Search in sources :

Example 1 with WebBundleDescriptor

use of com.sun.enterprise.deployment.WebBundleDescriptor in project Payara by payara.

the class DynamicWebServletRegistrationImpl method removePatternFromServlet.

@Override
protected void removePatternFromServlet(Wrapper wrapper, String pattern) {
    super.removePatternFromServlet(wrapper, pattern);
    WebBundleDescriptor wbd = getWebBundleDescriptor();
    if (wbd == null) {
        throw new IllegalStateException("Missing WebBundleDescriptor for " + getName());
    }
    WebComponentDescriptor wcd = wbd.getWebComponentByCanonicalName(wrapper.getName());
    if (wcd == null) {
        throw new IllegalStateException("Missing WebComponentDescriptor for " + wrapper.getName());
    }
    wcd.removeUrlPattern(pattern);
}
Also used : WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor)

Example 2 with WebBundleDescriptor

use of com.sun.enterprise.deployment.WebBundleDescriptor in project Payara by payara.

the class DynamicWebServletRegistrationImpl method declareRoles.

@Override
public void declareRoles(String... roleNames) {
    super.declareRoles(roleNames);
    WebBundleDescriptor bundleDescriptor = getWebBundleDescriptor();
    for (String roleName : roleNames) {
        bundleDescriptor.addRole(new Role(roleName));
    }
    bundleDescriptor.setPolicyModified(true);
}
Also used : Role(org.glassfish.security.common.Role) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor)

Example 3 with WebBundleDescriptor

use of com.sun.enterprise.deployment.WebBundleDescriptor in project Payara by payara.

the class ServletSecurityHandler method processAnnotation.

private HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, WebComponentDescriptor webCompDesc) throws AnnotationProcessorException {
    Class webCompClass = (Class) ainfo.getAnnotatedElement();
    if (!HttpServlet.class.isAssignableFrom(webCompClass)) {
        log(Level.SEVERE, ainfo, localStrings.getLocalString("web.deployment.annotation.handlers.needtoextend", "The Class {0} having annotation {1} need to be a derived class of {2}.", new Object[] { webCompClass.getName(), SecurityConstraint.class.getName(), HttpServlet.class.getName() }));
        return getDefaultFailedResult();
    }
    Set<String> urlPatterns = getUrlPatternsWithoutSecurityConstraint(webCompDesc);
    if (urlPatterns.size() > 0) {
        WebBundleDescriptor webBundleDesc = webCompDesc.getWebBundleDescriptor();
        ServletSecurity servletSecurityAn = (ServletSecurity) ainfo.getAnnotation();
        HttpMethodConstraint[] httpMethodConstraints = servletSecurityAn.httpMethodConstraints();
        for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
            String httpMethod = httpMethodConstraint.value();
            if (httpMethod == null || httpMethod.length() == 0) {
                return getDefaultFailedResult();
            }
            createSecurityConstraint(webBundleDesc, urlPatterns, httpMethodConstraint.rolesAllowed(), httpMethodConstraint.emptyRoleSemantic(), httpMethodConstraint.transportGuarantee(), httpMethod);
        }
        HttpConstraint httpConstraint = servletSecurityAn.value();
        boolean isDefault = isDefaultHttpConstraint(httpConstraint);
        if (isDefault && (httpMethodConstraints.length > 0)) {
            if (logger.isLoggable(Level.FINER)) {
                StringBuilder methodString = new StringBuilder();
                for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
                    methodString.append(" ");
                    methodString.append(httpMethodConstraint.value());
                }
                for (String pattern : urlPatterns) {
                    logger.finer("Pattern: " + pattern + " assumes default unprotected configuration for all methods except:" + methodString);
                }
            }
        }
        if (!isDefault || (httpMethodConstraints.length == 0)) {
            SecurityConstraint securityConstraint = createSecurityConstraint(webBundleDesc, urlPatterns, httpConstraint.rolesAllowed(), httpConstraint.value(), httpConstraint.transportGuarantee(), null);
            // we know there is one WebResourceCollection there
            WebResourceCollection webResColl = securityConstraint.getWebResourceCollections().iterator().next();
            for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
                // exclude constrained httpMethod from the top level constraint
                webResColl.addHttpMethodOmission(httpMethodConstraint.value());
            }
        }
    }
    return getDefaultProcessedResult();
}
Also used : HttpConstraint(javax.servlet.annotation.HttpConstraint) HttpMethodConstraint(javax.servlet.annotation.HttpMethodConstraint) WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection) HttpServlet(javax.servlet.http.HttpServlet) ServletSecurity(javax.servlet.annotation.ServletSecurity) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor)

Example 4 with WebBundleDescriptor

use of com.sun.enterprise.deployment.WebBundleDescriptor in project Payara by payara.

the class ActiveJmsResourceAdapter method getJMSDestination.

/*
     * Get JMS destination resource from application
     */
private JMSDestinationDefinitionDescriptor getJMSDestination(String logicalDestination, Application application) {
    if (application == null) {
        return null;
    }
    JMSDestinationDefinitionDescriptor destination = getJMSDestination(logicalDestination, application.getResourceDescriptors(JavaEEResourceType.JMSDD));
    if (isValidDestination(destination)) {
        return destination;
    }
    Set<WebBundleDescriptor> webBundleDescriptors = application.getBundleDescriptors(WebBundleDescriptor.class);
    for (WebBundleDescriptor webBundleDescriptor : webBundleDescriptors) {
        destination = getJMSDestination(logicalDestination, webBundleDescriptor.getResourceDescriptors(JavaEEResourceType.JMSDD));
        if (isValidDestination(destination)) {
            return destination;
        }
    }
    Set<EjbBundleDescriptor> ejbBundleDescriptors = application.getBundleDescriptors(EjbBundleDescriptor.class);
    for (EjbBundleDescriptor ejbBundleDescriptor : ejbBundleDescriptors) {
        destination = getJMSDestination(logicalDestination, ejbBundleDescriptor);
        if (isValidDestination(destination)) {
            return destination;
        }
    }
    Set<ApplicationClientDescriptor> appClientDescriptors = application.getBundleDescriptors(ApplicationClientDescriptor.class);
    for (ApplicationClientDescriptor appClientDescriptor : appClientDescriptors) {
        destination = getJMSDestination(logicalDestination, appClientDescriptor.getResourceDescriptors(JavaEEResourceType.JMSDD));
        if (isValidDestination(destination)) {
            return destination;
        }
    }
    return null;
}
Also used : JMSDestinationDefinitionDescriptor(com.sun.enterprise.deployment.JMSDestinationDefinitionDescriptor) EjbBundleDescriptor(com.sun.enterprise.deployment.EjbBundleDescriptor) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor) ApplicationClientDescriptor(com.sun.enterprise.deployment.ApplicationClientDescriptor)

Example 5 with WebBundleDescriptor

use of com.sun.enterprise.deployment.WebBundleDescriptor in project Payara by payara.

the class ActiveJmsResourceAdapter method getJMSDestination.

/*
     * Get JMS destination resource from web module
     */
private JMSDestinationDefinitionDescriptor getJMSDestination(String logicalDestination, ModuleDescriptor moduleDescriptor) {
    WebBundleDescriptor webBundleDescriptor = (WebBundleDescriptor) moduleDescriptor.getDescriptor();
    JMSDestinationDefinitionDescriptor destination = getJMSDestination(logicalDestination, webBundleDescriptor.getResourceDescriptors(JavaEEResourceType.JMSDD));
    if (isValidDestination(destination)) {
        return destination;
    }
    Collection<EjbBundleDescriptor> ejbBundleDescriptors = moduleDescriptor.getDescriptor().getExtensionsDescriptors(EjbBundleDescriptor.class);
    for (EjbBundleDescriptor ejbBundleDescriptor : ejbBundleDescriptors) {
        destination = getJMSDestination(logicalDestination, ejbBundleDescriptor);
        if (isValidDestination(destination)) {
            return destination;
        }
    }
    return null;
}
Also used : JMSDestinationDefinitionDescriptor(com.sun.enterprise.deployment.JMSDestinationDefinitionDescriptor) EjbBundleDescriptor(com.sun.enterprise.deployment.EjbBundleDescriptor) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor)

Aggregations

WebBundleDescriptor (com.sun.enterprise.deployment.WebBundleDescriptor)47 EjbBundleDescriptor (com.sun.enterprise.deployment.EjbBundleDescriptor)14 EjbDescriptor (com.sun.enterprise.deployment.EjbDescriptor)10 BundleDescriptor (com.sun.enterprise.deployment.BundleDescriptor)9 WebComponentDescriptor (com.sun.enterprise.deployment.WebComponentDescriptor)7 Application (com.sun.enterprise.deployment.Application)6 ApplicationClientDescriptor (com.sun.enterprise.deployment.ApplicationClientDescriptor)5 ArrayList (java.util.ArrayList)4 ApplicationInfo (org.glassfish.internal.data.ApplicationInfo)4 JndiNameEnvironment (com.sun.enterprise.deployment.JndiNameEnvironment)3 ManagedBeanDescriptor (com.sun.enterprise.deployment.ManagedBeanDescriptor)3 SecurityConstraint (com.sun.enterprise.deployment.web.SecurityConstraint)3 WebResourceCollection (com.sun.enterprise.deployment.web.WebResourceCollection)3 IASSecurityException (com.sun.enterprise.security.util.IASSecurityException)3 Iterator (java.util.Iterator)3 ConnectorDescriptor (com.sun.enterprise.deployment.ConnectorDescriptor)2 JMSDestinationDefinitionDescriptor (com.sun.enterprise.deployment.JMSDestinationDefinitionDescriptor)2 XMLNode (com.sun.enterprise.deployment.node.XMLNode)2 LoginConfiguration (com.sun.enterprise.deployment.web.LoginConfiguration)2 File (java.io.File)2