View Javadoc

1   // ========================================================================
2   // Copyright 200-2004 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // Licensed under the Apache License, Version 2.0 (the "License");
5   // you may not use this file except in compliance with the License.
6   // You may obtain a copy of the License at 
7   // http://www.apache.org/licenses/LICENSE-2.0
8   // Unless required by applicable law or agreed to in writing, software
9   // distributed under the License is distributed on an "AS IS" BASIS,
10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11  // See the License for the specific language governing permissions and
12  // limitations under the License.
13  // ========================================================================
14  
15  package org.mortbay.jetty.security;
16  
17  import java.io.Serializable;
18  import java.util.Arrays;
19  
20  
21  /* ------------------------------------------------------------ */
22  /** Describe an auth and/or data constraint. 
23   *
24   * @author Greg Wilkins (gregw)
25   */
26  public class Constraint implements Cloneable, Serializable
27  {
28      /* ------------------------------------------------------------ */
29      public final static String __BASIC_AUTH= "BASIC";
30      public final static String __FORM_AUTH= "FORM";
31      public final static String __DIGEST_AUTH= "DIGEST";
32      public final static String __CERT_AUTH= "CLIENT_CERT";
33      public final static String __CERT_AUTH2= "CLIENT-CERT";
34  
35      /* ------------------------------------------------------------ */
36      public final static int DC_UNSET= -1, DC_NONE= 0, DC_INTEGRAL= 1, DC_CONFIDENTIAL= 2;
37  
38      /* ------------------------------------------------------------ */
39      public final static String NONE= "NONE";
40      public final static String ANY_ROLE= "*";
41  
42      /* ------------------------------------------------------------ */
43      private String _name;
44      private String[] _roles;
45      private int _dataConstraint= DC_UNSET;
46      private boolean _anyRole= false;
47      private boolean _authenticate= false;
48  
49      /* ------------------------------------------------------------ */
50      /** Constructor. 
51       */
52      public Constraint()
53      {}
54  
55      /* ------------------------------------------------------------ */
56      /** Conveniance Constructor. 
57       * @param name 
58       * @param role 
59       */
60      public Constraint(String name, String role)
61      {
62          setName(name);
63          setRoles(new String[]{role});
64      }
65  
66      /* ------------------------------------------------------------ */
67      public Object clone() throws CloneNotSupportedException
68      {
69          return super.clone();
70      }
71      
72      /* ------------------------------------------------------------ */
73      /**
74       * @param name 
75       */
76      public void setName(String name)
77      {
78          _name= name;
79      }
80      
81      /* ------------------------------------------------------------ */
82      public void setRoles(String[] roles)
83      {
84          _roles=roles;
85          _anyRole=false;
86          if (roles!=null)
87          for (int i=roles.length;!_anyRole&& i-->0;)
88              _anyRole=ANY_ROLE.equals(roles[i]);
89      }
90  
91      /* ------------------------------------------------------------ */
92      /** 
93       * @return True if any user role is permitted.
94       */
95      public boolean isAnyRole()
96      {
97          return _anyRole;
98      }
99  
100     /* ------------------------------------------------------------ */
101     /** 
102      * @return List of roles for this constraint.
103      */
104     public String[] getRoles()
105     {
106         return _roles;
107     }
108 
109     /* ------------------------------------------------------------ */
110     /** 
111      * @param role 
112      * @return True if the constraint contains the role.
113      */
114     public boolean hasRole(String role)
115     {
116         if (_anyRole)
117             return true;
118         if (_roles!=null)
119             for (int i=_roles.length;i-->0;)
120                 if (role.equals(_roles[i]))
121                     return true;
122         return false;
123     }
124 
125     /* ------------------------------------------------------------ */
126     /** 
127      * @param authenticate True if users must be authenticated 
128      */
129     public void setAuthenticate(boolean authenticate)
130     {
131         _authenticate= authenticate;
132     }
133 
134     /* ------------------------------------------------------------ */
135     /** 
136      * @return True if the constraint requires request authentication
137      */
138     public boolean getAuthenticate()
139     {
140         return _authenticate;
141     }
142 
143     /* ------------------------------------------------------------ */
144     /** 
145      * @return True if authentication required but no roles set
146      */
147     public boolean isForbidden()
148     {
149         return _authenticate && !_anyRole && (_roles==null || _roles.length == 0);
150     }
151 
152     /* ------------------------------------------------------------ */
153     /** 
154      * @param c Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL & 2=DC_CONFIDENTIAL
155      */
156     public void setDataConstraint(int c)
157     {
158         if (c < 0 || c > DC_CONFIDENTIAL)
159             throw new IllegalArgumentException("Constraint out of range");
160         _dataConstraint= c;
161     }
162 
163     /* ------------------------------------------------------------ */
164     /** 
165      * @return Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL & 2=DC_CONFIDENTIAL
166      */
167     public int getDataConstraint()
168     {
169         return _dataConstraint;
170     }
171 
172     /* ------------------------------------------------------------ */
173     /** 
174      * @return True if a data constraint has been set.
175      */
176     public boolean hasDataConstraint()
177     {
178         return _dataConstraint >= DC_NONE;
179     }
180 
181     /* ------------------------------------------------------------ */
182     public String toString()
183     {
184         return "SC{"
185             + _name
186             + ","
187             + (_anyRole ? "*" : (_roles == null ? "-" : Arrays.asList(_roles).toString()))
188             + ","
189             + (_dataConstraint == DC_UNSET ? "DC_UNSET}":
190                (_dataConstraint == DC_NONE
191                 ? "NONE}"
192                 : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
193     }
194 
195     
196 }