org.cipango.server.security

Class ConstraintSecurityHandler

java.lang.Object

org.eclipse.jetty.util.component.AbstractLifeCycle

org.eclipse.jetty.util.component.ContainerLifeCycle

org.cipango.server.handler.AbstractSipHandler

org.cipango.server.handler.SipHandlerWrapper

org.cipango.server.security.SipSecurityHandler<RoleInfo>

org.cipango.server.security.ConstraintSecurityHandler

All Implemented Interfaces:

SipAuthenticator.AuthConfiguration, SipHandler, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.LifeCycle

public class ConstraintSecurityHandler
extends SipSecurityHandler<RoleInfo>

Nested Class Summary

Nested classes/interfaces inherited from class org.cipango.server.security.SipSecurityHandler

SipSecurityHandler.IdentityAssertionScheme

Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

org.eclipse.jetty.util.component.LifeCycle.Listener

Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

Field Summary

Fields inherited from class org.cipango.server.handler.SipHandlerWrapper

_handler

Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING

Constructor Summary

Constructors

Constructor and Description
ConstraintSecurityHandler()

Method Summary

Modifier and Type	Method and Description
void	addConstraintMapping(ConstraintMapping mapping)
void	addRole(java.lang.String role)
protected boolean	checkSipResourcePermissions(SipServletHolder holder, SipRequest request, RoleInfo constraintInfo, org.eclipse.jetty.server.UserIdentity userIdentity)
protected boolean	checkUserDataPermissions(SipServletHolder holder, SipRequest request, RoleInfo constraintInfo)
protected void	doStart()
protected void	doStop()
void	dump(java.lang.Appendable out, java.lang.String indent)
java.util.List<ConstraintMapping>	getConstraintMappings()
java.util.Set<java.lang.String>	getRoles()
protected boolean	isAuthMandatory(SipRequest baseRequest, RoleInfo constraintInfo)
protected boolean	isProxyMode(SipRequest baseRequest, RoleInfo constraintInfo)
boolean	isStrict() Get the strict mode.
protected RoleInfo	prepareConstraintInfo(SipServletHolder holder, SipRequest request)
protected void	processConstraintMapping(ConstraintMapping mapping)
void	setConstraintMappings(java.util.List<ConstraintMapping> constraintMappings) Process the constraints following the combining rules in Servlet 3.0 EA spec section 13.7.1 Note that much of the logic is in the RoleInfo class.
void	setConstraintMappings(java.util.List<ConstraintMapping> constraintMappings, java.util.Set<java.lang.String> roles) Process the constraints following the combining rules in Servlet 3.0 EA spec section 13.7.1 Note that much of the logic is in the RoleInfo class.
void	setRoles(java.util.Set<java.lang.String> roles) Set the known roles.
void	setStrict(boolean strict) Set the strict mode of the security handler.

Methods inherited from class org.cipango.server.security.SipSecurityHandler

findIdentityService, findLoginService, getAuthenticator, getAuthenticatorFactory, getAuthMethod, getIdentityAssertionScheme, getIdentityService, getInitParameter, getInitParameterNames, getLoginService, getRealmName, handle, isIdentityAssertionRequired, setAuthenticator, setAuthenticatorFactory, setAuthMethod, setIdentityAssertionRequired, setIdentityAssertionScheme, setIdentityService, setInitParameter, setLoginService, setRealmName

Methods inherited from class org.cipango.server.handler.SipHandlerWrapper

destroy, getHandler, setHandler, setServer

Methods inherited from class org.cipango.server.handler.AbstractSipHandler

getServer

Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

addBean, addBean, addBean, addEventListener, contains, dump, dump, dump, dump, dumpBeans, dumpObject, dumpStdErr, dumpThis, getBean, getBeans, getBeans, isManaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBeans

Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.cipango.server.SipHandler

getServer, setServer

Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

Constructor Detail

ConstraintSecurityHandler

public ConstraintSecurityHandler()

Method Detail

isStrict

public boolean isStrict()

Get the strict mode.

Returns:

true if the security handler is running in strict mode.

setStrict

public void setStrict(boolean strict)

Set the strict mode of the security handler.

When in strict mode (the default), the full servlet specification will be implemented. If not in strict mode, some additional flexibility in configuration is allowed:

• All users do not need to have a role defined in the deployment descriptor
• The * role in a constraint applies to ANY role rather than all roles defined in the deployment descriptor.

Parameters:

strict - the strict to set

See Also:

setRoles(Set), setConstraintMappings(List, Set)

getConstraintMappings

public java.util.List<ConstraintMapping> getConstraintMappings()

Returns:

Returns the constraintMappings.

getRoles

public java.util.Set<java.lang.String> getRoles()

setConstraintMappings

public void setConstraintMappings(java.util.List<ConstraintMapping> constraintMappings)

Process the constraints following the combining rules in Servlet 3.0 EA spec section 13.7.1 Note that much of the logic is in the RoleInfo class.

Parameters:

constraintMappings - The constraintMappings to set, from which the set of known roles is determined.

setConstraintMappings

public void setConstraintMappings(java.util.List<ConstraintMapping> constraintMappings,
                                  java.util.Set<java.lang.String> roles)

Process the constraints following the combining rules in Servlet 3.0 EA spec section 13.7.1 Note that much of the logic is in the RoleInfo class.

Parameters:

constraintMappings - The constraintMappings to set.

roles - The known roles (or null to determine them from the mappings)

setRoles

public void setRoles(java.util.Set<java.lang.String> roles)

Set the known roles. This may be overridden by a subsequent call to #setConstraintMappings(ConstraintMapping[]) or setConstraintMappings(List, Set).

Parameters:

roles - The known roles (or null to determine them from the mappings)

See Also:

setStrict(boolean)

addConstraintMapping

public void addConstraintMapping(ConstraintMapping mapping)

See Also:

ConstraintAware.addConstraintMapping(org.eclipse.jetty.security.ConstraintMapping)

addRole

public void addRole(java.lang.String role)

See Also:

ConstraintAware.addRole(java.lang.String)

doStart

protected void doStart()
                throws java.lang.Exception

Overrides:

doStart in class SipSecurityHandler<RoleInfo>

Throws:

java.lang.Exception

doStop

protected void doStop()
               throws java.lang.Exception

Overrides:

doStop in class SipSecurityHandler<RoleInfo>

Throws:

java.lang.Exception

prepareConstraintInfo

protected RoleInfo prepareConstraintInfo(SipServletHolder holder,
                                         SipRequest request)

Specified by:

prepareConstraintInfo in class SipSecurityHandler<RoleInfo>

checkUserDataPermissions

protected boolean checkUserDataPermissions(SipServletHolder holder,
                                           SipRequest request,
                                           RoleInfo constraintInfo)
                                    throws java.io.IOException

Specified by:

checkUserDataPermissions in class SipSecurityHandler<RoleInfo>

Throws:

java.io.IOException

isAuthMandatory

protected boolean isAuthMandatory(SipRequest baseRequest,
                                  RoleInfo constraintInfo)

Specified by:

isAuthMandatory in class SipSecurityHandler<RoleInfo>

checkSipResourcePermissions

protected boolean checkSipResourcePermissions(SipServletHolder holder,
                                              SipRequest request,
                                              RoleInfo constraintInfo,
                                              org.eclipse.jetty.server.UserIdentity userIdentity)
                                       throws java.io.IOException

Specified by:

checkSipResourcePermissions in class SipSecurityHandler<RoleInfo>

Throws:

java.io.IOException

isProxyMode

protected boolean isProxyMode(SipRequest baseRequest,
                              RoleInfo constraintInfo)

Specified by:

isProxyMode in class SipSecurityHandler<RoleInfo>

processConstraintMapping

protected void processConstraintMapping(ConstraintMapping mapping)

dump

public void dump(java.lang.Appendable out,
                 java.lang.String indent)
          throws java.io.IOException

Specified by:

dump in interface org.eclipse.jetty.util.component.Dumpable

Overrides:

dump in class org.eclipse.jetty.util.component.ContainerLifeCycle

Throws:

java.io.IOException