Search in sources :

Example 1 with SecurityConstraint

use of com.sun.enterprise.deployment.web.SecurityConstraint in project Payara by payara.

the class ServletSecurityHandler method processAnnotation.

private HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, WebComponentDescriptor webCompDesc) throws AnnotationProcessorException {
    Class webCompClass = (Class) ainfo.getAnnotatedElement();
    if (!HttpServlet.class.isAssignableFrom(webCompClass)) {
        log(Level.SEVERE, ainfo, localStrings.getLocalString("web.deployment.annotation.handlers.needtoextend", "The Class {0} having annotation {1} need to be a derived class of {2}.", new Object[] { webCompClass.getName(), SecurityConstraint.class.getName(), HttpServlet.class.getName() }));
        return getDefaultFailedResult();
    }
    Set<String> urlPatterns = getUrlPatternsWithoutSecurityConstraint(webCompDesc);
    if (urlPatterns.size() > 0) {
        WebBundleDescriptor webBundleDesc = webCompDesc.getWebBundleDescriptor();
        ServletSecurity servletSecurityAn = (ServletSecurity) ainfo.getAnnotation();
        HttpMethodConstraint[] httpMethodConstraints = servletSecurityAn.httpMethodConstraints();
        for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
            String httpMethod = httpMethodConstraint.value();
            if (httpMethod == null || httpMethod.length() == 0) {
                return getDefaultFailedResult();
            }
            createSecurityConstraint(webBundleDesc, urlPatterns, httpMethodConstraint.rolesAllowed(), httpMethodConstraint.emptyRoleSemantic(), httpMethodConstraint.transportGuarantee(), httpMethod);
        }
        HttpConstraint httpConstraint = servletSecurityAn.value();
        boolean isDefault = isDefaultHttpConstraint(httpConstraint);
        if (isDefault && (httpMethodConstraints.length > 0)) {
            if (logger.isLoggable(Level.FINER)) {
                StringBuilder methodString = new StringBuilder();
                for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
                    methodString.append(" ");
                    methodString.append(httpMethodConstraint.value());
                }
                for (String pattern : urlPatterns) {
                    logger.finer("Pattern: " + pattern + " assumes default unprotected configuration for all methods except:" + methodString);
                }
            }
        }
        if (!isDefault || (httpMethodConstraints.length == 0)) {
            SecurityConstraint securityConstraint = createSecurityConstraint(webBundleDesc, urlPatterns, httpConstraint.rolesAllowed(), httpConstraint.value(), httpConstraint.transportGuarantee(), null);
            // we know there is one WebResourceCollection there
            WebResourceCollection webResColl = securityConstraint.getWebResourceCollections().iterator().next();
            for (HttpMethodConstraint httpMethodConstraint : httpMethodConstraints) {
                // exclude constrained httpMethod from the top level constraint
                webResColl.addHttpMethodOmission(httpMethodConstraint.value());
            }
        }
    }
    return getDefaultProcessedResult();
}
Also used : HttpConstraint(javax.servlet.annotation.HttpConstraint) HttpMethodConstraint(javax.servlet.annotation.HttpMethodConstraint) WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection) HttpServlet(javax.servlet.http.HttpServlet) ServletSecurity(javax.servlet.annotation.ServletSecurity) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor)

Example 2 with SecurityConstraint

use of com.sun.enterprise.deployment.web.SecurityConstraint in project Payara by payara.

the class ServletSecurityHandler method createSecurityConstraint.

public static SecurityConstraint createSecurityConstraint(WebBundleDescriptor webBundleDesc, Set<String> urlPatterns, String[] rolesAllowed, EmptyRoleSemantic emptyRoleSemantic, TransportGuarantee transportGuarantee, String httpMethod) {
    SecurityConstraint securityConstraint = new SecurityConstraintImpl();
    WebResourceCollectionImpl webResourceColl = new WebResourceCollectionImpl();
    securityConstraint.addWebResourceCollection(webResourceColl);
    for (String urlPattern : urlPatterns) {
        webResourceColl.addUrlPattern(urlPattern);
    }
    AuthorizationConstraintImpl ac = null;
    if (rolesAllowed != null && rolesAllowed.length > 0) {
        if (emptyRoleSemantic == EmptyRoleSemantic.DENY) {
            throw new IllegalArgumentException(localStrings.getLocalString("web.deployment.annotation.handlers.denyWithRolesAllowed", "One cannot specify DENY with an non-empty array of rolesAllowed in @ServletSecurity / ServletSecurityElement"));
        }
        ac = new AuthorizationConstraintImpl();
        for (String roleName : rolesAllowed) {
            Role role = new Role(roleName);
            webBundleDesc.addRole(role);
            ac.addSecurityRole(roleName);
        }
    } else if (emptyRoleSemantic == EmptyRoleSemantic.PERMIT) {
    // ac is null
    } else {
        // DENY
        ac = new AuthorizationConstraintImpl();
    }
    securityConstraint.setAuthorizationConstraint(ac);
    UserDataConstraint udc = new UserDataConstraintImpl();
    udc.setTransportGuarantee(((transportGuarantee == TransportGuarantee.CONFIDENTIAL) ? UserDataConstraint.CONFIDENTIAL_TRANSPORT : UserDataConstraint.NONE_TRANSPORT));
    securityConstraint.setUserDataConstraint(udc);
    if (httpMethod != null) {
        webResourceColl.addHttpMethod(httpMethod);
    }
    webBundleDesc.addSecurityConstraint(securityConstraint);
    return securityConstraint;
}
Also used : Role(org.glassfish.security.common.Role) UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint)

Example 3 with SecurityConstraint

use of com.sun.enterprise.deployment.web.SecurityConstraint in project Payara by payara.

the class DynamicWebServletRegistrationImpl method setSecurityConfig.

@Override
public void setSecurityConfig(SecurityConfig config) {
    if (config == null) {
        return;
    }
    this.config = config;
    LoginConfig lc = config.getLoginConfig();
    if (lc != null) {
        LoginConfiguration loginConf = new LoginConfigurationImpl();
        loginConf.setAuthenticationMethod(lc.getAuthMethod().name());
        loginConf.setRealmName(lc.getRealmName());
        FormLoginConfig form = lc.getFormLoginConfig();
        if (form != null) {
            loginConf.setFormErrorPage(form.getFormErrorPage());
            loginConf.setFormLoginPage(form.getFormLoginPage());
        }
        LoginConfigDecorator decorator = new LoginConfigDecorator(loginConf);
        setLoginConfig(decorator);
        getWebBundleDescriptor().setLoginConfiguration(loginConf);
    }
    Set<org.glassfish.embeddable.web.config.SecurityConstraint> securityConstraints = config.getSecurityConstraints();
    for (org.glassfish.embeddable.web.config.SecurityConstraint sc : securityConstraints) {
        com.sun.enterprise.deployment.web.SecurityConstraint securityConstraint = new SecurityConstraintImpl();
        Set<org.glassfish.embeddable.web.config.WebResourceCollection> wrcs = sc.getWebResourceCollection();
        for (org.glassfish.embeddable.web.config.WebResourceCollection wrc : wrcs) {
            WebResourceCollectionImpl webResourceColl = new WebResourceCollectionImpl();
            webResourceColl.setDisplayName(wrc.getName());
            for (String urlPattern : wrc.getUrlPatterns()) {
                webResourceColl.addUrlPattern(urlPattern);
            }
            securityConstraint.addWebResourceCollection(webResourceColl);
            AuthorizationConstraintImpl ac = null;
            if (sc.getAuthConstraint() != null && sc.getAuthConstraint().length > 0) {
                ac = new AuthorizationConstraintImpl();
                for (String roleName : sc.getAuthConstraint()) {
                    Role role = new Role(roleName);
                    getWebBundleDescriptor().addRole(role);
                    ac.addSecurityRole(roleName);
                }
            } else {
                // DENY
                ac = new AuthorizationConstraintImpl();
            }
            securityConstraint.setAuthorizationConstraint(ac);
            UserDataConstraint udc = new UserDataConstraintImpl();
            udc.setTransportGuarantee(((sc.getDataConstraint() == TransportGuarantee.CONFIDENTIAL) ? UserDataConstraint.CONFIDENTIAL_TRANSPORT : UserDataConstraint.NONE_TRANSPORT));
            securityConstraint.setUserDataConstraint(udc);
            if (wrc.getHttpMethods() != null) {
                for (String httpMethod : wrc.getHttpMethods()) {
                    webResourceColl.addHttpMethod(httpMethod);
                }
            }
            if (wrc.getHttpMethodOmissions() != null) {
                for (String httpMethod : wrc.getHttpMethodOmissions()) {
                    webResourceColl.addHttpMethodOmission(httpMethod);
                }
            }
            getWebBundleDescriptor().addSecurityConstraint(securityConstraint);
            TomcatDeploymentConfig.configureSecurityConstraint(this, getWebBundleDescriptor());
        }
    }
    if (pipeline != null) {
        GlassFishValve basic = pipeline.getBasic();
        if ((basic != null) && (basic instanceof java.net.Authenticator)) {
            removeValve(basic);
        }
        GlassFishValve[] valves = pipeline.getValves();
        for (GlassFishValve valve : valves) {
            if (valve instanceof java.net.Authenticator) {
                removeValve(valve);
            }
        }
    }
    if (realm != null && realm instanceof RealmInitializer) {
        ((RealmInitializer) realm).initializeRealm(this.getWebBundleDescriptor(), false, ((VirtualServer) parent).getAuthRealmName());
        ((RealmInitializer) realm).setVirtualServer(getParent());
        ((RealmInitializer) realm).updateWebSecurityManager();
        setRealm(realm);
    }
}
Also used : WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection) RealmInitializer(com.sun.enterprise.security.integration.RealmInitializer) AuthorizationConstraintImpl(org.glassfish.web.deployment.descriptor.AuthorizationConstraintImpl) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) LoginConfigurationImpl(org.glassfish.web.deployment.descriptor.LoginConfigurationImpl) FormLoginConfig(org.glassfish.embeddable.web.config.FormLoginConfig) LoginConfig(org.glassfish.embeddable.web.config.LoginConfig) SecurityConstraintImpl(org.glassfish.web.deployment.descriptor.SecurityConstraintImpl) UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint) FormLoginConfig(org.glassfish.embeddable.web.config.FormLoginConfig) UserDataConstraintImpl(org.glassfish.web.deployment.descriptor.UserDataConstraintImpl) LoginConfiguration(com.sun.enterprise.deployment.web.LoginConfiguration) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) GlassFishValve(org.glassfish.web.valve.GlassFishValve) Role(org.glassfish.security.common.Role) LoginConfigDecorator(com.sun.enterprise.web.deploy.LoginConfigDecorator) WebResourceCollectionImpl(org.glassfish.web.deployment.descriptor.WebResourceCollectionImpl)

Example 4 with SecurityConstraint

use of com.sun.enterprise.deployment.web.SecurityConstraint in project Payara by payara.

the class WebServiceEndpoint method updateServletEndpointRuntime.

private void updateServletEndpointRuntime() {
    // An endpoint might have been loaded off a jar file. In that case the WebFragmentDescriptor can be stale. So patch it
    WebComponentDescriptor wc = ((WebBundleDescriptor) webService.getBundleDescriptor()).getWebComponentByCanonicalName(webComponentImpl.getCanonicalName());
    if (!(wc == webComponentImpl)) {
        setWebComponentImpl(wc);
    }
    // Copy the value of the servlet impl bean class into
    // the runtime information. This way, we'll still
    // remember it after the servlet-class element has been
    // replaced with the name of the container's servlet class.
    saveServletImplClass();
    WebBundleDescriptor bundle = webComponentImpl.getWebBundleDescriptor();
    WebServicesDescriptor webServices = bundle.getWebServices();
    Collection endpoints = webServices.getEndpointsImplementedBy(webComponentImpl);
    if (endpoints.size() > 1) {
        String msg = "Servlet " + getWebComponentLink() + " implements " + endpoints.size() + " web service endpoints " + " but must only implement 1";
        throw new IllegalStateException(msg);
    }
    if (getEndpointAddressUri() == null) {
        Set urlPatterns = webComponentImpl.getUrlPatternsSet();
        if (urlPatterns.size() == 1) {
            // Set endpoint-address-uri runtime info to uri.
            // Final endpoint address will still be relative to context root
            String uri = (String) urlPatterns.iterator().next();
            setEndpointAddressUri(uri);
            // Set transport guarantee in runtime info if transport
            // guarantee is INTEGRAL or CONDIFIDENTIAL for any
            // security constraint with this url-pattern.
            Collection constraints = bundle.getSecurityConstraintsForUrlPattern(uri);
            for (Iterator i = constraints.iterator(); i.hasNext(); ) {
                SecurityConstraint next = (SecurityConstraint) i.next();
                UserDataConstraint dataConstraint = next.getUserDataConstraint();
                String guarantee = (dataConstraint != null) ? dataConstraint.getTransportGuarantee() : null;
                if ((guarantee != null) && (guarantee.equals(UserDataConstraint.INTEGRAL_TRANSPORT) || guarantee.equals(UserDataConstraint.CONFIDENTIAL_TRANSPORT))) {
                    setTransportGuarantee(guarantee);
                    break;
                }
            }
        } else {
            String msg = "Endpoint " + getEndpointName() + " has not been assigned an endpoint address " + " and is associated with servlet " + webComponentImpl.getCanonicalName() + " , which has " + urlPatterns.size() + " url patterns";
            throw new IllegalStateException(msg);
        }
    }
}
Also used : Set(java.util.Set) Iterator(java.util.Iterator) Collection(java.util.Collection) UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint)

Example 5 with SecurityConstraint

use of com.sun.enterprise.deployment.web.SecurityConstraint in project Payara by payara.

the class Audit method dumpDiagnostics.

/**
 * Do the work for showACL().
 */
private static void dumpDiagnostics(Application app) {
    logger.finest("====[ Role and ACL Summary ]==========");
    if (!app.isVirtual()) {
        logger.finest("Summary for application: " + app.getRegistrationName());
    } else {
        logger.finest("Standalone module.");
    }
    logger.finest("EJB components: " + getEjbComponentCount(app));
    logger.finest("Web components: " + getWebComponentCount(app));
    Iterator i;
    StringBuilder sb;
    // show all roles with associated group & user mappings
    Set allRoles = app.getRoles();
    if (allRoles == null) {
        logger.finest("- No roles present.");
        return;
    }
    SecurityRoleMapper rmap = app.getRoleMapper();
    if (rmap == null) {
        logger.finest("- No role mappings present.");
        return;
    }
    i = allRoles.iterator();
    logger.finest("--[ Configured roles and mappings ]--");
    HashMap allRoleMap = new HashMap();
    while (i.hasNext()) {
        Role r = (Role) i.next();
        logger.finest(" [" + r.getName() + "]");
        allRoleMap.put(r.getName(), new HashSet());
        sb = new StringBuilder();
        sb.append("  is mapped to groups: ");
        Enumeration grps = rmap.getGroupsAssignedTo(r);
        while (grps.hasMoreElements()) {
            sb.append(grps.nextElement());
            sb.append(" ");
        }
        logger.finest(sb.toString());
        sb = new StringBuilder();
        sb.append("  is mapped to principals: ");
        Enumeration users = rmap.getUsersAssignedTo(r);
        while (users.hasMoreElements()) {
            sb.append(users.nextElement());
            sb.append(" ");
        }
        logger.finest(sb.toString());
    }
    // Process all EJB modules
    Set ejbDescriptorSet = app.getBundleDescriptors(EjbBundleDescriptor.class);
    i = ejbDescriptorSet.iterator();
    while (i.hasNext()) {
        EjbBundleDescriptor bundle = (EjbBundleDescriptor) i.next();
        logger.finest("--[ EJB module: " + bundle.getName() + " ]--");
        Set ejbs = bundle.getEjbs();
        Iterator it = ejbs.iterator();
        while (it.hasNext()) {
            EjbDescriptor ejb = (EjbDescriptor) it.next();
            logger.finest("EJB: " + ejb.getEjbClassName());
            // check and show run-as if present
            if (!ejb.getUsesCallerIdentity()) {
                RunAsIdentityDescriptor runas = ejb.getRunAsIdentity();
                if (runas == null) {
                    logger.finest(" (ejb does not use caller " + "identity)");
                } else {
                    String role = runas.getRoleName();
                    String user = runas.getPrincipal();
                    logger.finest(" Will run-as: Role: " + role + "  Principal: " + user);
                    if (role == null || "".equals(role) || user == null || "".equals(user)) {
                        if (logger.isLoggable(Level.FINEST)) {
                            logger.finest("*** Configuration error!");
                        }
                    }
                }
            }
            // iterate through available methods
            logger.finest(" Method to Role restriction list:");
            Set methods = ejb.getMethodDescriptors();
            Iterator si = methods.iterator();
            while (si.hasNext()) {
                MethodDescriptor md = (MethodDescriptor) si.next();
                logger.finest("   " + md.getFormattedString());
                Set perms = ejb.getMethodPermissionsFor(md);
                StringBuilder rbuf = new StringBuilder();
                rbuf.append("     can only be invoked by: ");
                Iterator sip = perms.iterator();
                boolean unchecked = false, excluded = false, roleBased = false;
                while (sip.hasNext()) {
                    MethodPermission p = (MethodPermission) sip.next();
                    if (p.isExcluded()) {
                        excluded = true;
                        logger.finest("     excluded - can not " + "be invoked");
                    } else if (p.isUnchecked()) {
                        unchecked = true;
                        logger.finest("     unchecked - can be " + "invoked by all");
                    } else if (p.isRoleBased()) {
                        roleBased = true;
                        Role r = p.getRole();
                        rbuf.append(r.getName());
                        rbuf.append(" ");
                        // add to role's accessible list
                        HashSet ram = (HashSet) allRoleMap.get(r.getName());
                        ram.add(bundle.getName() + ":" + ejb.getEjbClassName() + "." + md.getFormattedString());
                    }
                }
                if (roleBased) {
                    logger.finest(rbuf.toString());
                    if (excluded || unchecked) {
                        logger.finest("*** Configuration error!");
                    }
                } else if (unchecked) {
                    if (excluded) {
                        logger.finest("*** Configuration error!");
                    }
                    Set rks = allRoleMap.keySet();
                    Iterator rksi = rks.iterator();
                    while (rksi.hasNext()) {
                        HashSet ram = (HashSet) allRoleMap.get(rksi.next());
                        ram.add(bundle.getName() + ":" + ejb.getEjbClassName() + "." + md.getFormattedString());
                    }
                } else if (!excluded) {
                    logger.finest("*** Configuration error!");
                }
            }
            // IOR config for this ejb
            logger.finest(" IOR configuration:");
            Set iors = ejb.getIORConfigurationDescriptors();
            if (iors != null) {
                Iterator iorsi = iors.iterator();
                while (iorsi.hasNext()) {
                    EjbIORConfigurationDescriptor ior = (EjbIORConfigurationDescriptor) iorsi.next();
                    StringBuilder iorsb = new StringBuilder();
                    iorsb.append("realm=");
                    iorsb.append(ior.getRealmName());
                    iorsb.append(", integrity=");
                    iorsb.append(ior.getIntegrity());
                    iorsb.append(", trust-in-target=");
                    iorsb.append(ior.getEstablishTrustInTarget());
                    iorsb.append(", trust-in-client=");
                    iorsb.append(ior.getEstablishTrustInClient());
                    iorsb.append(", propagation=");
                    iorsb.append(ior.getCallerPropagation());
                    iorsb.append(", auth-method=");
                    iorsb.append(ior.getAuthenticationMethod());
                    logger.finest(iorsb.toString());
                }
            }
        }
    }
    // show role->accessible methods list
    logger.finest("--[ EJB methods accessible by role ]--");
    Set rks = allRoleMap.keySet();
    Iterator rksi = rks.iterator();
    while (rksi.hasNext()) {
        String roleName = (String) rksi.next();
        logger.finest(" [" + roleName + "]");
        HashSet ram = (HashSet) allRoleMap.get(roleName);
        Iterator rami = ram.iterator();
        while (rami.hasNext()) {
            String meth = (String) rami.next();
            logger.finest("   " + meth);
        }
    }
    // Process all Web modules
    Set webDescriptorSet = app.getBundleDescriptors(WebBundleDescriptor.class);
    i = webDescriptorSet.iterator();
    while (i.hasNext()) {
        WebBundleDescriptor wbd = (WebBundleDescriptor) i.next();
        logger.finest("--[ Web module: " + wbd.getContextRoot() + " ]--");
        // login config
        LoginConfiguration lconf = wbd.getLoginConfiguration();
        if (lconf != null) {
            logger.finest("  Login config: realm=" + lconf.getRealmName() + ", method=" + lconf.getAuthenticationMethod() + ", form=" + lconf.getFormLoginPage() + ", error=" + lconf.getFormErrorPage());
        }
        // get WebComponentDescriptorsSet() info
        logger.finest("  Contains components:");
        Set webComps = wbd.getWebComponentDescriptors();
        Iterator webCompsIt = webComps.iterator();
        while (webCompsIt.hasNext()) {
            WebComponentDescriptor wcd = (WebComponentDescriptor) webCompsIt.next();
            StringBuilder name = new StringBuilder();
            name.append("   - " + wcd.getCanonicalName());
            name.append(" [ ");
            Enumeration urlPs = wcd.getUrlPatterns();
            while (urlPs.hasMoreElements()) {
                name.append(urlPs.nextElement().toString());
                name.append(" ");
            }
            name.append("]");
            logger.finest(name.toString());
            RunAsIdentityDescriptor runas = wcd.getRunAsIdentity();
            if (runas != null) {
                String role = runas.getRoleName();
                String user = runas.getPrincipal();
                logger.finest("      Will run-as: Role: " + role + "  Principal: " + user);
                if (role == null || "".equals(role) || user == null || "".equals(user)) {
                    logger.finest("*** Configuration error!");
                }
            }
        }
        // security constraints
        logger.finest("  Security constraints:");
        Enumeration scEnum = wbd.getSecurityConstraints();
        while (scEnum.hasMoreElements()) {
            SecurityConstraint sc = (SecurityConstraint) scEnum.nextElement();
            for (WebResourceCollection wrc : sc.getWebResourceCollections()) {
                // show list of methods for this collection
                StringBuilder sbm = new StringBuilder();
                for (String httpMethod : wrc.getHttpMethods()) {
                    sbm.append(httpMethod);
                    sbm.append(" ");
                }
                logger.finest("     Using method: " + sbm.toString());
                // and then list of url patterns
                for (String urlPattern : wrc.getUrlPatterns()) {
                    logger.finest("       " + urlPattern);
                }
            }
            // end res.collection iterator
            // show roles which apply to above set of collections
            AuthorizationConstraint authCons = sc.getAuthorizationConstraint();
            Enumeration rolesEnum = authCons.getSecurityRoles();
            StringBuilder rsb = new StringBuilder();
            rsb.append("     Accessible by roles: ");
            while (rolesEnum.hasMoreElements()) {
                SecurityRole sr = (SecurityRole) rolesEnum.nextElement();
                rsb.append(sr.getName());
                rsb.append(" ");
            }
            logger.finest(rsb.toString());
            // show transport guarantee
            UserDataConstraint udc = sc.getUserDataConstraint();
            if (udc != null) {
                logger.finest("     Transport guarantee: " + udc.getTransportGuarantee());
            }
        }
    // end sec.constraint
    }
    // end webDescriptorSet.iterator
    logger.finest("======================================");
}
Also used : SecurityRole(com.sun.enterprise.deployment.web.SecurityRole) WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection) RunAsIdentityDescriptor(com.sun.enterprise.deployment.RunAsIdentityDescriptor) SecurityRoleMapper(org.glassfish.deployment.common.SecurityRoleMapper) AuthorizationConstraint(com.sun.enterprise.deployment.web.AuthorizationConstraint) LoginConfiguration(com.sun.enterprise.deployment.web.LoginConfiguration) MethodDescriptor(com.sun.enterprise.deployment.MethodDescriptor) EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor) MethodPermission(com.sun.enterprise.deployment.MethodPermission) EjbIORConfigurationDescriptor(com.sun.enterprise.deployment.EjbIORConfigurationDescriptor) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) SecurityRole(com.sun.enterprise.deployment.web.SecurityRole) Role(org.glassfish.security.common.Role) WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor) EjbBundleDescriptor(com.sun.enterprise.deployment.EjbBundleDescriptor) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor) UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint)

Aggregations

SecurityConstraint (com.sun.enterprise.deployment.web.SecurityConstraint)9 WebResourceCollection (com.sun.enterprise.deployment.web.WebResourceCollection)6 UserDataConstraint (com.sun.enterprise.deployment.web.UserDataConstraint)5 WebBundleDescriptor (com.sun.enterprise.deployment.WebBundleDescriptor)3 Role (org.glassfish.security.common.Role)3 LoginConfiguration (com.sun.enterprise.deployment.web.LoginConfiguration)2 HashSet (java.util.HashSet)2 EjbBundleDescriptor (com.sun.enterprise.deployment.EjbBundleDescriptor)1 EjbDescriptor (com.sun.enterprise.deployment.EjbDescriptor)1 EjbIORConfigurationDescriptor (com.sun.enterprise.deployment.EjbIORConfigurationDescriptor)1 MethodDescriptor (com.sun.enterprise.deployment.MethodDescriptor)1 MethodPermission (com.sun.enterprise.deployment.MethodPermission)1 RunAsIdentityDescriptor (com.sun.enterprise.deployment.RunAsIdentityDescriptor)1 WebComponentDescriptor (com.sun.enterprise.deployment.WebComponentDescriptor)1 AuthorizationConstraint (com.sun.enterprise.deployment.web.AuthorizationConstraint)1 SecurityRole (com.sun.enterprise.deployment.web.SecurityRole)1 RealmInitializer (com.sun.enterprise.security.integration.RealmInitializer)1 LoginConfigDecorator (com.sun.enterprise.web.deploy.LoginConfigDecorator)1 Collection (java.util.Collection)1 Iterator (java.util.Iterator)1