jetty-security-8.1.0.v20120127

16:37:32.411 INFO  jd.cli.Main - Decompiling jetty-security-8.1.0.v20120127.jar
package org.eclipse.jetty.security;

import java.security.Principal;
import javax.security.auth.Subject;
import org.eclipse.jetty.server.UserIdentity;

public class DefaultIdentityService
  implements IdentityService
{
  public Object associate(UserIdentity user)
  {
    return null;
  }
  
  public void disassociate(Object previous) {}
  
  public Object setRunAs(UserIdentity user, RunAsToken token)
  {
    return token;
  }
  
  public void unsetRunAs(Object lastToken) {}
  
  public RunAsToken newRunAsToken(String runAsName)
  {
    return new RoleRunAsToken(runAsName);
  }
  
  public UserIdentity getSystemUserIdentity()
  {
    return null;
  }
  
  public UserIdentity newUserIdentity(Subject subject, Principal userPrincipal, String[] roles)
  {
    return new DefaultUserIdentity(subject, userPrincipal, roles);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.DefaultIdentityService
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

public abstract interface RunAsToken {}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.RunAsToken
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.CopyOnWriteArraySet;
import org.eclipse.jetty.http.PathMap;
import org.eclipse.jetty.server.AbstractHttpConnection;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.StringMap;
import org.eclipse.jetty.util.TypeUtil;
import org.eclipse.jetty.util.security.Constraint;

public class ConstraintSecurityHandler
  extends SecurityHandler
  implements ConstraintAware
{
  private final List<ConstraintMapping> _constraintMappings = new CopyOnWriteArrayList();
  private final Set<String> _roles = new CopyOnWriteArraySet();
  private final PathMap _constraintMap = new PathMap();
  private boolean _strict = true;
  
  public boolean isStrict()
  {
    return _strict;
  }
  
  public void setStrict(boolean strict)
  {
    _strict = strict;
  }
  
  public List<ConstraintMapping> getConstraintMappings()
  {
    return _constraintMappings;
  }
  
  public Set<String> getRoles()
  {
    return _roles;
  }
  
  public void setConstraintMappings(List<ConstraintMapping> constraintMappings)
  {
    setConstraintMappings(constraintMappings, null);
  }
  
  public void setConstraintMappings(ConstraintMapping[] constraintMappings)
  {
    setConstraintMappings(Arrays.asList(constraintMappings), null);
  }
  
  public void setConstraintMappings(List<ConstraintMapping> constraintMappings, Set<String> roles)
  {
    if (isStarted()) {
      throw new IllegalStateException("Started");
    }
    _constraintMappings.clear();
    _constraintMappings.addAll(constraintMappings);
    if (roles == null)
    {
      roles = new HashSet();
      for (ConstraintMapping cm : constraintMappings)
      {
        String[] cmr = cm.getConstraint().getRoles();
        if (cmr != null) {
          for (String r : cmr) {
            if (!"*".equals(r)) {
              roles.add(r);
            }
          }
        }
      }
    }
    setRoles(roles);
  }
  
  public void setRoles(Set<String> roles)
  {
    if (isStarted()) {
      throw new IllegalStateException("Started");
    }
    _roles.clear();
    _roles.addAll(roles);
  }
  
  public void addConstraintMapping(ConstraintMapping mapping)
  {
    _constraintMappings.add(mapping);
    if ((mapping.getConstraint() != null) && (mapping.getConstraint().getRoles() != null)) {
      for (String role : mapping.getConstraint().getRoles()) {
        addRole(role);
      }
    }
    if (isStarted()) {
      processConstraintMapping(mapping);
    }
  }
  
  public void addRole(String role)
  {
    boolean modified = _roles.add(role);
    if ((isStarted()) && (modified) && (_strict)) {
      for (Map<String, RoleInfo> map : _constraintMap.values()) {
        for (RoleInfo info : map.values()) {
          if (info.isAnyRole()) {
            info.addRole(role);
          }
        }
      }
    }
  }
  
  protected void doStart()
    throws Exception
  {
    _constraintMap.clear();
    if (_constraintMappings != null) {
      for (ConstraintMapping mapping : _constraintMappings) {
        processConstraintMapping(mapping);
      }
    }
    super.doStart();
  }
  
  protected void doStop()
    throws Exception
  {
    _constraintMap.clear();
    _constraintMappings.clear();
    _roles.clear();
    super.doStop();
  }
  
  protected void processConstraintMapping(ConstraintMapping mapping)
  {
    Map<String, RoleInfo> mappings = (Map)_constraintMap.get(mapping.getPathSpec());
    if (mappings == null)
    {
      mappings = new StringMap();
      _constraintMap.put(mapping.getPathSpec(), mappings);
    }
    RoleInfo allMethodsRoleInfo = (RoleInfo)mappings.get(null);
    if ((allMethodsRoleInfo != null) && (allMethodsRoleInfo.isForbidden())) {
      return;
    }
    String httpMethod = mapping.getMethod();
    RoleInfo roleInfo = (RoleInfo)mappings.get(httpMethod);
    if (roleInfo == null)
    {
      roleInfo = new RoleInfo();
      mappings.put(httpMethod, roleInfo);
      if (allMethodsRoleInfo != null) {
        roleInfo.combine(allMethodsRoleInfo);
      }
    }
    if (roleInfo.isForbidden()) {
      return;
    }
    Constraint constraint = mapping.getConstraint();
    boolean forbidden = constraint.isForbidden();
    roleInfo.setForbidden(forbidden);
    if (forbidden)
    {
      if (httpMethod == null)
      {
        mappings.clear();
        mappings.put(null, roleInfo);
      }
    }
    else
    {
      UserDataConstraint userDataConstraint = UserDataConstraint.get(constraint.getDataConstraint());
      roleInfo.setUserDataConstraint(userDataConstraint);
      
      boolean checked = constraint.getAuthenticate();
      roleInfo.setChecked(checked);
      if (roleInfo.isChecked()) {
        if (constraint.isAnyRole())
        {
          if (_strict) {
            for (String role : _roles) {
              roleInfo.addRole(role);
            }
          } else {
            roleInfo.setAnyRole(true);
          }
        }
        else
        {
          String[] newRoles = constraint.getRoles();
          for (String role : newRoles)
          {
            if ((_strict) && (!_roles.contains(role))) {
              throw new IllegalArgumentException("Attempt to use undeclared role: " + role + ", known roles: " + _roles);
            }
            roleInfo.addRole(role);
          }
        }
      }
      if (httpMethod == null) {
        for (Map.Entry<String, RoleInfo> entry : mappings.entrySet()) {
          if (entry.getKey() != null)
          {
            RoleInfo specific = (RoleInfo)entry.getValue();
            specific.combine(roleInfo);
          }
        }
      }
    }
  }
  
  protected Object prepareConstraintInfo(String pathInContext, Request request)
  {
    Map<String, RoleInfo> mappings = (Map)_constraintMap.match(pathInContext);
    if (mappings != null)
    {
      String httpMethod = request.getMethod();
      RoleInfo roleInfo = (RoleInfo)mappings.get(httpMethod);
      if (roleInfo == null) {
        roleInfo = (RoleInfo)mappings.get(null);
      }
      return roleInfo;
    }
    return null;
  }
  
  protected boolean checkUserDataPermissions(String pathInContext, Request request, Response response, Object constraintInfo)
    throws IOException
  {
    if (constraintInfo == null) {
      return true;
    }
    RoleInfo roleInfo = (RoleInfo)constraintInfo;
    if (roleInfo.isForbidden()) {
      return false;
    }
    UserDataConstraint dataConstraint = roleInfo.getUserDataConstraint();
    if ((dataConstraint == null) || (dataConstraint == UserDataConstraint.None)) {
      return true;
    }
    AbstractHttpConnection connection = AbstractHttpConnection.getCurrentConnection();
    Connector connector = connection.getConnector();
    if (dataConstraint == UserDataConstraint.Integral)
    {
      if (connector.isIntegral(request)) {
        return true;
      }
      if (connector.getIntegralPort() > 0)
      {
        String url = connector.getIntegralScheme() + "://" + request.getServerName() + ":" + connector.getIntegralPort() + request.getRequestURI();
        if (request.getQueryString() != null) {
          url = url + "?" + request.getQueryString();
        }
        response.setContentLength(0);
        response.sendRedirect(url);
      }
      else
      {
        response.sendError(403, "!Integral");
      }
      request.setHandled(true);
      return false;
    }
    if (dataConstraint == UserDataConstraint.Confidential)
    {
      if (connector.isConfidential(request)) {
        return true;
      }
      if (connector.getConfidentialPort() > 0)
      {
        String url = connector.getConfidentialScheme() + "://" + request.getServerName() + ":" + connector.getConfidentialPort() + request.getRequestURI();
        if (request.getQueryString() != null) {
          url = url + "?" + request.getQueryString();
        }
        response.setContentLength(0);
        response.sendRedirect(url);
      }
      else
      {
        response.sendError(403, "!Confidential");
      }
      request.setHandled(true);
      return false;
    }
    throw new IllegalArgumentException("Invalid dataConstraint value: " + dataConstraint);
  }
  
  protected boolean isAuthMandatory(Request baseRequest, Response base_response, Object constraintInfo)
  {
    if (constraintInfo == null) {
      return false;
    }
    return ((RoleInfo)constraintInfo).isChecked();
  }
  
  protected boolean checkWebResourcePermissions(String pathInContext, Request request, Response response, Object constraintInfo, UserIdentity userIdentity)
    throws IOException
  {
    if (constraintInfo == null) {
      return true;
    }
    RoleInfo roleInfo = (RoleInfo)constraintInfo;
    if (!roleInfo.isChecked()) {
      return true;
    }
    if ((roleInfo.isAnyRole()) && (request.getAuthType() != null)) {
      return true;
    }
    for (String role : roleInfo.getRoles()) {
      if (userIdentity.isUserInRole(role, null)) {
        return true;
      }
    }
    return false;
  }
  
  public void dump(Appendable out, String indent)
    throws IOException
  {
    dumpThis(out);
    dump(out, indent, new Collection[] { Collections.singleton(getLoginService()), Collections.singleton(getIdentityService()), Collections.singleton(getAuthenticator()), Collections.singleton(_roles), _constraintMap.entrySet(), getBeans(), TypeUtil.asList(getHandlers()) });
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.ConstraintSecurityHandler
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.security.Principal;
import java.util.List;
import javax.security.auth.Subject;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.UserIdentity.Scope;

public class SpnegoUserIdentity
  implements UserIdentity
{
  private Subject _subject;
  private Principal _principal;
  private List<String> _roles;
  
  public SpnegoUserIdentity(Subject subject, Principal principal, List<String> roles)
  {
    _subject = subject;
    _principal = principal;
    _roles = roles;
  }
  
  public Subject getSubject()
  {
    return _subject;
  }
  
  public Principal getUserPrincipal()
  {
    return _principal;
  }
  
  public boolean isUserInRole(String role, UserIdentity.Scope scope)
  {
    return _roles.contains(role);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.SpnegoUserIdentity
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.security.Principal;

final class SecurityHandler$2
  implements Principal
{
  public String getName()
  {
    return "Nobody";
  }
  
  public String toString()
  {
    return getName();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.SecurityHandler.2
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.io.IOException;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.Scanner;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.security.Credential;

public class HashLoginService
  extends MappedLoginService
  implements PropertyUserStore.UserListener
{
  private static final Logger LOG = Log.getLogger(HashLoginService.class);
  private PropertyUserStore _propertyUserStore;
  private String _config;
  private Resource _configResource;
  private Scanner _scanner;
  private int _refreshInterval = 0;
  
  public HashLoginService() {}
  
  public HashLoginService(String name)
  {
    setName(name);
  }
  
  public HashLoginService(String name, String config)
  {
    setName(name);
    setConfig(config);
  }
  
  public String getConfig()
  {
    return _config;
  }
  
  public void getConfig(String config)
  {
    _config = config;
  }
  
  public Resource getConfigResource()
  {
    return _configResource;
  }
  
  public void setConfig(String config)
  {
    _config = config;
  }
  
  public void setRefreshInterval(int msec)
  {
    _refreshInterval = msec;
  }
  
  public int getRefreshInterval()
  {
    return _refreshInterval;
  }
  
  protected UserIdentity loadUser(String username)
  {
    return null;
  }
  
  public void loadUsers()
    throws IOException
  {}
  
  protected void doStart()
    throws Exception
  {
    super.doStart();
    if (_propertyUserStore == null)
    {
      if (LOG.isDebugEnabled()) {
        LOG.debug("doStart: Starting new PropertyUserStore. PropertiesFile: " + _config + " refreshInterval: " + _refreshInterval, new Object[0]);
      }
      _propertyUserStore = new PropertyUserStore();
      _propertyUserStore.setRefreshInterval(_refreshInterval);
      _propertyUserStore.setConfig(_config);
      _propertyUserStore.registerUserListener(this);
      _propertyUserStore.start();
    }
  }
  
  protected void doStop()
    throws Exception
  {
    super.doStop();
    if (_scanner != null) {
      _scanner.stop();
    }
    _scanner = null;
  }
  
  public void update(String userName, Credential credential, String[] roleArray)
  {
    if (LOG.isDebugEnabled()) {
      LOG.debug("update: " + userName + " Roles: " + roleArray.length, new Object[0]);
    }
    putUser(userName, credential, roleArray);
  }
  
  public void remove(String userName)
  {
    if (LOG.isDebugEnabled()) {
      LOG.debug("remove: " + userName, new Object[0]);
    }
    removeUser(userName);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.HashLoginService
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
import java.util.concurrent.ConcurrentMap;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.Loader;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.resource.Resource;
import org.eclipse.jetty.util.security.Credential;

public class JDBCLoginService
  extends MappedLoginService
{
  private static final Logger LOG = Log.getLogger(JDBCLoginService.class);
  private String _config;
  private String _jdbcDriver;
  private String _url;
  private String _userName;
  private String _password;
  private String _userTableKey;
  private String _userTablePasswordField;
  private String _roleTableRoleField;
  private int _cacheTime;
  private long _lastHashPurge;
  private Connection _con;
  private String _userSql;
  private String _roleSql;
  
  public JDBCLoginService()
    throws IOException
  {}
  
  public JDBCLoginService(String name)
    throws IOException
  {
    setName(name);
  }
  
  public JDBCLoginService(String name, String config)
    throws IOException
  {
    setName(name);
    setConfig(config);
  }
  
  public JDBCLoginService(String name, IdentityService identityService, String config)
    throws IOException
  {
    setName(name);
    setIdentityService(identityService);
    setConfig(config);
  }
  
  protected void doStart()
    throws Exception
  {
    Properties properties = new Properties();
    Resource resource = Resource.newResource(_config);
    properties.load(resource.getInputStream());
    
    _jdbcDriver = properties.getProperty("jdbcdriver");
    _url = properties.getProperty("url");
    _userName = properties.getProperty("username");
    _password = properties.getProperty("password");
    String _userTable = properties.getProperty("usertable");
    _userTableKey = properties.getProperty("usertablekey");
    String _userTableUserField = properties.getProperty("usertableuserfield");
    _userTablePasswordField = properties.getProperty("usertablepasswordfield");
    String _roleTable = properties.getProperty("roletable");
    String _roleTableKey = properties.getProperty("roletablekey");
    _roleTableRoleField = properties.getProperty("roletablerolefield");
    String _userRoleTable = properties.getProperty("userroletable");
    String _userRoleTableUserKey = properties.getProperty("userroletableuserkey");
    String _userRoleTableRoleKey = properties.getProperty("userroletablerolekey");
    _cacheTime = new Integer(properties.getProperty("cachetime")).intValue();
    if ((_jdbcDriver == null) || (_jdbcDriver.equals("")) || (_url == null) || (_url.equals("")) || (_userName == null) || (_userName.equals("")) || (_password == null) || (_cacheTime < 0)) {
      LOG.warn("UserRealm " + getName() + " has not been properly configured", new Object[0]);
    }
    _cacheTime *= 1000;
    _lastHashPurge = 0L;
    _userSql = ("select " + _userTableKey + "," + _userTablePasswordField + " from " + _userTable + " where " + _userTableUserField + " = ?");
    _roleSql = ("select r." + _roleTableRoleField + " from " + _roleTable + " r, " + _userRoleTable + " u where u." + _userRoleTableUserKey + " = ?" + " and r." + _roleTableKey + " = u." + _userRoleTableRoleKey);
    
    Loader.loadClass(getClass(), _jdbcDriver).newInstance();
    super.doStart();
  }
  
  public String getConfig()
  {
    return _config;
  }
  
  public void setConfig(String config)
  {
    if (isRunning()) {
      throw new IllegalStateException("Running");
    }
    _config = config;
  }
  
  public void connectDatabase()
  {
    try
    {
      Class.forName(_jdbcDriver);
      _con = DriverManager.getConnection(_url, _userName, _password);
    }
    catch (SQLException e)
    {
      LOG.warn("UserRealm " + getName() + " could not connect to database; will try later", e);
    }
    catch (ClassNotFoundException e)
    {
      LOG.warn("UserRealm " + getName() + " could not connect to database; will try later", e);
    }
  }
  
  public UserIdentity login(String username, Object credentials)
  {
    long now = System.currentTimeMillis();
    if ((now - _lastHashPurge > _cacheTime) || (_cacheTime == 0))
    {
      _users.clear();
      _lastHashPurge = now;
      closeConnection();
    }
    return super.login(username, credentials);
  }
  
  protected void loadUsers() {}
  
  protected UserIdentity loadUser(String username)
  {
    try
    {
      if (null == _con) {
        connectDatabase();
      }
      if (null == _con) {
        throw new SQLException("Can't connect to database");
      }
      PreparedStatement stat = _con.prepareStatement(_userSql);
      stat.setObject(1, username);
      ResultSet rs = stat.executeQuery();
      if (rs.next())
      {
        int key = rs.getInt(_userTableKey);
        String credentials = rs.getString(_userTablePasswordField);
        stat.close();
        
        stat = _con.prepareStatement(_roleSql);
        stat.setInt(1, key);
        rs = stat.executeQuery();
        List<String> roles = new ArrayList();
        while (rs.next()) {
          roles.add(rs.getString(_roleTableRoleField));
        }
        stat.close();
        return putUser(username, Credential.getCredential(credentials), (String[])roles.toArray(new String[roles.size()]));
      }
    }
    catch (SQLException e)
    {
      LOG.warn("UserRealm " + getName() + " could not load user information from database", e);
      closeConnection();
    }
    return null;
  }
  
  private void closeConnection()
  {
    if (_con != null)
    {
      if (LOG.isDebugEnabled()) {
        LOG.debug("Closing db connection for JDBCUserRealm", new Object[0]);
      }
      try
      {
        _con.close();
      }
      catch (Exception e)
      {
        LOG.ignore(e);
      }
    }
    _con = null;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.JDBCLoginService
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.security.GeneralSecurityException;

public class ServerAuthException
  extends GeneralSecurityException
{
  public ServerAuthException() {}
  
  public ServerAuthException(String s)
  {
    super(s);
  }
  
  public ServerAuthException(String s, Throwable throwable)
  {
    super(s, throwable);
  }
  
  public ServerAuthException(Throwable throwable)
  {
    super(throwable);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.ServerAuthException
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public abstract interface CrossContextPsuedoSession<T>
{
  public abstract T fetch(HttpServletRequest paramHttpServletRequest);
  
  public abstract void store(T paramT, HttpServletResponse paramHttpServletResponse);
  
  public abstract void clear(HttpServletRequest paramHttpServletRequest);
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.CrossContextPsuedoSession
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.io.Serializable;
import java.security.Principal;

public abstract interface MappedLoginService$UserPrincipal
  extends Principal, Serializable
{
  public abstract boolean authenticate(Object paramObject);
  
  public abstract boolean isAuthenticated();
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.MappedLoginService.UserPrincipal
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.io.Serializable;
import java.security.Principal;

public class MappedLoginService$RolePrincipal
  implements Principal, Serializable
{
  private static final long serialVersionUID = 2998397924051854402L;
  private final String _roleName;
  
  public MappedLoginService$RolePrincipal(String name)
  {
    _roleName = name;
  }
  
  public String getName()
  {
    return _roleName;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.MappedLoginService.RolePrincipal
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.security.Principal;
import org.eclipse.jetty.util.security.B64Code;

public class SpnegoUserPrincipal
  implements Principal
{
  private final String _name;
  private byte[] _token;
  private String _encodedToken;
  
  public SpnegoUserPrincipal(String name, String encodedToken)
  {
    _name = name;
    _encodedToken = encodedToken;
  }
  
  public SpnegoUserPrincipal(String name, byte[] token)
  {
    _name = name;
    _token = token;
  }
  
  public String getName()
  {
    return _name;
  }
  
  public byte[] getToken()
  {
    if (_token == null) {
      _token = B64Code.decode(_encodedToken);
    }
    return _token;
  }
  
  public String getEncodedToken()
  {
    if (_encodedToken == null) {
      _encodedToken = new String(B64Code.encode(_token, true));
    }
    return _encodedToken;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.SpnegoUserPrincipal
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import org.eclipse.jetty.util.security.Constraint;

public class ConstraintMapping
{
  String _method;
  String[] _methodOmissions;
  String _pathSpec;
  Constraint _constraint;
  
  public Constraint getConstraint()
  {
    return _constraint;
  }
  
  public void setConstraint(Constraint constraint)
  {
    _constraint = constraint;
  }
  
  public String getMethod()
  {
    return _method;
  }
  
  public void setMethod(String method)
  {
    _method = method;
  }
  
  public String getPathSpec()
  {
    return _pathSpec;
  }
  
  public void setPathSpec(String pathSpec)
  {
    _pathSpec = pathSpec;
  }
  
  public void setMethodOmissions(String[] omissions)
  {
    _methodOmissions = omissions;
  }
  
  public String[] getMethodOmissions()
  {
    return _methodOmissions;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.ConstraintMapping
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

class SecurityHandler$3 {}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.SecurityHandler.3
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.util.Set;
import java.util.concurrent.CopyOnWriteArraySet;

public class RoleInfo
{
  private boolean _isAnyRole;
  private boolean _checked;
  private boolean _forbidden;
  private UserDataConstraint _userDataConstraint;
  private final Set<String> _roles = new CopyOnWriteArraySet();
  
  public boolean isChecked()
  {
    return _checked;
  }
  
  public void setChecked(boolean checked)
  {
    _checked = checked;
    if (!checked)
    {
      _forbidden = false;
      _roles.clear();
      _isAnyRole = false;
    }
  }
  
  public boolean isForbidden()
  {
    return _forbidden;
  }
  
  public void setForbidden(boolean forbidden)
  {
    _forbidden = forbidden;
    if (forbidden)
    {
      _checked = true;
      _userDataConstraint = null;
      _isAnyRole = false;
      _roles.clear();
    }
  }
  
  public boolean isAnyRole()
  {
    return _isAnyRole;
  }
  
  public void setAnyRole(boolean anyRole)
  {
    _isAnyRole = anyRole;
    if (anyRole)
    {
      _checked = true;
      _roles.clear();
    }
  }
  
  public UserDataConstraint getUserDataConstraint()
  {
    return _userDataConstraint;
  }
  
  public void setUserDataConstraint(UserDataConstraint userDataConstraint)
  {
    if (userDataConstraint == null) {
      throw new NullPointerException("Null UserDataConstraint");
    }
    if (_userDataConstraint == null) {
      _userDataConstraint = userDataConstraint;
    } else {
      _userDataConstraint = _userDataConstraint.combine(userDataConstraint);
    }
  }
  
  public Set<String> getRoles()
  {
    return _roles;
  }
  
  public void addRole(String role)
  {
    _roles.add(role);
  }
  
  public void combine(RoleInfo other)
  {
    if (_forbidden) {
      setForbidden(true);
    } else if (!_checked) {
      setChecked(true);
    } else if (_isAnyRole) {
      setAnyRole(true);
    } else if (!_isAnyRole) {
      for (String r : _roles) {
        _roles.add(r);
      }
    }
    setUserDataConstraint(_userDataConstraint);
  }
  
  public String toString()
  {
    return "{RoleInfo" + (_forbidden ? ",F" : "") + (_checked ? ",C" : "") + (_isAnyRole ? ",*" : _roles) + "}";
  }
}

/* Location:
 * Qualified Name:     org.eclipse.jetty.security.RoleInfo
 * Java Class Version: 6 (50.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.jetty.security;

import java.io.IOException;
import java.security.Principal;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.security.authentication.DeferredAuthentication;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Authentication.Deferred;
import org.eclipse.jetty.server.Authentication.ResponseSent;
import org.eclipse.jetty.server.Authentication.User;
import org.eclipse.jetty.server.Authentication.Wrapped;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ContextHandler.Context;
import org.eclipse.jetty.server.handler.HandlerWrapper;
import org.eclipse.jetty.util.component.LifeCycle;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;

public abstract class SecurityHandler
  extends HandlerWrapper
  implements Authenticator.AuthConfiguration
{
  private static final Logger LOG = Log.getLogger(SecurityHandler.class);
  private boolean _checkWelcomeFiles = false;
  private Authenticator _authenticator;
  private Authenticator.Factory _authenticatorFactory = new DefaultAuthenticatorFactory();
  private String _realmName;
  private String _authMethod;
  private final Map<String, String> _initParameters = new HashMap();
  private LoginService _loginService;
  private boolean _loginServiceShared;
  private IdentityService _identityService;
  private boolean _renewSession = true;
  
  public IdentityService getIdentityService()
  {
    return _identityService;
  }
  
  public void setIdentityService(IdentityService identityService)
  {
    if (isStarted()) {
      throw new IllegalStateException("Started");
    }
    _identityService = identityService;
  }
  
  public LoginService getLoginService()
  {
    return _loginService;
  }
  
  public void setLoginService(LoginService loginService)
  {
    if (isStarted()) {
      throw new IllegalStateException("Started");
    }
    _loginService = loginService;
    _loginServiceShared = false;
  }
  
  public Authenticator getAuthenticator()
  {
    return _authenticator;
  }
  
  public void setAuthenticator(Authenticator authenticator)
  {
    if (isStarted()) {
      throw new IllegalStateException("Started");
    }
    _authenticator = authenticator;
  }
  
  public Authenticator.Factory getAuthenticatorFactory()
  {
    return _authenticatorFactory;
  }
  
  public void setAuthenticatorFactory(Authenticator.Factory authenticatorFactory)
  {
    if (isRunning()) {
      throw new IllegalStateException("running");
    }
    _authenticatorFactory = authenticatorFactory;
  }
  
  public String getRealmName()
  {
    return _realmName;
  }
  
  public void setRealmName(String realmName)
  {
    if (isRunning()) {
      throw new IllegalStateException("running");
    }
    _realmName = realmName;
  }
  
  public String getAuthMethod()
  {
    return _authMethod;
  }
  
  public void setAuthMethod(String authMethod)
  {
    if (isRunning()) {
      throw new IllegalStateException("running");
    }
    _authMethod = authMethod;
  }
  
  public boolean isCheckWelcomeFiles()
  {
    return _checkWelcomeFiles;
  }
  
  public void setCheckWelcomeFiles(boolean authenticateWelcomeFiles)
  {
    if (isRunning()) {
      throw new IllegalStateException("running");
    }
    _checkWelcomeFiles = authenticateWelcomeFiles;
  }
  
  public String getInitParameter(String key)
  {
    return (String)_initParameters.get(key);
  }
  
  public Set<String> getInitParameterNames()
  {
    return _initParameters.keySet();
  }
  
  public String setInitParameter(String key, String value)
  {
    if (isRunning()) {
      throw new IllegalStateException("running");
    }
    return (String)_initParameters.put(key, value);
  }
  
  protected LoginService findLoginService()
  {
    List<LoginService> list = getServer().getBeans(LoginService.class);
    
    String realm = getRealmName();
    if (realm != null) {
      for (LoginService service : list) {
        if ((service.getName() != null) && (service.getName().equals(realm))) {
          return service;
        }
      }
    } else if (list.size() == 1) {
      return (LoginService)list.get(0);
    }
    return null;
  }
  
  protected IdentityService findIdentityService()
  {
    return (IdentityService)getServer().getBean(IdentityService.class);
  }
  
  protected void doStart()
    throws Exception
  {
    ContextHandler.Context context = ContextHandler.getCurrentContext();
    if (context != null)
    {
      Enumeration<String> names = context.getInitParameterNames();
      while ((names != null) && (names.hasMoreElements()))
      {
        String name = (String)names.nextElement();
        if ((name.startsWith("org.eclipse.jetty.security.")) && (getInitParameter(name) == null)) {
          setInitParameter(name, context.getInitParameter(name));
        }
      }
    }
    if (_loginService == null)
    {
      _loginService = findLoginService();
      if (_loginService != null) {
        _loginServiceShared = true;
      }
    }
    if (_identityService == null)
    {
      if (_loginService != null) {
        _identityService = _loginService.getIdentityService();
      }
      if (_identityService == null) {
        _identityService = findIdentityService();
      }
      if ((_identityService == null) && (_realmName != null)) {
        _identityService = new DefaultIdentityService();
      }
    }
    if (_loginService != null) {
      if (_loginService.getIdentityService() == null) {
        _loginService.setIdentityService(_identityService);
      } else if (_loginService.getIdentityService() != _identityService) {
        throw new IllegalStateException("LoginService has different IdentityService to " + this);
      }
    }
    if ((!_loginServiceShared) && ((_loginService instanceof LifeCycle))) {
      ((LifeCycle)_loginService).start();
    }
    if ((_authenticator == null) && (_authenticatorFactory != null) && (_identityService != null))
    {
      _authenticator = _authenticatorFactory.getAuthenticator(getServer(), ContextHandler.getCurrentContext(), this, _identityService, _loginService);
      if (_authenticator != null) {
        _authMethod = _authenticator.getAuthMethod();
      }
    }
    if (_authenticator == null)
    {
      if (_realmName != null)
      {
        LOG.warn("No ServerAuthentication for " + this, new Object[0]);
        throw new IllegalStateException("No ServerAuthentication");
      }
    }
    else
    {
      _authenticator.setConfiguration(this);
      if ((_authenticator instanceof LifeCycle)) {
        ((LifeCycle)_authenticator).start();
      }
    }
    super.doStart();
  }
  
  protected void doStop()
    throws Exception
  {
    super.doStop();
    if ((!_loginServiceShared) && ((_loginService instanceof LifeCycle))) {
      ((LifeCycle)_loginService).stop();
    }
  }
  
  protected boolean checkSecurity(Request request)
  {
    switch (request.getDispatcherType())
    {
    case REQUEST: 
    case ASYNC: 
      return true;
    case FORWARD: 
      if ((_checkWelcomeFiles) && (request.getAttribute("org.eclipse.jetty.server.welcome") != null))
      {
        request.removeAttribute("org.eclipse.jetty.server.welcome");
        return true;
      }
      return false;
    }
    return false;
  }
  
  public boolean isSessionRenewedOnAuthentication()
  {
    return _renewSession;
  }
  
  public void setSessionRenewedOnAuthentication(boolean renew)
  {
    _renewSession = renew;
  }
  
  public void handle(String pathInContext, Request baseRequest, HttpServletRequest request, HttpServletResponse response)
    throws IOException, ServletException
  {
    Response base_response = baseRequest.getResponse();
    Handler handler = getHandler();
    if (handler == null) {
      return;
    }
    Authenticator authenticator = _authenticator;
    if (checkSecurity(baseRequest))
    {
      Object constraintInfo = prepareConstraintInfo(pathInContext, baseRequest);
      if (!checkUserDataPermissions(pathInContext, baseRequest, base_response, constraintInfo))
      {
        if (!baseRequest.isHandled())
        {
          response.sendError(403);
          baseRequest.setHandled(true);
        }
        return;
      }
      boolean isAuthMandatory = isAuthMandatory(baseRequest, base_response, constraintInfo);
      if ((isAuthMandatory) && (authenticator == null))
      {
        LOG.warn("No authenticator for: " + constraintInfo, new Object[0]);
        if (!baseRequest.isHandled())
        {
          response.sendError(403);
          baseRequest.setHandled(true);
        }
        return;
      }
      Object previousIdentity = null;
      try
      {
        Authentication authentication = baseRequest.getAuthentication();
        if ((authentication == null) || (authentication == Authentication.NOT_CHECKED)) {
          authentication = authenticator == null ? Authentication.UNAUTHENTICATED : authenticator.validateRequest(request, response, isAuthMandatory);
        }
        if ((authentication instanceof Authentication.Wrapped))
        {
          request = ((Authentication.Wrapped)authentication).getHttpServletRequest();
          response = ((Authentication.Wrapped)authentication).getHttpServletResponse();
        }
        if ((authentication instanceof Authentication.ResponseSent))
        {
          baseRequest.setHandled(true);
        }
        else if ((authentication instanceof Authentication.User))
        {
          Authentication.User userAuth = (Authentication.User)authentication;
          baseRequest.setAuthentication(authentication);
          if (_identityService != null) {
            previousIdentity = _identityService.associate(userAuth.getUserIdentity());
          }
          if (isAuthMandatory)
          {
            boolean authorized = checkWebResourcePermissions(pathInContext, baseRequest, base_response, constraintInfo, userAuth.getUserIdentity());
            if (!authorized)
            {
              response.sendError(403, "!role");
              baseRequest.setHandled(true); return;
            }
          }
          handler.handle(pathInContext, baseRequest, request, response);
          if (authenticator != null) {
            authenticator.secureResponse(request, response, isAuthMandatory, userAuth);
          }
        }
        else if ((authentication instanceof Authentication.Deferred))
        {
          DeferredAuthentication deferred = (DeferredAuthentication)authentication;
          deferred.setIdentityService(_identityService);
          deferred.setLoginService(_loginService);
          baseRequest.setAuthentication(authentication);
          try
          {
            handler.handle(pathInContext, baseRequest, request, response);
          }
          finally
          {
            previousIdentity = deferred.getPreviousAssociation();
            deferred.setIdentityService(null);
          }
          Authentication auth = baseRequest.getAuthentication();
          if ((auth instanceof Authentication.User))
          {
            Authentication.User userAuth = (Authentication.User)auth;
            authenticator.secureResponse(request, response, isAuthMandatory, userAuth);
          }
          else
          {
            authenticator.secureResponse(request, response, is
1 2 3 4

Further reading...

For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.

New!JAR listings


Copyright 2006-2017. Infinite Loop Ltd