Class SecurityHandler.PathMapped
java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.server.Handler.Abstract
org.eclipse.jetty.server.Handler.AbstractContainer
org.eclipse.jetty.server.Handler.Wrapper
org.eclipse.jetty.security.SecurityHandler
org.eclipse.jetty.security.SecurityHandler.PathMapped
- All Implemented Interfaces:
Comparator<PathSpec>, Authenticator.Configuration, Handler, Handler.Container, Handler.Singleton, Request.Handler, Container, Destroyable, Dumpable, Dumpable.DumpableContainer, LifeCycle, Invocable
- Enclosing class:
SecurityHandler
public static class SecurityHandler.PathMapped
extends SecurityHandler
implements Comparator<PathSpec>
A concrete implementation of SecurityHandler that uses a PathMappings to
match request to a list of Constraints, which are applied in the order of
least significant to most significant.
An example of using this class is:
SecurityHandler.PathMapped handler = new SecurityHandler.PathMapped();
handler.put("/*", Constraint.combine(Constraint.FORBIDDEN, Constraint.SECURE_TRANSPORT);
handler.put("", Constraint.ALLOWED);
handler.put("/login", Constraint.ALLOWED);
handler.put("*.png", Constraint.ANY_TRANSPORT);
handler.put("/admin/*", Constraint.from("admin", "operator"));
handler.put("/admin/super/*", Constraint.from("operator"));
handler.put("/user/*", Constraint.ANY_USER);
handler.put("*.xml", Constraint.FORBIDDEN);
When getConstraint(String, Request) is called, any matching
constraints are sorted into least to most significant with
compare(PathSpec, PathSpec), resulting in the order in which
Constraint.combine(Constraint, Constraint) will be applied.
For example:
"/admin/index.html"matches"/*"and"/admin/*", resulting in a constraint ofConstraint.Authorization.SPECIFIC_ROLEandConstraint.Transport.SECURE."/admin/logo.png"matches"/*","/admin/*"and"*.png", resulting in a constraint ofConstraint.Authorization.SPECIFIC_ROLEandConstraint.Transport.ANY."/admin/config.xml"matches"/*","/admin/*"and"*.xml", resulting in a constraint ofConstraint.Authorization.FORBIDDENandConstraint.Transport.SECURE."/admin/super/index.html"matches"/*","/admin/*"and"/admin/super/*", resulting in a constraint ofConstraint.Authorization.SPECIFIC_ROLEandConstraint.Transport.SECURE.
-
Nested Class Summary
Nested classes/interfaces inherited from class SecurityHandler
SecurityHandler.NotChecked, SecurityHandler.PathMappedNested classes/interfaces inherited from class Handler.Abstract
Handler.Abstract.NonBlockingNested classes/interfaces inherited from class AbstractLifeCycle
AbstractLifeCycle.AbstractLifeCycleListener, AbstractLifeCycle.StopExceptionNested classes/interfaces inherited from interface Authenticator.Configuration
Authenticator.Configuration.WrapperNested classes/interfaces inherited from interface Container
Container.InheritedListener, Container.ListenerNested classes/interfaces inherited from interface Dumpable
Dumpable.DumpableContainerNested classes/interfaces inherited from interface Handler
Handler.Abstract, Handler.AbstractContainer, Handler.Collection, Handler.Container, Handler.Sequence, Handler.Singleton, Handler.WrapperNested classes/interfaces inherited from interface Invocable
Invocable.Callable, Invocable.InvocationType, Invocable.ReadyTask, Invocable.TaskNested classes/interfaces inherited from interface LifeCycle
LifeCycle.ListenerNested classes/interfaces inherited from interface Request.Handler
Request.Handler.AbortException -
Field Summary
Fields inherited from class SecurityHandler
SESSION_AUTHENTICATED_ATTRIBUTEFields inherited from interface Invocable
__nonBlocking, NOOP -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionintComparatormethod to sort paths from least specific to most specific.protected ConstraintgetConstraint(String pathInContext, Request request) protected intGet the relative precedence of aPathSpecGroupused bycompare(MappedResource, MappedResource)to sortConstraints.put(String pathSpec, Constraint constraint) put(PathSpec pathSpec, Constraint constraint) Methods inherited from class SecurityHandler
doStart, doStop, findIdentityService, findLoginService, getAuthenticationType, getAuthenticator, getAuthenticatorFactory, getCurrentSecurityHandler, getIdentityService, getKnownAuthenticatorFactories, getLoginService, getParameter, getParameterNames, getRealmName, getSessionMaxInactiveIntervalOnAuthentication, handle, isAuthorized, isSessionRenewedOnAuthentication, redirectToSecure, setAuthenticationType, setAuthenticator, setAuthenticatorFactory, setIdentityService, setLoginService, setParameter, setRealmName, setSessionMaxInactiveIntervalOnAuthentication, setSessionRenewedOnAuthenticationMethods inherited from class Handler.Wrapper
getHandler, getInvocationType, setHandlerMethods inherited from class Handler.AbstractContainer
findContainerOf, getDescendant, getDescendants, isDynamic, setDynamic, setServerMethods inherited from class Handler.Abstract
destroy, getServerMethods inherited from class ContainerLifeCycle
addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, installBean, installBean, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeansMethods inherited from class AbstractLifeCycle
getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toStringMethods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface Comparator
equals, reversed, thenComparing, thenComparing, thenComparing, thenComparingDouble, thenComparingInt, thenComparingLongMethods inherited from interface Container
getCachedBeans, getEventListenersMethods inherited from interface Destroyable
destroyMethods inherited from interface Dumpable.DumpableContainer
isDumpableMethods inherited from interface Handler.Container
getContainer, getDescendant, getDescendants, getDescendantsMethods inherited from interface Handler.Singleton
getHandlers, getTail, insertHandler, setHandlerMethods inherited from interface LifeCycle
addEventListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeEventListener, start, stop
-
Constructor Details
-
PathMapped
public PathMapped() -
PathMapped
-
-
Method Details
-
put
-
put
-
get
-
remove
-
getConstraint
- Specified by:
getConstraintin classSecurityHandler
-
compare
Comparatormethod to sort paths from least specific to most specific. Using thepathSpecGroupPrecedence(PathSpecGroup)to rank different groups andPathSpec.getSpecLength()to rank within a group. This method may be overridden to provide different precedence between constraints.- Specified by:
comparein interfaceComparator<PathSpec>- Parameters:
ps1- the firstPathSpecto be compared.ps2- the secondPathSpecto be compared.- Returns:
- -1, 0 or 1
-
pathSpecGroupPrecedence
Get the relative precedence of aPathSpecGroupused bycompare(MappedResource, MappedResource)to sortConstraints. The precedence from most significant to least is:- Parameters:
group- The group to rank.- Returns:
- An integer representing relative precedence between
PathSpecGroups.
-
getKnownRoles
- Overrides:
getKnownRolesin classSecurityHandler
-