollection permissionsForRole = rolePermissions.get(roleName);
if (permissionsForRole == null) {
permissionsForRole = new Permissions();
rolePermissions.put(roleName, permissionsForRole);
@@ -569,23 +541,23 @@
permissionsForRole.add(permission);
}
- private void addOrUpdatePattern(Map patternMap, String name, String actions) {
- UncheckedItem item = new UncheckedItem(name, actions);
- String existingActions = (String) patternMap.get(item);
+ private void addOrUpdatePattern(Map<UncheckedItem, HTTPMethods> patternMap, String name, HTTPMethods actions, int transportType) {
+ UncheckedItem item = new UncheckedItem(name, transportType);
+ HTTPMethods existingActions = patternMap.get(item);
if (existingActions != null) {
- patternMap.put(item, actions + "," + existingActions);
+ patternMap.put(item, existingActions.add(actions));
return;
}
- patternMap.put(item, actions);
+ patternMap.put(item, new HTTPMethods(actions, false));
}
- protected static Set collectRoleNames(WebAppType webApp) {
- Set roleNames = new HashSet();
+ protected static Set<String> collectRoleNames(WebAppType webApp) {
+ Set<String> roleNames = new HashSet<String>();
SecurityRoleType[] securityRoles = webApp.getSecurityRoleArray();
- for (int i = 0; i < securityRoles.length; i++) {
- roleNames.add(securityRoles[i].getRoleName().getStringValue().trim());
+ for (SecurityRoleType securityRole : securityRoles) {
+ roleNames.add(securityRole.getRoleName().getStringValue().trim());
}
return roleNames;
@@ -599,28 +571,28 @@
private static void checkURLPattern(WebAppType webApp) throws DeploymentException {
FilterMappingType[] filterMappings = webApp.getFilterMappingArray();
- for (int i = 0; i < filterMappings.length; i++) {
- UrlPatternType[] urlPatterns = filterMappings[i].getUrlPatternArray();
- for (int j=0; (urlPatterns != null) && (j < urlPatterns.length); j++) {
+ for (FilterMappingType filterMapping : filterMappings) {
+ UrlPatternType[] urlPatterns = filterMapping.getUrlPatternArray();
+ for (int j = 0; (urlPatterns != null) && (j < urlPatterns.length); j++) {
checkString(urlPatterns[j].getStringValue().trim());
}
}
ServletMappingType[] servletMappings = webApp.getServletMappingArray();
- for (int i = 0; i < servletMappings.length; i++) {
- UrlPatternType[] urlPatterns = servletMappings[i].getUrlPatternArray();
- for (int j=0; (urlPatterns != null) && (j < urlPatterns.length); j++) {
+ for (ServletMappingType servletMapping : servletMappings) {
+ UrlPatternType[] urlPatterns = servletMapping.getUrlPatternArray();
+ for (int j = 0; (urlPatterns != null) && (j < urlPatterns.length); j++) {
checkString(urlPatterns[j].getStringValue().trim());
}
}
SecurityConstraintType[] constraints = webApp.getSecurityConstraintArray();
- for (int i = 0; i < constraints.length; i++) {
- WebResourceCollectionType[] collections = constraints[i].getWebResourceCollectionArray();
- for (int j = 0; j < collections.length; j++) {
- UrlPatternType[] patterns = collections[j].getUrlPatternArray();
- for (int k = 0; k < patterns.length; k++) {
- checkString(patterns[k].getStringValue().trim());
+ for (SecurityConstraintType constraint : constraints) {
+ WebResourceCollectionType[] collections = constraint.getWebResourceCollectionArray();
+ for (WebResourceCollectionType collection : collections) {
+ UrlPatternType[] patterns = collection.getUrlPatternArray();
+ for (UrlPatternType pattern : patterns) {
+ checkString(pattern.getStringValue().trim());
}
}
}
@@ -640,7 +612,7 @@
private boolean cleanupConfigurationDir(File configurationDir)
{
- LinkedList cannotBeDeletedList = new LinkedList();
+ LinkedList<String> cannotBeDeletedList = new LinkedList<String>();
if (!DeploymentUtil.recursiveDelete(configurationDir,cannotBeDeletedList)) {
// Output a message to help user track down file problem
@@ -654,13 +626,12 @@
return true;
}
- protected void processRoleRefPermissions(ServletType servletType, Set securityRoles, Map rolePermissions) {
+ protected void processRoleRefPermissions(ServletType servletType, Set<String> securityRoles, Map<String, PermissionCollection> rolePermissions) {
String servletName = servletType.getServletName().getStringValue().trim();
//WebRoleRefPermissions
SecurityRoleRefType[] securityRoleRefTypeArray = servletType.getSecurityRoleRefArray();
- Set unmappedRoles = new HashSet(securityRoles);
- for (int j = 0; j < securityRoleRefTypeArray.length; j++) {
- SecurityRoleRefType securityRoleRefType = securityRoleRefTypeArray[j];
+ Set<String> unmappedRoles = new HashSet<String>(securityRoles);
+ for (SecurityRoleRefType securityRoleRefType : securityRoleRefTypeArray) {
String roleName = securityRoleRefType.getRoleName().getStringValue().trim();
String roleLink = securityRoleRefType.getRoleLink().getStringValue().trim();
//jacc 3.1.3.2
@@ -674,8 +645,7 @@
addPermissionToRole(roleLink, new WebRoleRefPermission(servletName, roleName), rolePermissions);
unmappedRoles.remove(roleName);
}
- for (Iterator iterator = unmappedRoles.iterator(); iterator.hasNext();) {
- String roleName = (String) iterator.next();
+ for (String roleName : unmappedRoles) {
addPermissionToRole(roleName, new WebRoleRefPermission(servletName, roleName), rolePermissions);
}
// servletData.setAttribute("webRoleRefPermissions", webRoleRefPermissions);
@@ -698,22 +668,19 @@
private int transportType = NA;
private String name;
- public UncheckedItem(String name, String actions) {
+ public UncheckedItem(String name, int transportType) {
setName(name);
- setTransportType(actions);
+ setTransportType(transportType);
}
public boolean equals(Object o) {
UncheckedItem item = (UncheckedItem) o;
- return item.getKey().equals(this.getKey());
+ return item.transportType == transportType && item.name.equals(this.name);
}
- public String getKey() {
- return (name + transportType);
- }
public int hashCode() {
- return getKey().hashCode();
+ return name.hashCode() + transportType;
}
public String getName() {
@@ -728,15 +695,8 @@
return transportType;
}
- public void setTransportType(String actions) {
- String[] tokens = actions.split(":", 2);
- if (tokens.length == 2) {
- if (tokens[1].equals("INTEGRAL")) {
- this.transportType = INTEGRAL;
- } else if (tokens[1].equals("CONFIDENTIAL")) {
- this.transportType = CONFIDENTIAL;
- }
- }
+ public void setTransportType(int transportType) {
+ this.transportType = transportType;
}
}
}