Examples with ServletSecurity - javax.servlet.annotation.ServletSecurity

Example 6 with ServletSecurity

use of javax.servlet.annotation.ServletSecurity in project tomcat70 by apache.

the class ApplicationContext method addServlet.

private ServletRegistration.Dynamic addServlet(String servletName, String servletClass, Servlet servlet) throws IllegalStateException {
    if (servletName == null || servletName.equals("")) {
        throw new IllegalArgumentException(sm.getString("applicationContext.invalidServletName", servletName));
    }
    if (!context.getState().equals(LifecycleState.STARTING_PREP)) {
        // TODO Spec breaking enhancement to ignore this restriction
        throw new IllegalStateException(sm.getString("applicationContext.addServlet.ise", getContextPath()));
    }
    Wrapper wrapper = (Wrapper) context.findChild(servletName);
    // a name
    if (wrapper == null) {
        wrapper = context.createWrapper();
        wrapper.setName(servletName);
        context.addChild(wrapper);
    } else {
        if (wrapper.getName() != null && wrapper.getServletClass() != null) {
            if (wrapper.isOverridable()) {
                wrapper.setOverridable(false);
            } else {
                return null;
            }
        }
    }
    ServletSecurity annotation = null;
    if (servlet == null) {
        wrapper.setServletClass(servletClass);
        Class<?> clazz = Introspection.loadClass(context, servletClass);
        if (clazz != null) {
            annotation = clazz.getAnnotation(ServletSecurity.class);
        }
    } else {
        wrapper.setServletClass(servlet.getClass().getName());
        wrapper.setServlet(servlet);
        if (context.wasCreatedDynamicServlet(servlet)) {
            annotation = servlet.getClass().getAnnotation(ServletSecurity.class);
        }
    }
    ServletRegistration.Dynamic registration = new ApplicationServletRegistration(wrapper, context);
    if (annotation != null) {
        registration.setServletSecurity(new ServletSecurityElement(annotation));
    }
    return registration;
}

Also used : Wrapper(org.apache.catalina.Wrapper) ServletRegistration(javax.servlet.ServletRegistration) ServletSecurity(javax.servlet.annotation.ServletSecurity) ServletSecurityElement(javax.servlet.ServletSecurityElement)

Example 7 with ServletSecurity

use of javax.servlet.annotation.ServletSecurity in project tomcat70 by apache.

the class WebAnnotationSet method loadApplicationServletAnnotations.

/**
 * Process the annotations for the servlets.
 *
 * @param context The context which will have its annotations processed
 */
protected static void loadApplicationServletAnnotations(Context context) {
    Container[] children = context.findChildren();
    for (Container child : children) {
        if (child instanceof Wrapper) {
            Wrapper wrapper = (Wrapper) child;
            if (wrapper.getServletClass() == null) {
                continue;
            }
            Class<?> clazz = Introspection.loadClass(context, wrapper.getServletClass());
            if (clazz == null) {
                continue;
            }
            loadClassAnnotation(context, clazz);
            loadFieldsAnnotation(context, clazz);
            loadMethodsAnnotation(context, clazz);
            /* Process RunAs annotation which can be only on servlets.
                 * Ref JSR 250, equivalent to the run-as element in
                 * the deployment descriptor
                 */
            RunAs runAs = clazz.getAnnotation(RunAs.class);
            if (runAs != null) {
                wrapper.setRunAs(runAs.value());
            }
            // Process ServletSecurity annotation
            ServletSecurity servletSecurity = clazz.getAnnotation(ServletSecurity.class);
            if (servletSecurity != null) {
                context.addServletSecurity(new ApplicationServletRegistration(wrapper, context), new ServletSecurityElement(servletSecurity));
            }
        }
    }
}

Also used : Wrapper(org.apache.catalina.Wrapper) Container(org.apache.catalina.Container) ServletSecurity(javax.servlet.annotation.ServletSecurity) RunAs(javax.annotation.security.RunAs) ApplicationServletRegistration(org.apache.catalina.core.ApplicationServletRegistration) ServletSecurityElement(javax.servlet.ServletSecurityElement)

Aggregations

ServletSecurity (javax.servlet.annotation.ServletSecurity)7 ServletSecurityElement (javax.servlet.ServletSecurityElement)6 RunAs (javax.annotation.security.RunAs)2 Context (org.apache.catalina.Context)2 Wrapper (org.apache.catalina.Wrapper)2 RunAsIdentityDescriptor (com.sun.enterprise.deployment.RunAsIdentityDescriptor)1 WebBundleDescriptor (com.sun.enterprise.deployment.WebBundleDescriptor)1 SecurityConstraint (com.sun.enterprise.deployment.web.SecurityConstraint)1 WebResourceCollection (com.sun.enterprise.deployment.web.WebResourceCollection)1 ArrayList (java.util.ArrayList)1 ServletContext (javax.servlet.ServletContext)1 ServletRegistration (javax.servlet.ServletRegistration)1 HttpConstraint (javax.servlet.annotation.HttpConstraint)1 HttpMethodConstraint (javax.servlet.annotation.HttpMethodConstraint)1 HttpServlet (javax.servlet.http.HttpServlet)1 Container (org.apache.catalina.Container)1 Response (org.apache.catalina.connector.Response)1 ApplicationServletRegistration (org.apache.catalina.core.ApplicationServletRegistration)1 SecurityCollection (org.apache.catalina.deploy.SecurityCollection)1 SecurityConstraint (org.apache.catalina.deploy.SecurityConstraint)1