Example 1 with WebResourceCollection
use of com.sun.enterprise.deployment.web.WebResourceCollection in project Payara by payara.
the class WebResourceHTTPMethod method check.
/**
* The http-method element contains the name of web resource collection's HTTP
* method
*
* @param descriptor the Web deployment descriptor
* @return <code>Result</code> the results for this assertion
*/
public Result check(WebBundleDescriptor descriptor) {
Result result = getInitializedResult();
ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
if (descriptor.getSecurityConstraints().hasMoreElements()) {
boolean oneFailed = false;
boolean foundIt = false;
int na = 0;
int noSc = 0;
int naWRC = 0;
int noWRC = 0;
// get the http method's in this .war
for (Enumeration e = descriptor.getSecurityConstraints(); e.hasMoreElements(); ) {
foundIt = false;
noSc++;
SecurityConstraintImpl securityConstraintImpl = (SecurityConstraintImpl) e.nextElement();
if (!securityConstraintImpl.getWebResourceCollections().isEmpty()) {
for (WebResourceCollection webResourceCollection : securityConstraintImpl.getWebResourceCollections()) {
noWRC++;
if (!webResourceCollection.getHttpMethods().isEmpty()) {
for (String webRCHTTPMethod : webResourceCollection.getHttpMethods()) {
// valid methods are the following
if ((webRCHTTPMethod.equals("OPTIONS")) || (webRCHTTPMethod.equals("GET")) || (webRCHTTPMethod.equals("HEAD")) || (webRCHTTPMethod.equals("POST")) || (webRCHTTPMethod.equals("PUT")) || (webRCHTTPMethod.equals("DELETE")) || (webRCHTTPMethod.equals("TRACE")) || (webRCHTTPMethod.equals("CONNECT"))) {
foundIt = true;
} else {
foundIt = false;
}
if (foundIt) {
result.addGoodDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.addGoodDetails(smh.getLocalString(getClass().getName() + ".passed", "http-method [ {0} ] is valid HTTP method name within web resource collection [ {1} ] in web application [ {2} ]", new Object[] { webRCHTTPMethod, webResourceCollection.getName(), descriptor.getName() }));
} else {
if (!oneFailed) {
oneFailed = true;
}
result.addErrorDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.addErrorDetails(smh.getLocalString(getClass().getName() + ".failed", "Error: http-method [ {0} ] is not valid HTTP method name within web resource collection [ {1} ] in web application [ {2} ]", new Object[] { webRCHTTPMethod, webResourceCollection.getName(), descriptor.getName() }));
}
}
} else {
result.addNaDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.notApplicable(smh.getLocalString(getClass().getName() + ".notApplicable1", "There are no web http-methods in the web resource collection [ {0} ] within [ {1} ]", new Object[] { webResourceCollection.getName(), descriptor.getName() }));
naWRC++;
}
}
} else {
result.addNaDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.notApplicable(smh.getLocalString(getClass().getName() + ".notApplicable2", "There are no web web resource collections in the web security constraint within [ {0} ]", new Object[] { descriptor.getName() }));
na++;
}
}
if (oneFailed) {
result.setStatus(Result.FAILED);
} else if ((na == noSc) || (naWRC == noWRC)) {
result.setStatus(Result.NOT_APPLICABLE);
} else {
result.setStatus(Result.PASSED);
}
} else {
result.addNaDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.notApplicable(smh.getLocalString(getClass().getName() + ".notApplicable", "There are no http-method elements within the web archive [ {0} ]", new Object[] { descriptor.getName() }));
}
return result;
}
Also used :
WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection)
Enumeration(java.util.Enumeration)
SecurityConstraintImpl(org.glassfish.web.deployment.descriptor.SecurityConstraintImpl)
ComponentNameConstructor(com.sun.enterprise.tools.verifier.tests.ComponentNameConstructor)
Result(com.sun.enterprise.tools.verifier.Result)
Example 2 with WebResourceCollection
use of com.sun.enterprise.deployment.web.WebResourceCollection in project Payara by payara.
the class WebResourceName method check.
/**
* The web-resource-name element contains the name of this web resource
* collection
*
* @param descriptor the Web deployment descriptor
* @return <code>Result</code> the results for this assertion
*/
public Result check(WebBundleDescriptor descriptor) {
Result result = getInitializedResult();
ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
if (descriptor.getSecurityConstraints().hasMoreElements()) {
boolean oneFailed = false;
int na = 0;
int noSc = 0;
boolean foundIt = false;
// get the security constraint's in this .war
for (Enumeration e = descriptor.getSecurityConstraints(); e.hasMoreElements(); ) {
foundIt = false;
noSc++;
SecurityConstraintImpl securityConstraintImpl = (SecurityConstraintImpl) e.nextElement();
if (!securityConstraintImpl.getWebResourceCollections().isEmpty()) {
for (WebResourceCollection webResCollection : securityConstraintImpl.getWebResourceCollections()) {
String webRCName = webResCollection.getName();
// cannot be blank
if (webRCName.length() > 0) {
foundIt = true;
} else {
foundIt = false;
}
if (foundIt) {
result.addGoodDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.addGoodDetails(smh.getLocalString(getClass().getName() + ".passed", "web-resource-name [ {0} ] contains the name of this web resource collection within web application [ {1} ]", new Object[] { webRCName, descriptor.getName() }));
} else {
if (!oneFailed) {
oneFailed = true;
}
result.addErrorDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.addErrorDetails(smh.getLocalString(getClass().getName() + ".failed", "Error: web-resource-name [ {0} ] does not contain the name of this web resource collection within web application [ {1} ]", new Object[] { webRCName, descriptor.getName() }));
}
}
} else {
result.addNaDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.notApplicable(smh.getLocalString(getClass().getName() + ".notApplicable2", "There are no web web resource collections in the web security constraint within [ {0} ]", new Object[] { descriptor.getName() }));
na++;
}
}
if (oneFailed) {
result.setStatus(Result.FAILED);
} else if (na == noSc) {
result.setStatus(Result.NOT_APPLICABLE);
} else {
result.setStatus(Result.PASSED);
}
} else {
result.addNaDetails(smh.getLocalString("tests.componentNameConstructor", "For [ {0} ]", new Object[] { compName.toString() }));
result.notApplicable(smh.getLocalString(getClass().getName() + ".notApplicable", "There are no web-resource-name elements within the web archive [ {0} ]", new Object[] { descriptor.getName() }));
}
return result;
}
Also used :
WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection)
Enumeration(java.util.Enumeration)
SecurityConstraintImpl(org.glassfish.web.deployment.descriptor.SecurityConstraintImpl)
ComponentNameConstructor(com.sun.enterprise.tools.verifier.tests.ComponentNameConstructor)
Result(com.sun.enterprise.tools.verifier.Result)
Example 3 with WebResourceCollection
use of com.sun.enterprise.deployment.web.WebResourceCollection in project Payara by payara.
the class ServletSecurityHandler method processAnnotation.
private HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, WebComponentDescriptor webCompDesc) throws AnnotationProcessorException {
Class webCompClass = (Class) ainfo.getAnnotatedElement();
if (!HttpServlet.class.isAssignableFrom(webCompClass)) {
log(Level.SEVERE, ainfo, localStrings.getLocalString("web.deployment.annotation.handlers.needtoextend", "The Class {0} having annotation {1} need to be a derived class of {2}.", new Object[] { webCompClass.getName(), SecurityConstraint.class.getName(), HttpServlet.class.getName() }));
return getDefaultFailedResult();
}
Set<String> urlPatterns = getUrlPatternsWithoutSecurityConstraint(webCompDesc);
if (urlPatterns.size() > 0) {
WebBundleDescriptor webBundleDesc = webCompDesc.getWebBundleDescriptor();
ServletSecurity servletSecurityAn = (ServletSecurity) ainfo.getAnnotation();
HttpMethodConstraint[] httpMethodConstraints = servletSecurityAn.httpMethodConstraints();
for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
String httpMethod = httpMethodConstraint.value();
if (httpMethod == null || httpMethod.length() == 0) {
return getDefaultFailedResult();
}
createSecurityConstraint(webBundleDesc, urlPatterns, httpMethodConstraint.rolesAllowed(), httpMethodConstraint.emptyRoleSemantic(), httpMethodConstraint.transportGuarantee(), httpMethod);
}
HttpConstraint httpConstraint = servletSecurityAn.value();
boolean isDefault = isDefaultHttpConstraint(httpConstraint);
if (isDefault && (httpMethodConstraints.length > 0)) {
if (logger.isLoggable(Level.FINER)) {
StringBuilder methodString = new StringBuilder();
for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
methodString.append(" ");
methodString.append(httpMethodConstraint.value());
}
for (String pattern : urlPatterns) {
logger.finer("Pattern: " + pattern + " assumes default unprotected configuration for all methods except:" + methodString);
}
}
}
if (!isDefault || (httpMethodConstraints.length == 0)) {
SecurityConstraint securityConstraint = createSecurityConstraint(webBundleDesc, urlPatterns, httpConstraint.rolesAllowed(), httpConstraint.value(), httpConstraint.transportGuarantee(), null);
// we know there is one WebResourceCollection there
WebResourceCollection webResColl = securityConstraint.getWebResourceCollections().iterator().next();
for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
// exclude constrained httpMethod from the top level constraint
webResColl.addHttpMethodOmission(httpMethodConstraint.value());
}
}
}
return getDefaultProcessedResult();
}
Also used :
HttpConstraint(javax.servlet.annotation.HttpConstraint)
HttpMethodConstraint(javax.servlet.annotation.HttpMethodConstraint)
WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection)
HttpServlet(javax.servlet.http.HttpServlet)
ServletSecurity(javax.servlet.annotation.ServletSecurity)
SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint)
WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor)
Example 4 with WebResourceCollection
use of com.sun.enterprise.deployment.web.WebResourceCollection in project Payara by payara.
the class Audit method dumpDiagnostics.
/**
* Do the work for showACL().
*/
private static void dumpDiagnostics(Application app) {
logger.finest("====[ Role and ACL Summary ]==========");
if (!app.isVirtual()) {
logger.finest("Summary for application: " + app.getRegistrationName());
} else {
logger.finest("Standalone module.");
}
logger.finest("EJB components: " + getEjbComponentCount(app));
logger.finest("Web components: " + getWebComponentCount(app));
Iterator i;
StringBuffer sb;
// show all roles with associated group & user mappings
Set allRoles = app.getRoles();
if (allRoles == null) {
logger.finest("- No roles present.");
return;
}
SecurityRoleMapper rmap = app.getRoleMapper();
if (rmap == null) {
logger.finest("- No role mappings present.");
return;
}
i = allRoles.iterator();
logger.finest("--[ Configured roles and mappings ]--");
HashMap allRoleMap = new HashMap();
while (i.hasNext()) {
Role r = (Role) i.next();
logger.finest(" [" + r.getName() + "]");
allRoleMap.put(r.getName(), new HashSet());
sb = new StringBuffer();
sb.append(" is mapped to groups: ");
Enumeration grps = rmap.getGroupsAssignedTo(r);
while (grps.hasMoreElements()) {
sb.append(grps.nextElement());
sb.append(" ");
}
logger.finest(sb.toString());
sb = new StringBuffer();
sb.append(" is mapped to principals: ");
Enumeration users = rmap.getUsersAssignedTo(r);
while (users.hasMoreElements()) {
sb.append(users.nextElement());
sb.append(" ");
}
logger.finest(sb.toString());
}
// Process all EJB modules
Set ejbDescriptorSet = app.getBundleDescriptors(EjbBundleDescriptor.class);
i = ejbDescriptorSet.iterator();
while (i.hasNext()) {
EjbBundleDescriptor bundle = (EjbBundleDescriptor) i.next();
logger.finest("--[ EJB module: " + bundle.getName() + " ]--");
Set ejbs = bundle.getEjbs();
Iterator it = ejbs.iterator();
while (it.hasNext()) {
EjbDescriptor ejb = (EjbDescriptor) it.next();
logger.finest("EJB: " + ejb.getEjbClassName());
// check and show run-as if present
if (!ejb.getUsesCallerIdentity()) {
RunAsIdentityDescriptor runas = ejb.getRunAsIdentity();
if (runas == null) {
logger.finest(" (ejb does not use caller " + "identity)");
} else {
String role = runas.getRoleName();
String user = runas.getPrincipal();
logger.finest(" Will run-as: Role: " + role + " Principal: " + user);
if (role == null || "".equals(role) || user == null || "".equals(user)) {
if (logger.isLoggable(Level.FINEST)) {
logger.finest("*** Configuration error!");
}
}
}
}
// iterate through available methods
logger.finest(" Method to Role restriction list:");
Set methods = ejb.getMethodDescriptors();
Iterator si = methods.iterator();
while (si.hasNext()) {
MethodDescriptor md = (MethodDescriptor) si.next();
logger.finest(" " + md.getFormattedString());
Set perms = ejb.getMethodPermissionsFor(md);
StringBuffer rbuf = new StringBuffer();
rbuf.append(" can only be invoked by: ");
Iterator sip = perms.iterator();
boolean unchecked = false, excluded = false, roleBased = false;
while (sip.hasNext()) {
MethodPermission p = (MethodPermission) sip.next();
if (p.isExcluded()) {
excluded = true;
logger.finest(" excluded - can not " + "be invoked");
} else if (p.isUnchecked()) {
unchecked = true;
logger.finest(" unchecked - can be " + "invoked by all");
} else if (p.isRoleBased()) {
roleBased = true;
Role r = p.getRole();
rbuf.append(r.getName());
rbuf.append(" ");
// add to role's accessible list
HashSet ram = (HashSet) allRoleMap.get(r.getName());
ram.add(bundle.getName() + ":" + ejb.getEjbClassName() + "." + md.getFormattedString());
}
}
if (roleBased) {
logger.finest(rbuf.toString());
if (excluded || unchecked) {
logger.finest("*** Configuration error!");
}
} else if (unchecked) {
if (excluded) {
logger.finest("*** Configuration error!");
}
Set rks = allRoleMap.keySet();
Iterator rksi = rks.iterator();
while (rksi.hasNext()) {
HashSet ram = (HashSet) allRoleMap.get(rksi.next());
ram.add(bundle.getName() + ":" + ejb.getEjbClassName() + "." + md.getFormattedString());
}
} else if (!excluded) {
logger.finest("*** Configuration error!");
}
}
// IOR config for this ejb
logger.finest(" IOR configuration:");
Set iors = ejb.getIORConfigurationDescriptors();
if (iors != null) {
Iterator iorsi = iors.iterator();
while (iorsi.hasNext()) {
EjbIORConfigurationDescriptor ior = (EjbIORConfigurationDescriptor) iorsi.next();
StringBuffer iorsb = new StringBuffer();
iorsb.append("realm=");
iorsb.append(ior.getRealmName());
iorsb.append(", integrity=");
iorsb.append(ior.getIntegrity());
iorsb.append(", trust-in-target=");
iorsb.append(ior.getEstablishTrustInTarget());
iorsb.append(", trust-in-client=");
iorsb.append(ior.getEstablishTrustInClient());
iorsb.append(", propagation=");
iorsb.append(ior.getCallerPropagation());
iorsb.append(", auth-method=");
iorsb.append(ior.getAuthenticationMethod());
logger.finest(iorsb.toString());
}
}
}
}
// show role->accessible methods list
logger.finest("--[ EJB methods accessible by role ]--");
Set rks = allRoleMap.keySet();
Iterator rksi = rks.iterator();
while (rksi.hasNext()) {
String roleName = (String) rksi.next();
logger.finest(" [" + roleName + "]");
HashSet ram = (HashSet) allRoleMap.get(roleName);
Iterator rami = ram.iterator();
while (rami.hasNext()) {
String meth = (String) rami.next();
logger.finest(" " + meth);
}
}
// Process all Web modules
Set webDescriptorSet = app.getBundleDescriptors(WebBundleDescriptor.class);
i = webDescriptorSet.iterator();
while (i.hasNext()) {
WebBundleDescriptor wbd = (WebBundleDescriptor) i.next();
logger.finest("--[ Web module: " + wbd.getContextRoot() + " ]--");
// login config
LoginConfiguration lconf = wbd.getLoginConfiguration();
if (lconf != null) {
logger.finest(" Login config: realm=" + lconf.getRealmName() + ", method=" + lconf.getAuthenticationMethod() + ", form=" + lconf.getFormLoginPage() + ", error=" + lconf.getFormErrorPage());
}
// get WebComponentDescriptorsSet() info
logger.finest(" Contains components:");
Set webComps = wbd.getWebComponentDescriptors();
Iterator webCompsIt = webComps.iterator();
while (webCompsIt.hasNext()) {
WebComponentDescriptor wcd = (WebComponentDescriptor) webCompsIt.next();
StringBuffer name = new StringBuffer();
name.append(" - " + wcd.getCanonicalName());
name.append(" [ ");
Enumeration urlPs = wcd.getUrlPatterns();
while (urlPs.hasMoreElements()) {
name.append(urlPs.nextElement().toString());
name.append(" ");
}
name.append("]");
logger.finest(name.toString());
RunAsIdentityDescriptor runas = wcd.getRunAsIdentity();
if (runas != null) {
String role = runas.getRoleName();
String user = runas.getPrincipal();
logger.finest(" Will run-as: Role: " + role + " Principal: " + user);
if (role == null || "".equals(role) || user == null || "".equals(user)) {
logger.finest("*** Configuration error!");
}
}
}
// security constraints
logger.finest(" Security constraints:");
Enumeration scEnum = wbd.getSecurityConstraints();
while (scEnum.hasMoreElements()) {
SecurityConstraint sc = (SecurityConstraint) scEnum.nextElement();
for (WebResourceCollection wrc : sc.getWebResourceCollections()) {
// show list of methods for this collection
StringBuffer sbm = new StringBuffer();
for (String httpMethod : wrc.getHttpMethods()) {
sbm.append(httpMethod);
sbm.append(" ");
}
logger.finest(" Using method: " + sbm.toString());
// and then list of url patterns
for (String urlPattern : wrc.getUrlPatterns()) {
logger.finest(" " + urlPattern);
}
}
// end res.collection iterator
// show roles which apply to above set of collections
AuthorizationConstraint authCons = sc.getAuthorizationConstraint();
Enumeration rolesEnum = authCons.getSecurityRoles();
StringBuffer rsb = new StringBuffer();
rsb.append(" Accessible by roles: ");
while (rolesEnum.hasMoreElements()) {
SecurityRole sr = (SecurityRole) rolesEnum.nextElement();
rsb.append(sr.getName());
rsb.append(" ");
}
logger.finest(rsb.toString());
// show transport guarantee
UserDataConstraint udc = sc.getUserDataConstraint();
if (udc != null) {
logger.finest(" Transport guarantee: " + udc.getTransportGuarantee());
}
}
// end sec.constraint
}
// end webDescriptorSet.iterator
logger.finest("======================================");
}
Also used :
SecurityRole(com.sun.enterprise.deployment.web.SecurityRole)
WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection)
RunAsIdentityDescriptor(com.sun.enterprise.deployment.RunAsIdentityDescriptor)
SecurityRoleMapper(org.glassfish.deployment.common.SecurityRoleMapper)
AuthorizationConstraint(com.sun.enterprise.deployment.web.AuthorizationConstraint)
LoginConfiguration(com.sun.enterprise.deployment.web.LoginConfiguration)
MethodDescriptor(com.sun.enterprise.deployment.MethodDescriptor)
EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor)
MethodPermission(com.sun.enterprise.deployment.MethodPermission)
EjbIORConfigurationDescriptor(com.sun.enterprise.deployment.EjbIORConfigurationDescriptor)
SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint)
SecurityRole(com.sun.enterprise.deployment.web.SecurityRole)
Role(org.glassfish.security.common.Role)
WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor)
EjbBundleDescriptor(com.sun.enterprise.deployment.EjbBundleDescriptor)
WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor)
UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint)
Example 5 with WebResourceCollection
use of com.sun.enterprise.deployment.web.WebResourceCollection in project Payara by payara.
the class SecurityConstraintNode method writeDescriptor.
/**
* write the descriptor class to a DOM tree and return it
*
* @param parent node in the DOM tree
* @param nodeName node name for the root element of this xml fragment
* @param descriptor the descriptor to write
* @return the DOM tree top node
*/
@Override
public Node writeDescriptor(Node parent, String nodeName, SecurityConstraintImpl descriptor) {
Node myNode = appendChild(parent, nodeName);
appendTextChild(myNode, WebTagNames.NAME, descriptor.getName());
// web-resource-collection+
WebResourceCollectionNode wrcNode = new WebResourceCollectionNode();
for (WebResourceCollection webResource : descriptor.getWebResourceCollections()) {
wrcNode.writeDescriptor(myNode, WebTagNames.WEB_RESOURCE_COLLECTION, (WebResourceCollectionImpl) webResource);
}
// auth-constaint?
AuthorizationConstraintImpl aci = (AuthorizationConstraintImpl) descriptor.getAuthorizationConstraint();
if (aci != null) {
AuthConstraintNode acNode = new AuthConstraintNode();
acNode.writeDescriptor(myNode, WebTagNames.AUTH_CONSTRAINT, aci);
}
// user-data-constraint?
UserDataConstraintImpl udci = (UserDataConstraintImpl) descriptor.getUserDataConstraint();
if (udci != null) {
UserDataConstraintNode udcn = new UserDataConstraintNode();
udcn.writeDescriptor(myNode, WebTagNames.USERDATA_CONSTRAINT, udci);
}
return myNode;
}
Also used :
WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection)
Node(org.w3c.dom.Node)
DeploymentDescriptorNode(com.sun.enterprise.deployment.node.DeploymentDescriptorNode)
Aggregations
WebResourceCollection (com.sun.enterprise.deployment.web.WebResourceCollection)8
SecurityConstraint (com.sun.enterprise.deployment.web.SecurityConstraint)5
WebBundleDescriptor (com.sun.enterprise.deployment.WebBundleDescriptor)3
Result (com.sun.enterprise.tools.verifier.Result)2
ComponentNameConstructor (com.sun.enterprise.tools.verifier.tests.ComponentNameConstructor)2
Enumeration (java.util.Enumeration)2
HashSet (java.util.HashSet)2
SecurityConstraintImpl (org.glassfish.web.deployment.descriptor.SecurityConstraintImpl)2
EjbBundleDescriptor (com.sun.enterprise.deployment.EjbBundleDescriptor)1
EjbDescriptor (com.sun.enterprise.deployment.EjbDescriptor)1
EjbIORConfigurationDescriptor (com.sun.enterprise.deployment.EjbIORConfigurationDescriptor)1
MethodDescriptor (com.sun.enterprise.deployment.MethodDescriptor)1
MethodPermission (com.sun.enterprise.deployment.MethodPermission)1
RunAsIdentityDescriptor (com.sun.enterprise.deployment.RunAsIdentityDescriptor)1
WebComponentDescriptor (com.sun.enterprise.deployment.WebComponentDescriptor)1
DeploymentDescriptorNode (com.sun.enterprise.deployment.node.DeploymentDescriptorNode)1
AuthorizationConstraint (com.sun.enterprise.deployment.web.AuthorizationConstraint)1
LoginConfiguration (com.sun.enterprise.deployment.web.LoginConfiguration)1
SecurityRole (com.sun.enterprise.deployment.web.SecurityRole)1
UserDataConstraint (com.sun.enterprise.deployment.web.UserDataConstraint)1
