View Javadoc

1   // ========================================================================
2   // Copyright 200-2004 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // Licensed under the Apache License, Version 2.0 (the "License");
5   // you may not use this file except in compliance with the License.
6   // You may obtain a copy of the License at 
7   // http://www.apache.org/licenses/LICENSE-2.0
8   // Unless required by applicable law or agreed to in writing, software
9   // distributed under the License is distributed on an "AS IS" BASIS,
10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11  // See the License for the specific language governing permissions and
12  // limitations under the License.
13  // ========================================================================
14  
15  package org.mortbay.jetty.security;
16  
17  import java.io.Serializable;
18  
19  
20  /* ------------------------------------------------------------ */
21  /** Describe an auth and/or data constraint. 
22   *
23   * @author Greg Wilkins (gregw)
24   */
25  public class Constraint implements Cloneable, Serializable
26  {
27      /* ------------------------------------------------------------ */
28      public final static String __BASIC_AUTH= "BASIC";
29      public final static String __FORM_AUTH= "FORM";
30      public final static String __DIGEST_AUTH= "DIGEST";
31      public final static String __CERT_AUTH= "CLIENT_CERT";
32      public final static String __CERT_AUTH2= "CLIENT-CERT";
33  
34      /* ------------------------------------------------------------ */
35      public final static int DC_UNSET= -1, DC_NONE= 0, DC_INTEGRAL= 1, DC_CONFIDENTIAL= 2;
36  
37      /* ------------------------------------------------------------ */
38      public final static String NONE= "NONE";
39      public final static String ANY_ROLE= "*";
40  
41      /* ------------------------------------------------------------ */
42      private String _name;
43      private String[] _roles;
44      private int _dataConstraint= DC_UNSET;
45      private boolean _anyRole= false;
46      private boolean _authenticate= false;
47  
48      /* ------------------------------------------------------------ */
49      /** Constructor. 
50       */
51      public Constraint()
52      {}
53  
54      /* ------------------------------------------------------------ */
55      /** Conveniance Constructor. 
56       * @param name 
57       * @param role 
58       */
59      public Constraint(String name, String role)
60      {
61          setName(name);
62          setRoles(new String[]{role});
63      }
64  
65      /* ------------------------------------------------------------ */
66      public Object clone() throws CloneNotSupportedException
67      {
68          return super.clone();
69      }
70      
71      /* ------------------------------------------------------------ */
72      /**
73       * @param name 
74       */
75      public void setName(String name)
76      {
77          _name= name;
78      }
79      
80      /* ------------------------------------------------------------ */
81      public void setRoles(String[] roles)
82      {
83          _roles=roles;
84          _anyRole=false;
85          if (roles!=null)
86          for (int i=roles.length;!_anyRole&& i-->0;)
87              _anyRole=ANY_ROLE.equals(roles[i]);
88      }
89  
90      /* ------------------------------------------------------------ */
91      /** 
92       * @return True if any user role is permitted.
93       */
94      public boolean isAnyRole()
95      {
96          return _anyRole;
97      }
98  
99      /* ------------------------------------------------------------ */
100     /** 
101      * @return List of roles for this constraint.
102      */
103     public String[] getRoles()
104     {
105         return _roles;
106     }
107 
108     /* ------------------------------------------------------------ */
109     /** 
110      * @param role 
111      * @return True if the constraint contains the role.
112      */
113     public boolean hasRole(String role)
114     {
115         if (_anyRole)
116             return true;
117         if (_roles!=null)
118             for (int i=_roles.length;i-->0;)
119                 if (role.equals(_roles[i]))
120                     return true;
121         return false;
122     }
123 
124     /* ------------------------------------------------------------ */
125     /** 
126      * @param authenticate True if users must be authenticated 
127      */
128     public void setAuthenticate(boolean authenticate)
129     {
130         _authenticate= authenticate;
131     }
132 
133     /* ------------------------------------------------------------ */
134     /** 
135      * @return True if the constraint requires request authentication
136      */
137     public boolean getAuthenticate()
138     {
139         return _authenticate;
140     }
141 
142     /* ------------------------------------------------------------ */
143     /** 
144      * @return True if authentication required but no roles set
145      */
146     public boolean isForbidden()
147     {
148         return _authenticate && !_anyRole && (_roles==null || _roles.length == 0);
149     }
150 
151     /* ------------------------------------------------------------ */
152     /** 
153      * @param c Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL & 2=DC_CONFIDENTIAL
154      */
155     public void setDataConstraint(int c)
156     {
157         if (c < 0 || c > DC_CONFIDENTIAL)
158             throw new IllegalArgumentException("Constraint out of range");
159         _dataConstraint= c;
160     }
161 
162     /* ------------------------------------------------------------ */
163     /** 
164      * @return Data constrain indicator: 0=DC+NONE, 1=DC_INTEGRAL & 2=DC_CONFIDENTIAL
165      */
166     public int getDataConstraint()
167     {
168         return _dataConstraint;
169     }
170 
171     /* ------------------------------------------------------------ */
172     /** 
173      * @return True if a data constraint has been set.
174      */
175     public boolean hasDataConstraint()
176     {
177         return _dataConstraint >= DC_NONE;
178     }
179 
180     /* ------------------------------------------------------------ */
181     public String toString()
182     {
183         return "SC{"
184             + _name
185             + ","
186             + (_anyRole ? "*" : (_roles == null ? "-" : _roles.toString()))
187             + ","
188             + (_dataConstraint == DC_UNSET ? "DC_UNSET}":
189                (_dataConstraint == DC_NONE
190                 ? "NONE}"
191                 : (_dataConstraint == DC_INTEGRAL ? "INTEGRAL}" : "CONFIDENTIAL}")));
192     }
193 
194     
195 }