Search in sources :

Example 1 with WebResourceCollectionImpl

use of org.glassfish.web.deployment.descriptor.WebResourceCollectionImpl in project Payara by payara.

the class DynamicWebServletRegistrationImpl method setSecurityConfig.

public void setSecurityConfig(SecurityConfig config) {
    if (config == null) {
        return;
    }
    this.config = config;
    LoginConfig lc = config.getLoginConfig();
    if (lc != null) {
        LoginConfiguration loginConf = new LoginConfigurationImpl();
        loginConf.setAuthenticationMethod(lc.getAuthMethod().name());
        loginConf.setRealmName(lc.getRealmName());
        FormLoginConfig form = lc.getFormLoginConfig();
        if (form != null) {
            loginConf.setFormErrorPage(form.getFormErrorPage());
            loginConf.setFormLoginPage(form.getFormLoginPage());
        }
        LoginConfigDecorator decorator = new LoginConfigDecorator(loginConf);
        setLoginConfig(decorator);
        getWebBundleDescriptor().setLoginConfiguration(loginConf);
    }
    Set<org.glassfish.embeddable.web.config.SecurityConstraint> securityConstraints = config.getSecurityConstraints();
    for (org.glassfish.embeddable.web.config.SecurityConstraint sc : securityConstraints) {
        com.sun.enterprise.deployment.web.SecurityConstraint securityConstraint = new SecurityConstraintImpl();
        Set<org.glassfish.embeddable.web.config.WebResourceCollection> wrcs = sc.getWebResourceCollection();
        for (org.glassfish.embeddable.web.config.WebResourceCollection wrc : wrcs) {
            WebResourceCollectionImpl webResourceColl = new WebResourceCollectionImpl();
            webResourceColl.setDisplayName(wrc.getName());
            for (String urlPattern : wrc.getUrlPatterns()) {
                webResourceColl.addUrlPattern(urlPattern);
            }
            securityConstraint.addWebResourceCollection(webResourceColl);
            AuthorizationConstraintImpl ac = null;
            if (sc.getAuthConstraint() != null && sc.getAuthConstraint().length > 0) {
                ac = new AuthorizationConstraintImpl();
                for (String roleName : sc.getAuthConstraint()) {
                    Role role = new Role(roleName);
                    getWebBundleDescriptor().addRole(role);
                    ac.addSecurityRole(roleName);
                }
            } else {
                // DENY
                ac = new AuthorizationConstraintImpl();
            }
            securityConstraint.setAuthorizationConstraint(ac);
            UserDataConstraint udc = new UserDataConstraintImpl();
            udc.setTransportGuarantee(((sc.getDataConstraint() == TransportGuarantee.CONFIDENTIAL) ? UserDataConstraint.CONFIDENTIAL_TRANSPORT : UserDataConstraint.NONE_TRANSPORT));
            securityConstraint.setUserDataConstraint(udc);
            if (wrc.getHttpMethods() != null) {
                for (String httpMethod : wrc.getHttpMethods()) {
                    webResourceColl.addHttpMethod(httpMethod);
                }
            }
            if (wrc.getHttpMethodOmissions() != null) {
                for (String httpMethod : wrc.getHttpMethodOmissions()) {
                    webResourceColl.addHttpMethodOmission(httpMethod);
                }
            }
            getWebBundleDescriptor().addSecurityConstraint(securityConstraint);
            TomcatDeploymentConfig.configureSecurityConstraint(this, getWebBundleDescriptor());
        }
    }
    if (pipeline != null) {
        GlassFishValve basic = pipeline.getBasic();
        if ((basic != null) && (basic instanceof java.net.Authenticator)) {
            removeValve(basic);
        }
        GlassFishValve[] valves = pipeline.getValves();
        for (int i = 0; i < valves.length; i++) {
            if (valves[i] instanceof java.net.Authenticator) {
                removeValve(valves[i]);
            }
        }
    }
    if (realm != null && realm instanceof RealmInitializer) {
        ((RealmInitializer) realm).initializeRealm(this.getWebBundleDescriptor(), false, ((VirtualServer) parent).getAuthRealmName());
        ((RealmInitializer) realm).setVirtualServer(getParent());
        ((RealmInitializer) realm).updateWebSecurityManager();
        setRealm(realm);
    }
}
Also used : WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection) RealmInitializer(com.sun.enterprise.security.integration.RealmInitializer) AuthorizationConstraintImpl(org.glassfish.web.deployment.descriptor.AuthorizationConstraintImpl) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) LoginConfigurationImpl(org.glassfish.web.deployment.descriptor.LoginConfigurationImpl) FormLoginConfig(org.glassfish.embeddable.web.config.FormLoginConfig) LoginConfig(org.glassfish.embeddable.web.config.LoginConfig) SecurityConstraintImpl(org.glassfish.web.deployment.descriptor.SecurityConstraintImpl) UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint) FormLoginConfig(org.glassfish.embeddable.web.config.FormLoginConfig) UserDataConstraintImpl(org.glassfish.web.deployment.descriptor.UserDataConstraintImpl) LoginConfiguration(com.sun.enterprise.deployment.web.LoginConfiguration) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) WebServiceEndpoint(com.sun.enterprise.deployment.WebServiceEndpoint) GlassFishValve(org.glassfish.web.valve.GlassFishValve) Role(org.glassfish.security.common.Role) LoginConfigDecorator(com.sun.enterprise.web.deploy.LoginConfigDecorator) WebResourceCollectionImpl(org.glassfish.web.deployment.descriptor.WebResourceCollectionImpl)

Aggregations

WebServiceEndpoint (com.sun.enterprise.deployment.WebServiceEndpoint)1 LoginConfiguration (com.sun.enterprise.deployment.web.LoginConfiguration)1 SecurityConstraint (com.sun.enterprise.deployment.web.SecurityConstraint)1 UserDataConstraint (com.sun.enterprise.deployment.web.UserDataConstraint)1 WebResourceCollection (com.sun.enterprise.deployment.web.WebResourceCollection)1 RealmInitializer (com.sun.enterprise.security.integration.RealmInitializer)1 LoginConfigDecorator (com.sun.enterprise.web.deploy.LoginConfigDecorator)1 FormLoginConfig (org.glassfish.embeddable.web.config.FormLoginConfig)1 LoginConfig (org.glassfish.embeddable.web.config.LoginConfig)1 Role (org.glassfish.security.common.Role)1 AuthorizationConstraintImpl (org.glassfish.web.deployment.descriptor.AuthorizationConstraintImpl)1 LoginConfigurationImpl (org.glassfish.web.deployment.descriptor.LoginConfigurationImpl)1 SecurityConstraintImpl (org.glassfish.web.deployment.descriptor.SecurityConstraintImpl)1 UserDataConstraintImpl (org.glassfish.web.deployment.descriptor.UserDataConstraintImpl)1 WebResourceCollectionImpl (org.glassfish.web.deployment.descriptor.WebResourceCollectionImpl)1 GlassFishValve (org.glassfish.web.valve.GlassFishValve)1