Example 6 with Node
use of org.eclipse.jetty.xml.XmlParser.Node in project jetty.project by eclipse.
the class StandardDescriptorProcessor method visitSecurityRole.
public void visitSecurityRole(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
//ServletSpec 3.0, p74 elements with multiplicity >1 are additive when merged
XmlParser.Node roleNode = node.get("role-name");
String role = roleNode.toString(false, true);
((ConstraintAware) context.getSecurityHandler()).addRole(role);
}
Also used :
XmlParser(org.eclipse.jetty.xml.XmlParser)
Node(org.eclipse.jetty.xml.XmlParser.Node)
ConstraintAware(org.eclipse.jetty.security.ConstraintAware)
Example 7 with Node
use of org.eclipse.jetty.xml.XmlParser.Node in project jetty.project by eclipse.
the class StandardDescriptorProcessor method visitJspConfig.
public void visitJspConfig(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
//Additive across web.xml and web-fragment.xml
JspConfig config = (JspConfig) context.getServletContext().getJspConfigDescriptor();
if (config == null) {
config = new JspConfig();
context.getServletContext().setJspConfigDescriptor(config);
}
for (int i = 0; i < node.size(); i++) {
Object o = node.get(i);
if (o instanceof XmlParser.Node && "taglib".equals(((XmlParser.Node) o).getTag()))
visitTagLib(context, descriptor, (XmlParser.Node) o);
}
// Map URLs from jsp property groups to JSP servlet.
// this is more JSP stupidness creeping into the servlet spec
Iterator<XmlParser.Node> iter = node.iterator("jsp-property-group");
List<String> paths = new ArrayList<String>();
while (iter.hasNext()) {
JspPropertyGroup jpg = new JspPropertyGroup();
config.addJspPropertyGroup(jpg);
XmlParser.Node group = iter.next();
//url-patterns
Iterator<XmlParser.Node> iter2 = group.iterator("url-pattern");
while (iter2.hasNext()) {
String url = iter2.next().toString(false, true);
url = ServletPathSpec.normalize(url);
paths.add(url);
jpg.addUrlPattern(url);
}
jpg.setElIgnored(group.getString("el-ignored", false, true));
jpg.setPageEncoding(group.getString("page-encoding", false, true));
jpg.setScriptingInvalid(group.getString("scripting-invalid", false, true));
jpg.setIsXml(group.getString("is-xml", false, true));
jpg.setDeferredSyntaxAllowedAsLiteral(group.getString("deferred-syntax-allowed-as-literal", false, true));
jpg.setTrimDirectiveWhitespaces(group.getString("trim-directive-whitespaces", false, true));
jpg.setDefaultContentType(group.getString("default-content-type", false, true));
jpg.setBuffer(group.getString("buffer", false, true));
jpg.setErrorOnUndeclaredNamespace(group.getString("error-on-undeclared-namespace", false, true));
//preludes
Iterator<XmlParser.Node> preludes = group.iterator("include-prelude");
while (preludes.hasNext()) {
String prelude = preludes.next().toString(false, true);
jpg.addIncludePrelude(prelude);
}
//codas
Iterator<XmlParser.Node> codas = group.iterator("include-coda");
while (codas.hasNext()) {
String coda = codas.next().toString(false, true);
jpg.addIncludeCoda(coda);
}
if (LOG.isDebugEnabled())
LOG.debug(config.toString());
}
//add mappings to the jsp servlet from the property-group mappings
if (paths.size() > 0) {
ServletMapping jspMapping = null;
for (ServletMapping m : _servletMappings) {
if (m.getServletName().equals("jsp")) {
jspMapping = m;
break;
}
}
if (jspMapping != null) {
if (jspMapping.getPathSpecs() == null) {
//no paths in jsp servlet mapping, we will add all of ours
if (LOG.isDebugEnabled())
LOG.debug("Adding all paths from jsp-config to jsp servlet mapping");
jspMapping.setPathSpecs(paths.toArray(new String[paths.size()]));
} else {
//check if each of our paths is already present in existing mapping
ListIterator<String> piterator = paths.listIterator();
while (piterator.hasNext()) {
String p = piterator.next();
if (jspMapping.containsPathSpec(p))
piterator.remove();
}
//any remaining paths, add to the jspMapping
if (paths.size() > 0) {
for (String p : jspMapping.getPathSpecs()) paths.add(p);
if (LOG.isDebugEnabled())
LOG.debug("Adding extra paths from jsp-config to jsp servlet mapping");
jspMapping.setPathSpecs((String[]) paths.toArray(new String[paths.size()]));
}
}
} else {
//no mapping for jsp yet, make one
ServletMapping mapping = new ServletMapping(new Source(Source.Origin.DESCRIPTOR, descriptor.getResource().toString()));
mapping.setServletName("jsp");
mapping.setPathSpecs(paths.toArray(new String[paths.size()]));
_servletMappings.add(mapping);
}
}
}
Also used :
XmlParser(org.eclipse.jetty.xml.XmlParser)
ServletMapping(org.eclipse.jetty.servlet.ServletMapping)
JspConfig(org.eclipse.jetty.servlet.ServletContextHandler.JspConfig)
Node(org.eclipse.jetty.xml.XmlParser.Node)
ArrayList(java.util.ArrayList)
Node(org.eclipse.jetty.xml.XmlParser.Node)
Constraint(org.eclipse.jetty.util.security.Constraint)
Source(org.eclipse.jetty.servlet.Source)
JspPropertyGroup(org.eclipse.jetty.servlet.ServletContextHandler.JspPropertyGroup)
Example 8 with Node
use of org.eclipse.jetty.xml.XmlParser.Node in project jetty.project by eclipse.
the class StandardDescriptorProcessor method visitSecurityConstraint.
public void visitSecurityConstraint(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
Constraint scBase = new Constraint();
//TODO: need to remember origin of the constraints
try {
XmlParser.Node auths = node.get("auth-constraint");
if (auths != null) {
scBase.setAuthenticate(true);
// auth-constraint
Iterator<XmlParser.Node> iter = auths.iterator("role-name");
List<String> roles = new ArrayList<String>();
while (iter.hasNext()) {
String role = iter.next().toString(false, true);
roles.add(role);
}
scBase.setRoles(roles.toArray(new String[roles.size()]));
}
XmlParser.Node data = node.get("user-data-constraint");
if (data != null) {
data = data.get("transport-guarantee");
String guarantee = data.toString(false, true).toUpperCase(Locale.ENGLISH);
if (guarantee == null || guarantee.length() == 0 || "NONE".equals(guarantee))
scBase.setDataConstraint(Constraint.DC_NONE);
else if ("INTEGRAL".equals(guarantee))
scBase.setDataConstraint(Constraint.DC_INTEGRAL);
else if ("CONFIDENTIAL".equals(guarantee))
scBase.setDataConstraint(Constraint.DC_CONFIDENTIAL);
else {
LOG.warn("Unknown user-data-constraint:" + guarantee);
scBase.setDataConstraint(Constraint.DC_CONFIDENTIAL);
}
}
Iterator<XmlParser.Node> iter = node.iterator("web-resource-collection");
while (iter.hasNext()) {
XmlParser.Node collection = iter.next();
String name = collection.getString("web-resource-name", false, true);
Constraint sc = (Constraint) scBase.clone();
sc.setName(name);
Iterator<XmlParser.Node> iter2 = collection.iterator("url-pattern");
while (iter2.hasNext()) {
String url = iter2.next().toString(false, true);
url = ServletPathSpec.normalize(url);
//remember origin so we can process ServletRegistration.Dynamic.setServletSecurityElement() correctly
context.getMetaData().setOrigin("constraint.url." + url, descriptor);
Iterator<XmlParser.Node> methods = collection.iterator("http-method");
Iterator<XmlParser.Node> ommissions = collection.iterator("http-method-omission");
if (methods.hasNext()) {
if (ommissions.hasNext())
throw new IllegalStateException("web-resource-collection cannot contain both http-method and http-method-omission");
//configure all the http-method elements for each url
while (methods.hasNext()) {
String method = ((XmlParser.Node) methods.next()).toString(false, true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setMethod(method);
mapping.setPathSpec(url);
mapping.setConstraint(sc);
((ConstraintAware) context.getSecurityHandler()).addConstraintMapping(mapping);
}
} else if (ommissions.hasNext()) {
// TODO use the array
while (ommissions.hasNext()) {
String method = ((XmlParser.Node) ommissions.next()).toString(false, true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setMethodOmissions(new String[] { method });
mapping.setPathSpec(url);
mapping.setConstraint(sc);
((ConstraintAware) context.getSecurityHandler()).addConstraintMapping(mapping);
}
} else {
//No http-methods or http-method-omissions specified, the constraint applies to all
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec(url);
mapping.setConstraint(sc);
((ConstraintAware) context.getSecurityHandler()).addConstraintMapping(mapping);
}
}
}
} catch (CloneNotSupportedException e) {
LOG.warn(e);
}
}
Also used :
XmlParser(org.eclipse.jetty.xml.XmlParser)
ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping)
Constraint(org.eclipse.jetty.util.security.Constraint)
Node(org.eclipse.jetty.xml.XmlParser.Node)
ArrayList(java.util.ArrayList)
Node(org.eclipse.jetty.xml.XmlParser.Node)
ConstraintAware(org.eclipse.jetty.security.ConstraintAware)
Example 9 with Node
use of org.eclipse.jetty.xml.XmlParser.Node in project jetty.project by eclipse.
the class StandardDescriptorProcessor method visitSessionConfig.
public void visitSessionConfig(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
XmlParser.Node tNode = node.get("session-timeout");
if (tNode != null) {
java.math.BigDecimal asDecimal = new java.math.BigDecimal(tNode.toString(false, true));
if (asDecimal.compareTo(org.eclipse.jetty.server.session.SessionHandler.MAX_INACTIVE_MINUTES) > 0)
throw new IllegalStateException("Max session-timeout in minutes is " + org.eclipse.jetty.server.session.SessionHandler.MAX_INACTIVE_MINUTES);
context.getSessionHandler().setMaxInactiveInterval(asDecimal.intValueExact() * 60);
}
//Servlet Spec 3.0
// <tracking-mode>
// this is additive across web-fragments
Iterator<Node> iter = node.iterator("tracking-mode");
if (iter.hasNext()) {
Set<SessionTrackingMode> modes = null;
Origin o = context.getMetaData().getOrigin("session.tracking-mode");
switch(o) {
//not previously set, starting fresh
case NotSet:
case //previously set in web defaults, allow this descriptor to start fresh
WebDefaults:
{
modes = new HashSet<SessionTrackingMode>();
context.getMetaData().setOrigin("session.tracking-mode", descriptor);
break;
}
case WebXml:
case WebFragment:
case WebOverride:
{
//if setting from an override descriptor, start afresh, otherwise add-in tracking-modes
if (descriptor instanceof OverrideDescriptor)
modes = new HashSet<SessionTrackingMode>();
else
modes = new HashSet<SessionTrackingMode>(context.getSessionHandler().getEffectiveSessionTrackingModes());
context.getMetaData().setOrigin("session.tracking-mode", descriptor);
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
while (iter.hasNext()) {
XmlParser.Node mNode = (XmlParser.Node) iter.next();
String trackMode = mNode.toString(false, true);
modes.add(SessionTrackingMode.valueOf(trackMode));
}
context.getSessionHandler().setSessionTrackingModes(modes);
}
//Servlet Spec 3.0
//<cookie-config>
XmlParser.Node cookieConfig = node.get("cookie-config");
if (cookieConfig != null) {
// <name>
String name = cookieConfig.getString("name", false, true);
if (name != null) {
switch(context.getMetaData().getOrigin("cookie-config.name")) {
case NotSet:
{
//no <cookie-config><name> set yet, accept it
context.getSessionHandler().getSessionCookieConfig().setName(name);
context.getMetaData().setOrigin("cookie-config.name", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//<cookie-config><name> set in a web xml, only allow web-default/web-override to change
if (!(descriptor instanceof FragmentDescriptor)) {
context.getSessionHandler().getSessionCookieConfig().setName(name);
context.getMetaData().setOrigin("cookie-config.name", descriptor);
}
break;
}
case WebFragment:
{
//a web-fragment set the value, all web-fragments must have the same value
if (!context.getSessionHandler().getSessionCookieConfig().getName().equals(name))
throw new IllegalStateException("Conflicting cookie-config name " + name + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// <domain>
String domain = cookieConfig.getString("domain", false, true);
if (domain != null) {
switch(context.getMetaData().getOrigin("cookie-config.domain")) {
case NotSet:
{
//no <cookie-config><domain> set yet, accept it
context.getSessionHandler().getSessionCookieConfig().setDomain(domain);
context.getMetaData().setOrigin("cookie-config.domain", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//<cookie-config><domain> set in a web xml, only allow web-default/web-override to change
if (!(descriptor instanceof FragmentDescriptor)) {
context.getSessionHandler().getSessionCookieConfig().setDomain(domain);
context.getMetaData().setOrigin("cookie-config.domain", descriptor);
}
break;
}
case WebFragment:
{
//a web-fragment set the value, all web-fragments must have the same value
if (!context.getSessionHandler().getSessionCookieConfig().getDomain().equals(domain))
throw new IllegalStateException("Conflicting cookie-config domain " + domain + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// <path>
String path = cookieConfig.getString("path", false, true);
if (path != null) {
switch(context.getMetaData().getOrigin("cookie-config.path")) {
case NotSet:
{
//no <cookie-config><domain> set yet, accept it
context.getSessionHandler().getSessionCookieConfig().setPath(path);
context.getMetaData().setOrigin("cookie-config.path", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//<cookie-config><domain> set in a web xml, only allow web-default/web-override to change
if (!(descriptor instanceof FragmentDescriptor)) {
context.getSessionHandler().getSessionCookieConfig().setPath(path);
context.getMetaData().setOrigin("cookie-config.path", descriptor);
}
break;
}
case WebFragment:
{
//a web-fragment set the value, all web-fragments must have the same value
if (!context.getSessionHandler().getSessionCookieConfig().getPath().equals(path))
throw new IllegalStateException("Conflicting cookie-config path " + path + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// <comment>
String comment = cookieConfig.getString("comment", false, true);
if (comment != null) {
switch(context.getMetaData().getOrigin("cookie-config.comment")) {
case NotSet:
{
//no <cookie-config><comment> set yet, accept it
context.getSessionHandler().getSessionCookieConfig().setComment(comment);
context.getMetaData().setOrigin("cookie-config.comment", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//<cookie-config><comment> set in a web xml, only allow web-default/web-override to change
if (!(descriptor instanceof FragmentDescriptor)) {
context.getSessionHandler().getSessionCookieConfig().setComment(comment);
context.getMetaData().setOrigin("cookie-config.comment", descriptor);
}
break;
}
case WebFragment:
{
//a web-fragment set the value, all web-fragments must have the same value
if (!context.getSessionHandler().getSessionCookieConfig().getComment().equals(comment))
throw new IllegalStateException("Conflicting cookie-config comment " + comment + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// <http-only>true/false
tNode = cookieConfig.get("http-only");
if (tNode != null) {
boolean httpOnly = Boolean.parseBoolean(tNode.toString(false, true));
switch(context.getMetaData().getOrigin("cookie-config.http-only")) {
case NotSet:
{
//no <cookie-config><http-only> set yet, accept it
context.getSessionHandler().getSessionCookieConfig().setHttpOnly(httpOnly);
context.getMetaData().setOrigin("cookie-config.http-only", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//<cookie-config><http-only> set in a web xml, only allow web-default/web-override to change
if (!(descriptor instanceof FragmentDescriptor)) {
context.getSessionHandler().getSessionCookieConfig().setHttpOnly(httpOnly);
context.getMetaData().setOrigin("cookie-config.http-only", descriptor);
}
break;
}
case WebFragment:
{
//a web-fragment set the value, all web-fragments must have the same value
if (context.getSessionHandler().getSessionCookieConfig().isHttpOnly() != httpOnly)
throw new IllegalStateException("Conflicting cookie-config http-only " + httpOnly + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// <secure>true/false
tNode = cookieConfig.get("secure");
if (tNode != null) {
boolean secure = Boolean.parseBoolean(tNode.toString(false, true));
switch(context.getMetaData().getOrigin("cookie-config.secure")) {
case NotSet:
{
//no <cookie-config><secure> set yet, accept it
context.getSessionHandler().getSessionCookieConfig().setSecure(secure);
context.getMetaData().setOrigin("cookie-config.secure", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//<cookie-config><secure> set in a web xml, only allow web-default/web-override to change
if (!(descriptor instanceof FragmentDescriptor)) {
context.getSessionHandler().getSessionCookieConfig().setSecure(secure);
context.getMetaData().setOrigin("cookie-config.secure", descriptor);
}
break;
}
case WebFragment:
{
//a web-fragment set the value, all web-fragments must have the same value
if (context.getSessionHandler().getSessionCookieConfig().isSecure() != secure)
throw new IllegalStateException("Conflicting cookie-config secure " + secure + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
// <max-age>
tNode = cookieConfig.get("max-age");
if (tNode != null) {
int maxAge = Integer.parseInt(tNode.toString(false, true));
switch(context.getMetaData().getOrigin("cookie-config.max-age")) {
case NotSet:
{
//no <cookie-config><max-age> set yet, accept it
context.getSessionHandler().getSessionCookieConfig().setMaxAge(maxAge);
context.getMetaData().setOrigin("cookie-config.max-age", descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//<cookie-config><max-age> set in a web xml, only allow web-default/web-override to change
if (!(descriptor instanceof FragmentDescriptor)) {
context.getSessionHandler().getSessionCookieConfig().setMaxAge(maxAge);
context.getMetaData().setOrigin("cookie-config.max-age", descriptor);
}
break;
}
case WebFragment:
{
//a web-fragment set the value, all web-fragments must have the same value
if (context.getSessionHandler().getSessionCookieConfig().getMaxAge() != maxAge)
throw new IllegalStateException("Conflicting cookie-config max-age " + maxAge + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
}
}
Also used :
XmlParser(org.eclipse.jetty.xml.XmlParser)
SessionTrackingMode(javax.servlet.SessionTrackingMode)
Node(org.eclipse.jetty.xml.XmlParser.Node)
Node(org.eclipse.jetty.xml.XmlParser.Node)
Constraint(org.eclipse.jetty.util.security.Constraint)
HashSet(java.util.HashSet)
Example 10 with Node
use of org.eclipse.jetty.xml.XmlParser.Node in project jetty.project by eclipse.
the class StandardDescriptorProcessor method visitLocaleEncodingList.
public void visitLocaleEncodingList(WebAppContext context, Descriptor descriptor, XmlParser.Node node) {
Iterator<XmlParser.Node> iter = node.iterator("locale-encoding-mapping");
while (iter.hasNext()) {
XmlParser.Node mapping = iter.next();
String locale = mapping.getString("locale", false, true);
String encoding = mapping.getString("encoding", false, true);
if (encoding != null) {
switch(context.getMetaData().getOrigin("locale-encoding." + locale)) {
case NotSet:
{
//no mapping for the locale yet, so set it
context.addLocaleEncoding(locale, encoding);
context.getMetaData().setOrigin("locale-encoding." + locale, descriptor);
break;
}
case WebXml:
case WebDefaults:
case WebOverride:
{
//a value was set in a web descriptor, only allow another web descriptor to change it (web-default/web-override)
if (!(descriptor instanceof FragmentDescriptor)) {
context.addLocaleEncoding(locale, encoding);
context.getMetaData().setOrigin("locale-encoding." + locale, descriptor);
}
break;
}
case WebFragment:
{
//a value was set by a web-fragment, all fragments must have the same value
if (!encoding.equals(context.getLocaleEncoding(locale)))
throw new IllegalStateException("Conflicting loacle-encoding mapping for locale " + locale + " in " + descriptor.getResource());
break;
}
default:
// TODO throw ISE?
LOG.warn(new Throwable());
}
}
}
}Aggregations
Node (org.eclipse.jetty.xml.XmlParser.Node)14
XmlParser (org.eclipse.jetty.xml.XmlParser)9
ArrayList (java.util.ArrayList)4
Source (org.eclipse.jetty.servlet.Source)4
Constraint (org.eclipse.jetty.util.security.Constraint)4
HttpURLConnection (java.net.HttpURLConnection)3
URL (java.net.URL)3
Server (org.eclipse.jetty.server.Server)3
Resource (org.eclipse.jetty.util.resource.Resource)3
WebDescriptor (org.eclipse.jetty.webapp.WebDescriptor)3
XmlConfiguration (org.eclipse.jetty.xml.XmlConfiguration)3
Test (org.junit.Test)3
InputStream (java.io.InputStream)2
ConstraintAware (org.eclipse.jetty.security.ConstraintAware)2
ServletMapping (org.eclipse.jetty.servlet.ServletMapping)2
HashSet (java.util.HashSet)1
DispatcherType (javax.servlet.DispatcherType)1
MultipartConfigElement (javax.servlet.MultipartConfigElement)1
ServletException (javax.servlet.ServletException)1
SessionTrackingMode (javax.servlet.SessionTrackingMode)1
