Apache Tomcat 7.0.28

org.apache.catalina.deploy
Class SecurityConstraint

java.lang.Object
  extended by org.apache.catalina.deploy.SecurityConstraint
All Implemented Interfaces:
Serializable

public class SecurityConstraint
extends Object
implements Serializable

Representation of a security constraint element for a web application, as represented in a <security-constraint> element in the deployment descriptor.

WARNING: It is assumed that instances of this class will be created and modified only within the context of a single thread, before the instance is made visible to the remainder of the application. After that, only read access is expected. Therefore, none of the read and write access within this class is synchronized.

Version:
$Id: SecurityConstraint.java 939305 2010-04-29 13:43:39Z kkolinko $
Author:
Craig R. McClanahan
See Also:
Serialized Form

Constructor Summary
SecurityConstraint()
          Construct a new security constraint instance with default values.
 
Method Summary
 void addAuthRole(String authRole)
          Add an authorization role, which is a role name that will be permitted access to the resources protected by this security constraint.
 void addCollection(SecurityCollection collection)
          Add a new web resource collection to those protected by this security constraint.
static SecurityConstraint[] createConstraints(ServletSecurityElement element, String urlPattern)
          Convert a ServletSecurityElement to an array of SecurityConstraint(s).
 boolean findAuthRole(String role)
          Return true if the specified role is permitted access to the resources protected by this security constraint.
 String[] findAuthRoles()
          Return the set of roles that are permitted access to the resources protected by this security constraint.
 SecurityCollection findCollection(String name)
          Return the web resource collection for the specified name, if any; otherwise, return null.
 SecurityCollection[] findCollections()
          Return all of the web resource collections protected by this security constraint.
 boolean getAllRoles()
          Was the "all roles" wildcard included in this authentication constraint?
 boolean getAuthConstraint()
          Return the authorization constraint present flag for this security constraint.
 String getDisplayName()
          Return the display name of this security constraint.
 String getUserConstraint()
          Return the user data constraint for this security constraint.
 boolean included(String uri, String method)
          Return true if the specified context-relative URI (and associated HTTP method) are protected by this security constraint.
 void removeAuthRole(String authRole)
          Remove the specified role from the set of roles permitted to access the resources protected by this security constraint.
 void removeCollection(SecurityCollection collection)
          Remove the specified web resource collection from those protected by this security constraint.
 void setAuthConstraint(boolean authConstraint)
          Set the authorization constraint present flag for this security constraint.
 void setDisplayName(String displayName)
          Set the display name of this security constraint.
 void setUserConstraint(String userConstraint)
          Set the user data constraint for this security constraint.
 String toString()
          Return a String representation of this security constraint.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

SecurityConstraint

public SecurityConstraint()
Construct a new security constraint instance with default values.

Method Detail

getAllRoles

public boolean getAllRoles()
Was the "all roles" wildcard included in this authentication constraint?


getAuthConstraint

public boolean getAuthConstraint()
Return the authorization constraint present flag for this security constraint.


setAuthConstraint

public void setAuthConstraint(boolean authConstraint)
Set the authorization constraint present flag for this security constraint.


getDisplayName

public String getDisplayName()
Return the display name of this security constraint.


setDisplayName

public void setDisplayName(String displayName)
Set the display name of this security constraint.


getUserConstraint

public String getUserConstraint()
Return the user data constraint for this security constraint.


setUserConstraint

public void setUserConstraint(String userConstraint)
Set the user data constraint for this security constraint.

Parameters:
userConstraint - The new user data constraint

addAuthRole

public void addAuthRole(String authRole)
Add an authorization role, which is a role name that will be permitted access to the resources protected by this security constraint.

Parameters:
authRole - Role name to be added

addCollection

public void addCollection(SecurityCollection collection)
Add a new web resource collection to those protected by this security constraint.

Parameters:
collection - The new web resource collection

findAuthRole

public boolean findAuthRole(String role)
Return true if the specified role is permitted access to the resources protected by this security constraint.

Parameters:
role - Role name to be checked

findAuthRoles

public String[] findAuthRoles()
Return the set of roles that are permitted access to the resources protected by this security constraint. If none have been defined, a zero-length array is returned (which implies that all authenticated users are permitted access).


findCollection

public SecurityCollection findCollection(String name)
Return the web resource collection for the specified name, if any; otherwise, return null.

Parameters:
name - Web resource collection name to return

findCollections

public SecurityCollection[] findCollections()
Return all of the web resource collections protected by this security constraint. If there are none, a zero-length array is returned.


included

public boolean included(String uri,
                        String method)
Return true if the specified context-relative URI (and associated HTTP method) are protected by this security constraint.

Parameters:
uri - Context-relative URI to check
method - Request method being used

removeAuthRole

public void removeAuthRole(String authRole)
Remove the specified role from the set of roles permitted to access the resources protected by this security constraint.

Parameters:
authRole - Role name to be removed

removeCollection

public void removeCollection(SecurityCollection collection)
Remove the specified web resource collection from those protected by this security constraint.

Parameters:
collection - Web resource collection to be removed

toString

public String toString()
Return a String representation of this security constraint.

Overrides:
toString in class Object

createConstraints

public static SecurityConstraint[] createConstraints(ServletSecurityElement element,
                                                     String urlPattern)
Convert a ServletSecurityElement to an array of SecurityConstraint(s).

Parameters:
element - The element to be converted
urlPattern - The url pattern that the element should be applied to
Returns:
The (possibly zero length) array of constraints that are the equivalent to the input

Apache Tomcat 7.0.28

Copyright © 2000-2012 Apache Software Foundation. All Rights Reserved.