javax.security.jacc
Class WebResourcePermission

java.lang.Object
  extended by java.security.Permission
      extended by javax.security.jacc.WebResourcePermission
All Implemented Interfaces:
java.io.Serializable, java.security.Guard

public final class WebResourcePermission
extends java.security.Permission
implements java.io.Serializable

Class for Servlet web resource permissions. A WebResourcePermission is a named permission and has actions.

The name of a WebResourcePermission (also referred to as the target name) identifies the Web resources to which the permission pertains.

Implementations of this class MAY implement newPermissionCollection or inherit its implementation from the super class.

Version:
%I% %E%
Author:
Ron Monzillo, Gary Ellison
See Also:
Permission, Serialized Form

Constructor Summary
WebResourcePermission(HttpServletRequest request)
          Creates a new WebResourcePermission from the HttpServletRequest object.
WebResourcePermission(java.lang.String name, java.lang.String actions)
          Creates a new WebResourcePermission with the specified name and actions.
WebResourcePermission(java.lang.String urlPatternSpec, java.lang.String[] HTTPMethods)
          Creates a new WebResourcePermission with name corresponding to the URLPatternSpec, and actions composed from the array of HTTP methods.
 
Method Summary
 boolean equals(java.lang.Object o)
          Checks two WebResourcePermission objects for equality.
 java.lang.String getActions()
          Returns a canonical String representation of the actions of this WebResourcePermission.
 int hashCode()
          Returns the hash code value for this WebResourcePermission.
 boolean implies(java.security.Permission permission)
          Determines if the argument Permission is "implied by" this WebResourcePermission.
 
Methods inherited from class java.security.Permission
checkGuard, getName, newPermissionCollection, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

WebResourcePermission

public WebResourcePermission(java.lang.String name,
                             java.lang.String actions)
Creates a new WebResourcePermission with the specified name and actions.

The name contains a URLPatternSpec that identifies the web resources to which the permissions applies. The syntax of a URLPatternSpec is as follows:


          URLPatternList ::= URLPattern | URLPatternList colon URLPattern

          URLPatternSpec ::= null | URLPattern | URLPattern colon URLPatternList

 

A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor. The empty string is an exact URLPattern, and may occur anywhere in a URLPatternSpec that an exact URLPattern may occur. The first URLPattern in a URLPatternSpec may be any of the pattern types, exact, path-prefix, extension, or default as defined in the Java Servlet Specification). When a URLPatternSpec includes a URLPatternList, the patterns of the URLPatternList identify the resources to which the permission does NOT apply and depend on the pattern type and value of the first pattern as follows:

The actions parameter contains a comma seperated list of HTTP methods. The syntax of the actions parameter is defined as follows:


          ExtensionMethod ::= any token as defined by RFC 2616
                    (that is, 1*[any CHAR except CTLs or separators])

          HTTPMethod ::= "GET" | "POST" | "PUT" | "DELETE" | "HEAD" |
                   "OPTIONS" | "TRACE" | ExtensionMethod
          
          HTTPMethodList ::= HTTPMethod | HTTPMethodList comma HTTPMethod
  
          HTTPMethodExceptionList ::= exclaimationPoint HTTPMethodList
 
          HTTPMethodSpec ::= null | HTTPMethodExceptionList | 
                   HTTPMethodList

 

If duplicates occur in the HTTPMethodSpec they must be eliminated by the permission constructor.

A null or empty string HTTPMethodSpec indicates that the permission applies to all HTTP methods at the resources identified by the URL pattern.

If the HTTPMethodSpec contains an HTTPMethodExceptionList (i.e., it begins with an exclaimationPoint), the permission pertains to all methods except those occuring in the exception list.

Parameters:
name - the URLPatternSpec that identifies the application specific web resources to which the permission pertains. All URLPatterns in the URLPatternSpec are relative to the context path of the deployed web application module, and the same URLPattern must not occur more than once in a URLPatternSpec. A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor. All colons occuring within the URLPattern elements of the URLPatternSpec must be represented in escaped encoding as defined in RFC 2396.

actions - identifies the HTTP methods to which the permission pertains. If the value passed through this parameter is null or the empty string, then the permission pertains to all the possible HTTP methods.

WebResourcePermission

public WebResourcePermission(java.lang.String urlPatternSpec,
                             java.lang.String[] HTTPMethods)
Creates a new WebResourcePermission with name corresponding to the URLPatternSpec, and actions composed from the array of HTTP methods.

Parameters:
urlPatternSpec - the URLPatternSpec that identifies the application specific web resources to which the permission pertains. All URLPatterns in the URLPatternSpec are relative to the context path of the deployed web application module, and the same URLPattern must not occur more than once in a URLPatternSpec. A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor. All colons occuring within the URLPattern elements of the URLPatternSpec must be represented in escaped encoding as defined in RFC 2396.

HTTPMethods - an array of strings each element of which contains the value of an HTTP method. If the value passed through this parameter is null or is an array with no elements, then the permission pertains to all the possible HTTP methods.

WebResourcePermission

public WebResourcePermission(HttpServletRequest request)
Creates a new WebResourcePermission from the HttpServletRequest object.

Parameters:
request - the HttpServletRequest object corresponding to the Servlet operation to which the permission pertains. The permission name is the substring of the requestURI (HttpServletRequest.getRequestURI()) that begins after the contextPath (HttpServletRequest.getContextPath()). When the substring operation yields the string "/", the permission is constructed with the empty string as its name. The permission's actions field is obtained from HttpServletRequest.getMethod(). The constructor must transform all colon characters occuring in the name to escaped encoding as defined in RFC 2396.
Method Detail

equals

public boolean equals(java.lang.Object o)
Checks two WebResourcePermission objects for equality. WebResourcePermission objects are equivalent if their URLPatternSpec and (canonicalized) actions values are equivalent. The URLPatternSpec of a reference permission is equivalent to that of an argument permission if their first patterns are equivalent, and the patterns of the URLPatternList of the reference permission collectively match exactly the same set of patterns as are matched by the patterns of the URLPatternList of the argument permission.

Two Permission objects, P1 and P2, are equivalent if and only if P1.implies(P2) && P2.implies(P1).

Specified by:
equals in class java.security.Permission
Parameters:
o - the WebResourcePermission object being tested for equality with this WebResourcePermission.

Returns:
true if the argument WebResourcePermission object is equivalent to this WebResourcePermission.

getActions

public java.lang.String getActions()
Returns a canonical String representation of the actions of this WebResourcePermission. In the canonical form, predefined methods preceed extension methods, and within each method classification the corresponding methods occur in ascending lexical order. There may be no duplicate HTTP methods in the canonical form, and the canonical form of the set of all HTTP methods is the value null.

Specified by:
getActions in class java.security.Permission
Returns:
a String containing the canonicalized actions of this WebResourcePermission (or the null value).

hashCode

public int hashCode()
Returns the hash code value for this WebResourcePermission. The properties of the returned hash code must be as follows:

Specified by:
hashCode in class java.security.Permission
Returns:
the integer hash code value for this object.

implies

public boolean implies(java.security.Permission permission)
Determines if the argument Permission is "implied by" this WebResourcePermission. For this to be the case, all of the following must be true:

URLPattern matching is performed using the Servlet matching rules where two URL patterns match if they are related as follows:

All of the comparisons described above are case sensitive.

Specified by:
implies in class java.security.Permission
Parameters:
permission - "this" WebResourcePermission is checked to see if it implies the argument permission.

Returns:
true if the specified permission is implied by this object, false if not.


Submit a bug or feature

Copyright © 2009-2011, Oracle Corporation and/or its affiliates. All Rights Reserved. Use is subject to license terms.

Generated on 10-February-2011 12:41