Examples with ConstraintMapping org.eclipse.jetty.security.ConstraintMapping used on opensource projects

Example 31 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project jetty.project by eclipse.

the class SecuredHelloHandler method main.

public static void main(String[] args) throws Exception {
    // Create a basic jetty server object that will listen on port 8080.
    // Note that if you set this to port 0 then a randomly available port
    // will be assigned that you can either look in the logs for the port,
    // or programmatically obtain it for use in test cases.
    Server server = new Server(8080);
    // Since this example is for our test webapp, we need to setup a
    // LoginService so this shows how to create a very simple hashmap based
    // one. The name of the LoginService needs to correspond to what is
    // configured a webapp's web.xml and since it has a lifecycle of its own
    // we register it as a bean with the Jetty server object so it can be
    // started and stopped according to the lifecycle of the server itself.
    // In this example the name can be whatever you like since we are not
    // dealing with webapp realms.
    LoginService loginService = new HashLoginService("MyRealm", "src/test/resources/realm.properties");
    server.addBean(loginService);
    // A security handler is a jetty handler that secures content behind a
    // particular portion of a url space. The ConstraintSecurityHandler is a
    // more specialized handler that allows matching of urls to different
    // constraints. The server sets this as the first handler in the chain,
    // effectively applying these constraints to all subsequent handlers in
    // the chain.
    ConstraintSecurityHandler security = new ConstraintSecurityHandler();
    server.setHandler(security);
    // This constraint requires authentication and in addition that an
    // authenticated user be a member of a given set of roles for
    // authorization purposes.
    Constraint constraint = new Constraint();
    constraint.setName("auth");
    constraint.setAuthenticate(true);
    constraint.setRoles(new String[] { "user", "admin" });
    // Binds a url pattern with the previously created constraint. The roles
    // for this constraing mapping are mined from the Constraint itself
    // although methods exist to declare and bind roles separately as well.
    ConstraintMapping mapping = new ConstraintMapping();
    mapping.setPathSpec("/*");
    mapping.setConstraint(constraint);
    // First you see the constraint mapping being applied to the handler as
    // a singleton list, however you can passing in as many security
    // constraint mappings as you like so long as they follow the mapping
    // requirements of the servlet api. Next we set a BasicAuthenticator
    // instance which is the object that actually checks the credentials
    // followed by the LoginService which is the store of known users, etc.
    security.setConstraintMappings(Collections.singletonList(mapping));
    security.setAuthenticator(new BasicAuthenticator());
    security.setLoginService(loginService);
    // The Hello Handler is the handler we are securing so we create one,
    // and then set it as the handler on the
    // security handler to complain the simple handler chain.
    HelloHandler hh = new HelloHandler();
    // chain the hello handler into the security handler
    security.setHandler(hh);
    // Start things up!
    server.start();
    // The use of server.join() the will make the current thread join and
    // wait until the server is done executing.
    // See
    // http://docs.oracle.com/javase/7/docs/api/java/lang/Thread.html#join()
    server.join();
}

Example 32 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project jetty.project by eclipse.

the class JaspiTest method before.

@Before
public void before() throws Exception {
    System.setProperty("org.apache.geronimo.jaspic.configurationFile", "src/test/resources/jaspi.xml");
    _server = new Server();
    _connector = new LocalConnector(_server);
    _server.addConnector(_connector);
    ContextHandlerCollection contexts = new ContextHandlerCollection();
    _server.setHandler(contexts);
    TestLoginService loginService = new TestLoginService("TestRealm");
    loginService.putUser("user", new Password("password"), new String[] { "users" });
    loginService.putUser("admin", new Password("secret"), new String[] { "users", "admins" });
    _server.addBean(loginService);
    ContextHandler context = new ContextHandler();
    contexts.addHandler(context);
    context.setContextPath("/ctx");
    JaspiAuthenticatorFactory jaspiAuthFactory = new JaspiAuthenticatorFactory();
    ConstraintSecurityHandler security = new ConstraintSecurityHandler();
    context.setHandler(security);
    security.setAuthenticatorFactory(jaspiAuthFactory);
    // security.setAuthenticator(new BasicAuthenticator());
    Constraint constraint = new Constraint("All", "users");
    constraint.setAuthenticate(true);
    ConstraintMapping mapping = new ConstraintMapping();
    mapping.setPathSpec("/jaspi/*");
    mapping.setConstraint(constraint);
    security.addConstraintMapping(mapping);
    TestHandler handler = new TestHandler();
    security.setHandler(handler);
    ContextHandler other = new ContextHandler();
    contexts.addHandler(other);
    other.setContextPath("/other");
    ConstraintSecurityHandler securityOther = new ConstraintSecurityHandler();
    other.setHandler(securityOther);
    securityOther.setAuthenticatorFactory(jaspiAuthFactory);
    securityOther.addConstraintMapping(mapping);
    securityOther.setHandler(new TestHandler());
    _server.start();
}

Example 33 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project jetty.project by eclipse.

the class StandardDescriptorProcessor method visitSecurityConstraint.

public void visitSecurityConstraint(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
    Constraint scBase = new Constraint();
    //TODO: need to remember origin of the constraints
    try {
        XmlParser.Node auths = node.get("auth-constraint");
        if (auths != null) {
            scBase.setAuthenticate(true);
            // auth-constraint
            Iterator<XmlParser.Node> iter = auths.iterator("role-name");
            List<String> roles = new ArrayList<String>();
            while (iter.hasNext()) {
                String role = iter.next().toString(false, true);
                roles.add(role);
            }
            scBase.setRoles(roles.toArray(new String[roles.size()]));
        }
        XmlParser.Node data = node.get("user-data-constraint");
        if (data != null) {
            data = data.get("transport-guarantee");
            String guarantee = data.toString(false, true).toUpperCase(Locale.ENGLISH);
            if (guarantee == null || guarantee.length() == 0 || "NONE".equals(guarantee))
                scBase.setDataConstraint(Constraint.DC_NONE);
            else if ("INTEGRAL".equals(guarantee))
                scBase.setDataConstraint(Constraint.DC_INTEGRAL);
            else if ("CONFIDENTIAL".equals(guarantee))
                scBase.setDataConstraint(Constraint.DC_CONFIDENTIAL);
            else {
                LOG.warn("Unknown user-data-constraint:" + guarantee);
                scBase.setDataConstraint(Constraint.DC_CONFIDENTIAL);
            }
        }
        Iterator<XmlParser.Node> iter = node.iterator("web-resource-collection");
        while (iter.hasNext()) {
            XmlParser.Node collection = iter.next();
            String name = collection.getString("web-resource-name", false, true);
            Constraint sc = (Constraint) scBase.clone();
            sc.setName(name);
            Iterator<XmlParser.Node> iter2 = collection.iterator("url-pattern");
            while (iter2.hasNext()) {
                String url = iter2.next().toString(false, true);
                url = ServletPathSpec.normalize(url);
                //remember origin so we can process ServletRegistration.Dynamic.setServletSecurityElement() correctly
                context.getMetaData().setOrigin("constraint.url." + url, descriptor);
                Iterator<XmlParser.Node> methods = collection.iterator("http-method");
                Iterator<XmlParser.Node> ommissions = collection.iterator("http-method-omission");
                if (methods.hasNext()) {
                    if (ommissions.hasNext())
                        throw new IllegalStateException("web-resource-collection cannot contain both http-method and http-method-omission");
                    //configure all the http-method elements for each url
                    while (methods.hasNext()) {
                        String method = ((XmlParser.Node) methods.next()).toString(false, true);
                        ConstraintMapping mapping = new ConstraintMapping();
                        mapping.setMethod(method);
                        mapping.setPathSpec(url);
                        mapping.setConstraint(sc);
                        ((ConstraintAware) context.getSecurityHandler()).addConstraintMapping(mapping);
                    }
                } else if (ommissions.hasNext()) {
                    // TODO use the array
                    while (ommissions.hasNext()) {
                        String method = ((XmlParser.Node) ommissions.next()).toString(false, true);
                        ConstraintMapping mapping = new ConstraintMapping();
                        mapping.setMethodOmissions(new String[] { method });
                        mapping.setPathSpec(url);
                        mapping.setConstraint(sc);
                        ((ConstraintAware) context.getSecurityHandler()).addConstraintMapping(mapping);
                    }
                } else {
                    //No http-methods or http-method-omissions specified, the constraint applies to all
                    ConstraintMapping mapping = new ConstraintMapping();
                    mapping.setPathSpec(url);
                    mapping.setConstraint(sc);
                    ((ConstraintAware) context.getSecurityHandler()).addConstraintMapping(mapping);
                }
            }
        }
    } catch (CloneNotSupportedException e) {
        LOG.warn(e);
    }
}

Example 34 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project jetty.project by eclipse.

the class DatabaseLoginServiceTestServer method configureServer.

protected void configureServer() throws Exception {
    _protocol = "http";
    _server.addBean(_loginService);
    ConstraintSecurityHandler security = new ConstraintSecurityHandler();
    _server.setHandler(security);
    Constraint constraint = new Constraint();
    constraint.setName("auth");
    constraint.setAuthenticate(true);
    constraint.setRoles(new String[] { "user", "admin" });
    ConstraintMapping mapping = new ConstraintMapping();
    mapping.setPathSpec("/*");
    mapping.setConstraint(constraint);
    Set<String> knownRoles = new HashSet<>();
    knownRoles.add("user");
    knownRoles.add("admin");
    security.setConstraintMappings(Collections.singletonList(mapping), knownRoles);
    security.setAuthenticator(new BasicAuthenticator());
    security.setLoginService(_loginService);
    ServletContextHandler root = new ServletContextHandler();
    root.setContextPath("/");
    root.setResourceBase(_resourceBase);
    ServletHolder servletHolder = new ServletHolder(new DefaultServlet());
    servletHolder.setInitParameter("gzip", "true");
    root.addServlet(servletHolder, "/*");
    _handler = new TestHandler(_resourceBase);
    HandlerCollection handlers = new HandlerCollection();
    handlers.setHandlers(new Handler[] { _handler, root });
    security.setHandler(handlers);
}

Example 35 with ConstraintMapping

use of org.eclipse.jetty.security.ConstraintMapping in project jetty.project by eclipse.

the class QuickStartDescriptorGenerator method generateQuickStartWebXml.

/**
     * Perform the generation of the xml file
     * @param stream the stream to generate the quickstart-web.xml to
     * @throws IOException if unable to generate the quickstart-web.xml
     * @throws FileNotFoundException if unable to find the file 
     */
public void generateQuickStartWebXml(OutputStream stream) throws FileNotFoundException, IOException {
    if (_webApp == null)
        throw new IllegalStateException("No webapp for quickstart generation");
    if (stream == null)
        throw new IllegalStateException("No output for quickstart generation");
    _webApp.getMetaData().getOrigins();
    if (_webApp.getBaseResource() == null)
        throw new IllegalArgumentException("No base resource for " + this);
    LOG.info("Quickstart generating");
    XmlAppendable out = new XmlAppendable(stream, "UTF-8");
    MetaData md = _webApp.getMetaData();
    Map<String, String> webappAttr = new HashMap<>();
    webappAttr.put("xmlns", "http://xmlns.jcp.org/xml/ns/javaee");
    webappAttr.put("xmlns:xsi", "http://www.w3.org/2001/XMLSchema-instance");
    webappAttr.put("xsi:schemaLocation", "http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd");
    webappAttr.put("metadata-complete", "true");
    webappAttr.put("version", "3.1");
    out.openTag("web-app", webappAttr);
    if (_webApp.getDisplayName() != null)
        out.tag("display-name", _webApp.getDisplayName());
    // Set some special context parameters
    // The location of the war file on disk
    AttributeNormalizer normalizer = new AttributeNormalizer(_webApp.getBaseResource());
    // The library order
    addContextParamFromAttribute(out, ServletContext.ORDERED_LIBS);
    //the servlet container initializers
    addContextParamFromAttribute(out, AnnotationConfiguration.CONTAINER_INITIALIZERS);
    //the tlds discovered
    addContextParamFromAttribute(out, MetaInfConfiguration.METAINF_TLDS, normalizer);
    //the META-INF/resources discovered
    addContextParamFromAttribute(out, MetaInfConfiguration.METAINF_RESOURCES, normalizer);
    //add the name of the origin attribute, if it is being used
    if (_generateOrigin) {
        out.openTag("context-param").tag("param-name", ORIGIN).tag("param-value", _originAttribute).closeTag();
    }
    // init params
    for (String p : _webApp.getInitParams().keySet()) out.openTag("context-param", origin(md, "context-param." + p)).tag("param-name", p).tag("param-value", _webApp.getInitParameter(p)).closeTag();
    if (_webApp.getEventListeners() != null)
        for (EventListener e : _webApp.getEventListeners()) out.openTag("listener", origin(md, e.getClass().getCanonicalName() + ".listener")).tag("listener-class", e.getClass().getCanonicalName()).closeTag();
    ServletHandler servlets = _webApp.getServletHandler();
    if (servlets.getFilters() != null) {
        for (FilterHolder holder : servlets.getFilters()) outholder(out, md, holder);
    }
    if (servlets.getFilterMappings() != null) {
        for (FilterMapping mapping : servlets.getFilterMappings()) {
            out.openTag("filter-mapping");
            out.tag("filter-name", mapping.getFilterName());
            if (mapping.getPathSpecs() != null)
                for (String s : mapping.getPathSpecs()) out.tag("url-pattern", s);
            if (mapping.getServletNames() != null)
                for (String n : mapping.getServletNames()) out.tag("servlet-name", n);
            if (!mapping.isDefaultDispatches()) {
                if (mapping.appliesTo(DispatcherType.REQUEST))
                    out.tag("dispatcher", "REQUEST");
                if (mapping.appliesTo(DispatcherType.ASYNC))
                    out.tag("dispatcher", "ASYNC");
                if (mapping.appliesTo(DispatcherType.ERROR))
                    out.tag("dispatcher", "ERROR");
                if (mapping.appliesTo(DispatcherType.FORWARD))
                    out.tag("dispatcher", "FORWARD");
                if (mapping.appliesTo(DispatcherType.INCLUDE))
                    out.tag("dispatcher", "INCLUDE");
            }
            out.closeTag();
        }
    }
    if (servlets.getServlets() != null) {
        for (ServletHolder holder : servlets.getServlets()) outholder(out, md, holder);
    }
    if (servlets.getServletMappings() != null) {
        for (ServletMapping mapping : servlets.getServletMappings()) {
            out.openTag("servlet-mapping", origin(md, mapping.getServletName() + ".servlet.mappings"));
            out.tag("servlet-name", mapping.getServletName());
            if (mapping.getPathSpecs() != null)
                for (String s : mapping.getPathSpecs()) out.tag("url-pattern", s);
            out.closeTag();
        }
    }
    // Security elements
    SecurityHandler security = _webApp.getSecurityHandler();
    if (security != null && (security.getRealmName() != null || security.getAuthMethod() != null)) {
        out.openTag("login-config");
        if (security.getAuthMethod() != null)
            out.tag("auth-method", origin(md, "auth-method"), security.getAuthMethod());
        if (security.getRealmName() != null)
            out.tag("realm-name", origin(md, "realm-name"), security.getRealmName());
        if (Constraint.__FORM_AUTH.equalsIgnoreCase(security.getAuthMethod())) {
            out.openTag("form-login-config");
            out.tag("form-login-page", origin(md, "form-login-page"), security.getInitParameter(FormAuthenticator.__FORM_LOGIN_PAGE));
            out.tag("form-error-page", origin(md, "form-error-page"), security.getInitParameter(FormAuthenticator.__FORM_ERROR_PAGE));
            out.closeTag();
        }
        out.closeTag();
    }
    if (security instanceof ConstraintAware) {
        ConstraintAware ca = (ConstraintAware) security;
        for (String r : ca.getRoles()) out.openTag("security-role").tag("role-name", r).closeTag();
        for (ConstraintMapping m : ca.getConstraintMappings()) {
            out.openTag("security-constraint");
            out.openTag("web-resource-collection");
            {
                if (m.getConstraint().getName() != null)
                    out.tag("web-resource-name", m.getConstraint().getName());
                if (m.getPathSpec() != null)
                    out.tag("url-pattern", origin(md, "constraint.url." + m.getPathSpec()), m.getPathSpec());
                if (m.getMethod() != null)
                    out.tag("http-method", m.getMethod());
                if (m.getMethodOmissions() != null)
                    for (String o : m.getMethodOmissions()) out.tag("http-method-omission", o);
                out.closeTag();
            }
            if (m.getConstraint().getAuthenticate()) {
                String[] roles = m.getConstraint().getRoles();
                if (roles != null && roles.length > 0) {
                    out.openTag("auth-constraint");
                    if (m.getConstraint().getRoles() != null)
                        for (String r : m.getConstraint().getRoles()) out.tag("role-name", r);
                    out.closeTag();
                } else
                    out.tag("auth-constraint");
            }
            switch(m.getConstraint().getDataConstraint()) {
                case Constraint.DC_NONE:
                    out.openTag("user-data-constraint").tag("transport-guarantee", "NONE").closeTag();
                    break;
                case Constraint.DC_INTEGRAL:
                    out.openTag("user-data-constraint").tag("transport-guarantee", "INTEGRAL").closeTag();
                    break;
                case Constraint.DC_CONFIDENTIAL:
                    out.openTag("user-data-constraint").tag("transport-guarantee", "CONFIDENTIAL").closeTag();
                    break;
                default:
                    break;
            }
            out.closeTag();
        }
    }
    if (_webApp.getWelcomeFiles() != null) {
        out.openTag("welcome-file-list");
        for (String welcomeFile : _webApp.getWelcomeFiles()) {
            out.tag("welcome-file", welcomeFile);
        }
        out.closeTag();
    }
    Map<String, String> localeEncodings = _webApp.getLocaleEncodings();
    if (localeEncodings != null && !localeEncodings.isEmpty()) {
        out.openTag("locale-encoding-mapping-list");
        for (Map.Entry<String, String> entry : localeEncodings.entrySet()) {
            out.openTag("locale-encoding-mapping", origin(md, "locale-encoding." + entry.getKey()));
            out.tag("locale", entry.getKey());
            out.tag("encoding", entry.getValue());
            out.closeTag();
        }
        out.closeTag();
    }
    //session-config
    if (_webApp.getSessionHandler() != null) {
        out.openTag("session-config");
        int maxInactiveSec = _webApp.getSessionHandler().getMaxInactiveInterval();
        out.tag("session-timeout", (maxInactiveSec == 0 ? "0" : Integer.toString(maxInactiveSec / 60)));
        //cookie-config
        SessionCookieConfig cookieConfig = _webApp.getSessionHandler().getSessionCookieConfig();
        if (cookieConfig != null) {
            out.openTag("cookie-config");
            if (cookieConfig.getName() != null)
                out.tag("name", origin(md, "cookie-config.name"), cookieConfig.getName());
            if (cookieConfig.getDomain() != null)
                out.tag("domain", origin(md, "cookie-config.domain"), cookieConfig.getDomain());
            if (cookieConfig.getPath() != null)
                out.tag("path", origin(md, "cookie-config.path"), cookieConfig.getPath());
            if (cookieConfig.getComment() != null)
                out.tag("comment", origin(md, "cookie-config.comment"), cookieConfig.getComment());
            out.tag("http-only", origin(md, "cookie-config.http-only"), Boolean.toString(cookieConfig.isHttpOnly()));
            out.tag("secure", origin(md, "cookie-config.secure"), Boolean.toString(cookieConfig.isSecure()));
            out.tag("max-age", origin(md, "cookie-config.max-age"), Integer.toString(cookieConfig.getMaxAge()));
            out.closeTag();
        }
        // tracking-modes
        Set<SessionTrackingMode> modes = _webApp.getSessionHandler().getEffectiveSessionTrackingModes();
        if (modes != null) {
            for (SessionTrackingMode mode : modes) out.tag("tracking-mode", mode.toString());
        }
        out.closeTag();
    }
    //error-pages
    Map<String, String> errorPages = ((ErrorPageErrorHandler) _webApp.getErrorHandler()).getErrorPages();
    if (errorPages != null) {
        for (Map.Entry<String, String> entry : errorPages.entrySet()) {
            out.openTag("error-page", origin(md, "error." + entry.getKey()));
            //a global or default error page has no code or exception               
            if (!ErrorPageErrorHandler.GLOBAL_ERROR_PAGE.equals(entry.getKey())) {
                if (entry.getKey().matches("\\d{3}"))
                    out.tag("error-code", entry.getKey());
                else
                    out.tag("exception-type", entry.getKey());
            }
            out.tag("location", entry.getValue());
            out.closeTag();
        }
    }
    //mime-types
    MimeTypes mimeTypes = _webApp.getMimeTypes();
    if (mimeTypes != null) {
        for (Map.Entry<String, String> entry : mimeTypes.getMimeMap().entrySet()) {
            out.openTag("mime-mapping");
            out.tag("extension", origin(md, "extension." + entry.getKey()), entry.getKey());
            out.tag("mime-type", entry.getValue());
            out.closeTag();
        }
    }
    //jsp-config
    JspConfig jspConfig = (JspConfig) _webApp.getServletContext().getJspConfigDescriptor();
    if (jspConfig != null) {
        out.openTag("jsp-config");
        Collection<TaglibDescriptor> tlds = jspConfig.getTaglibs();
        if (tlds != null && !tlds.isEmpty()) {
            for (TaglibDescriptor tld : tlds) {
                out.openTag("taglib");
                out.tag("taglib-uri", tld.getTaglibURI());
                out.tag("taglib-location", tld.getTaglibLocation());
                out.closeTag();
            }
        }
        Collection<JspPropertyGroupDescriptor> jspPropertyGroups = jspConfig.getJspPropertyGroups();
        if (jspPropertyGroups != null && !jspPropertyGroups.isEmpty()) {
            for (JspPropertyGroupDescriptor jspPropertyGroup : jspPropertyGroups) {
                out.openTag("jsp-property-group");
                Collection<String> strings = jspPropertyGroup.getUrlPatterns();
                if (strings != null && !strings.isEmpty()) {
                    for (String urlPattern : strings) out.tag("url-pattern", urlPattern);
                }
                if (jspPropertyGroup.getElIgnored() != null)
                    out.tag("el-ignored", jspPropertyGroup.getElIgnored());
                if (jspPropertyGroup.getPageEncoding() != null)
                    out.tag("page-encoding", jspPropertyGroup.getPageEncoding());
                if (jspPropertyGroup.getScriptingInvalid() != null)
                    out.tag("scripting-invalid", jspPropertyGroup.getScriptingInvalid());
                if (jspPropertyGroup.getIsXml() != null)
                    out.tag("is-xml", jspPropertyGroup.getIsXml());
                if (jspPropertyGroup.getDeferredSyntaxAllowedAsLiteral() != null)
                    out.tag("deferred-syntax-allowed-as-literal", jspPropertyGroup.getDeferredSyntaxAllowedAsLiteral());
                if (jspPropertyGroup.getTrimDirectiveWhitespaces() != null)
                    out.tag("trim-directive-whitespaces", jspPropertyGroup.getTrimDirectiveWhitespaces());
                if (jspPropertyGroup.getDefaultContentType() != null)
                    out.tag("default-content-type", jspPropertyGroup.getDefaultContentType());
                if (jspPropertyGroup.getBuffer() != null)
                    out.tag("buffer", jspPropertyGroup.getBuffer());
                if (jspPropertyGroup.getErrorOnUndeclaredNamespace() != null)
                    out.tag("error-on-undeclared-namespace", jspPropertyGroup.getErrorOnUndeclaredNamespace());
                strings = jspPropertyGroup.getIncludePreludes();
                if (strings != null && !strings.isEmpty()) {
                    for (String prelude : strings) out.tag("include-prelude", prelude);
                }
                strings = jspPropertyGroup.getIncludeCodas();
                if (strings != null && !strings.isEmpty()) {
                    for (String coda : strings) out.tag("include-coda", coda);
                }
                out.closeTag();
            }
        }
        out.closeTag();
    }
    //lifecycle: post-construct, pre-destroy
    LifeCycleCallbackCollection lifecycles = ((LifeCycleCallbackCollection) _webApp.getAttribute(LifeCycleCallbackCollection.LIFECYCLE_CALLBACK_COLLECTION));
    if (lifecycles != null) {
        Collection<LifeCycleCallback> tmp = lifecycles.getPostConstructCallbacks();
        for (LifeCycleCallback c : tmp) {
            out.openTag("post-construct");
            out.tag("lifecycle-callback-class", c.getTargetClassName());
            out.tag("lifecycle-callback-method", c.getMethodName());
            out.closeTag();
        }
        tmp = lifecycles.getPreDestroyCallbacks();
        for (LifeCycleCallback c : tmp) {
            out.openTag("pre-destroy");
            out.tag("lifecycle-callback-class", c.getTargetClassName());
            out.tag("lifecycle-callback-method", c.getMethodName());
            out.closeTag();
        }
    }
    out.literal(_extraXML);
    out.closeTag();
}