|
From: Christopher S. <chr...@us...> - 2007-11-07 17:27:30
|
Update of /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/config In directory sc8-pr-cvs8.sourceforge.net:/tmp/cvs-serv30079/src/share/org/securityfilter/config Modified Files: SecurityConfig.java SecurityConstraint.java Added Files: UserDataConstraint.java Log Message: Added support for <user-data-constraint>, specifically <transport-guarantee>. --- NEW FILE: UserDataConstraint.java --- /* * $Header: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/config/UserDataConstraint.java,v 1.1 2007/11/07 17:22:38 chris_schultz Exp $ * $Revision: 1.1 $ * $Date: 2007/11/07 17:22:38 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 * * (this license is derived and fully compatible with the Apache Software * License - see http://www.apache.org/LICENSE.txt) * * Copyright (c) 2007 SecurityFilter.org. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, * if any, must include the following acknowledgment: * "This product includes software developed by * SecurityFilter.org (http://www.securityfilter.org/)." * Alternately, this acknowledgment may appear in the software itself, * if and wherever such third-party acknowledgments normally appear. * * 4. The name "SecurityFilter" must not be used to endorse or promote * products derived from this software without prior written permission. * For written permission, please contact li...@se... . * * 5. Products derived from this software may not be called "SecurityFilter", * nor may "SecurityFilter" appear in their name, without prior written * permission of SecurityFilter.org. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE SECURITY FILTER PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== */ package org.securityfilter.config; /** * UserDataConstraint models the <user-data-constraint> element * in a web application's deployment descriptor. * * <pre> * <user-data-constraint> * <description^gt;This is the user data constraint.</description> * <transport-guarantee> * <i><code>NONE</code> * or <code>INTEGRAL</code> * or <code>CONFIDENTIAL</code></i> * </transport-guarantee^gt; * >/user-data-constraint> * </pre> * * @author Chris Schultz (ch...@ch...) * @version $Revision: 1.1 $ $Date: 2007/11/07 17:22:38 $ */ public class UserDataConstraint { /** * Constant for transport guarantee that indicates no guarantees. * * @see #setTransportGuarantee(String) */ public static final String TRANSPORT_GUARANTEE_NONE = "NONE"; /** * Constant for transport guarantee that indicates data sent between * the client and server are sent in such a way that they cannot be changed * in transit. * * @see #setTransportGuarantee(String) */ public static final String TRANSPORT_GUARANTEE_INTEGRAL = "INTEGRAL"; /** * Constant for transport guarantee that indicates data sent between * the client and server are sent in such a way that they cannot be * observed by third-parties while in transit. * * @see #setTransportGuarantee(String) */ public static final String TRANSPORT_GUARANTEE_CONFIDENTIAL = "CONFIDENTIAL"; /** * The transport-guarantee for this UserDataConstraint. */ private String _transportGuarantee = TRANSPORT_GUARANTEE_NONE; public UserDataConstraint() { } /** * Sets the transport-guarantee required by this UserDataConstraint. * * @param guarantee Valid values (case sensitive) are <code>NONE</code>, * <code>INTEGRAL</code>, and <code>CONFIDENTIAL</code>. * * @throws IllegalArgumentException If <code>guarantee</code> is neither * <code>NONE</code> nor <code>INTEGRAL</code> * nor <code>CONFIDENTIAL</code>. * * @see #getTransportGuarantee() * @see #TRANSPORT_GUARANTEE_NONE * @see #TRANSPORT_GUARANTEE_INTEGRAL * @see #TRANSPORT_GUARANTEE_CONFIDENTIAL */ public void setTransportGuarantee(String guarantee) throws IllegalArgumentException { if(null == guarantee) { _transportGuarantee = null; } else { guarantee = guarantee.trim(); if(!(TRANSPORT_GUARANTEE_NONE.equals(guarantee) || TRANSPORT_GUARANTEE_INTEGRAL.equals(guarantee) || TRANSPORT_GUARANTEE_CONFIDENTIAL.equals(guarantee))) throw new IllegalArgumentException("Unknown transport guarantee: " + guarantee); _transportGuarantee = guarantee; } } /** * Returns the transport guarantee for this UserDataConstraint. * * @see #setTransportGuarantee */ public String getTransportGuarantee() { return _transportGuarantee; } } // ---------------------------------------------------------------------------- // EOF Index: SecurityConstraint.java =================================================================== RCS file: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/config/SecurityConstraint.java,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** SecurityConstraint.java 26 Jan 2004 09:29:56 -0000 1.6 --- SecurityConstraint.java 7 Nov 2007 17:22:38 -0000 1.7 *************** *** 59,66 **** /** ! * SecurityConstraint * * @author Max Cooper (ma...@ma...) * @author Torgeir Veimo (to...@po...) * @version $Revision$ $Date$ */ --- 59,69 ---- /** ! * SecurityConstraint models the <security-constraint> element ! * in a web application's deployment descriptor. * * @author Max Cooper (ma...@ma...) * @author Torgeir Veimo (to...@po...) + * @author Chris Schultz (ch...@ch...) + * * @version $Revision$ $Date$ */ *************** *** 68,71 **** --- 71,75 ---- private List resourceCollections; private AuthConstraint authConstraint = null; + private UserDataConstraint userDataConstraint; /** *************** *** 112,115 **** --- 116,140 ---- return authConstraint; } + + /** + * Sets the UserDataConstraint for this SecurityConstraint. + * + * @param userDataConstraint The UserDataConstraint. + */ + public void setUserDataConstraint(UserDataConstraint userDataConstraint) + { + this.userDataConstraint = userDataConstraint; + } + + /** + * Gets the UserDataConstraint for this SecurityConstraint. + * + * @return The UserDataConstraint for this SecurityConstraint, or + * <code>null</code> if none has been set. + */ + public UserDataConstraint getUserDataConstraint() + { + return userDataConstraint; + } } Index: SecurityConfig.java =================================================================== RCS file: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/config/SecurityConfig.java,v retrieving revision 1.17 retrieving revision 1.18 diff -C2 -d -r1.17 -r1.18 *** SecurityConfig.java 26 Jan 2004 10:54:38 -0000 1.17 --- SecurityConfig.java 7 Nov 2007 17:22:38 -0000 1.18 *************** *** 268,271 **** --- 268,277 ---- } + public void loadConfig(URL configURL) + throws IOException, SAXException + { + loadConfig(new InputSource(configURL.openStream())); + } + /** * Loads configuration from the specifued configURL. *************** *** 276,281 **** * @exception SAXException if the file has invalid xml syntax */ ! public void loadConfig(URL configURL) throws IOException, SAXException { ! securityConstraints = new ArrayList(); --- 282,288 ---- * @exception SAXException if the file has invalid xml syntax */ ! public void loadConfig(InputSource input) ! throws IOException, SAXException ! { securityConstraints = new ArrayList(); *************** *** 352,355 **** --- 359,378 ---- ); + // user-data-constraint + digester.addObjectCreate( + "securityfilter-config/security-constraint/user-data-constraint", + "org.securityfilter.config.UserDataConstraint" + ); + digester.addSetNext( + "securityfilter-config/security-constraint/user-data-constraint", + "setUserDataConstraint", + "org.securityfilter.config.UserDataConstraint" + ); + digester.addCallMethod( + "securityfilter-config/security-constraint/user-data-constraint/transport-guarantee", + "setTransportGuarantee", + 0 + ); + // web-resource-collection digester.addObjectCreate( *************** *** 373,377 **** ); - InputSource input = new InputSource(configURL.openStream()); digester.parse(input); } --- 396,399 ---- |
