public final class WebUserDataPermission extends Permission
The name of a WebUserDataPermission (also referred to as the target name) identifies a Web resource by its context path relative URL pattern.
Permission
,
Serialized FormConstructor and Description |
---|
WebUserDataPermission(HttpServletRequest request)
Creates a new WebUserDataPermission from the HttpServletRequest
object.
|
WebUserDataPermission(String name,
String actions)
Creates a new WebUserDataPermission with the specified name and actions.
|
WebUserDataPermission(String urlPatternSpec,
String[] HTTPMethods,
String transportType)
Creates a new WebUserDataPermission with name corresponding to the
URLPatternSpec, and actions composed from the array of HTTP methods
and the transport type.
|
Modifier and Type | Method and Description |
---|---|
boolean |
equals(Object o)
Checks two WebUserDataPermission objects for equality.
|
String |
getActions()
Returns a canonical String representation of the actions of this
WebUserDataPermission.
|
int |
hashCode()
Returns the hash code value for this WebUserDataPermission.
|
boolean |
implies(Permission permission)
Determines if the argument Permission is "implied by" this
WebUserDataPermission.
|
checkGuard, getName, newPermissionCollection, toString
public WebUserDataPermission(String name, String actions)
The name contains a URLPatternSpec that identifies the web resources to which the permissions applies. The syntax of a URLPatternSpec is as follows:
URLPatternList ::= URLPattern | URLPatternList colon URLPattern URLPatternSpec ::= null | URLPattern | URLPattern colon URLPatternList
A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor. The empty string is an exact URLPattern, and may occur anywhere in a URLPatternSpec that an exact URLPattern may occur. The first URLPattern in a URLPatternSpec may be any of the pattern types, exact, path-prefix, extension, or default as defined in the Java Servlet Specification). When a URLPatternSpec includes a URLPatternList, the patterns of the URLPatternList identify the resources to which the permission does NOT apply and depend on the pattern type and value of the first pattern as follows:
The actions parameter contains a comma separated list of HTTP methods that may be followed by a transportType separated from the HTTP method by a colon.
ExtensionMethod ::= any token as defined by RFC 2616 (that is, 1*[any CHAR except CTLs or separators]) HTTPMethod ::= "Get" | "POST" | "PUT" | "DELETE" | "HEAD" | "OPTIONS" | "TRACE" | ExtensionMethod HTTPMethodList ::= HTTPMethod | HTTPMethodList comma HTTPMethod HTTPMethodExceptionList ::= exclaimationPoint HTTPMethodList HTTPMethodSpec ::= emptyString | HTTPMethodExceptionList | HTTPMethodList transportType ::= "INTEGRAL" | "CONFIDENTIAL" | "NONE" actions ::= null | HTTPMethodSpec | HTTPMethodSpec colon transportType
If duplicates occur in the HTTPMethodSpec they must be eliminated by the permission constructor.
An empty string HTTPMethodSpec is a shorthand for a List containing all the possible HTTP methods.
If the HTTPMethodSpec contains an HTTPMethodExceptionList (i.e., it begins with an exclaimationPoint), the permission pertains to all methods except those occuring in the exception list.
An actions string without a transportType is a shorthand for a actions string with the value "NONE" as its TransportType.
A granted permission representing a transportType of "NONE", indicates that the associated resources may be accessed using any conection type.
name
- the URLPatternSpec that identifies the application
specific web resources to which the permission pertains.
All URLPatterns in the URLPatternSpec are relative to the context path
of the deployed web application module, and the same URLPattern must not
occur more than once in a URLPatternSpec. A null URLPatternSpec is
translated to the default URLPattern, "/", by the permission constructor.
All colons occuring within the URLPattern elements of the URLPatternSpec
must be represented in escaped encoding as defined in RFC 2396.
actions
- identifies the HTTP methods and transport type to which
the permission pertains. If the value passed through this
parameter is null or the empty string, then the permission
is constructed with actions corresponding to all the possible
HTTP methods and transportType "NONE".public WebUserDataPermission(String urlPatternSpec, String[] HTTPMethods, String transportType)
urlPatternSpec
- the URLPatternSpec that identifies the
application specific web resources to which the permission pertains.
All URLPatterns in the URLPatternSpec are relative to the context path
of the deployed web application module, and the same URLPattern must not
occur more than once in a URLPatternSpec. A null URLPatternSpec is
translated to the default URLPattern, "/", by the permission constructor.
All colons occuring within the URLPattern elements of the URLPatternSpec
must be represented in escaped encoding as defined in RFC 2396.
HTTPMethods
- an array of strings each element of which contains
the value of an HTTP method. If the value passed through this
parameter is null or is an array with no elements, then the permission
is constructed with actions corresponding to all the possible HTTP methods.
transportType
- a String whose value is a transportType.
If the value passed through this parameter is null, then the permission
is constructed with actions corresponding to transportType "NONE".public WebUserDataPermission(HttpServletRequest request)
request
- the HttpServletRequest object corresponding
to the Servlet operation to which the permission pertains.
The permission name is the substring of the requestURI
(HttpServletRequest.getRequestURI()) that begins after the contextPath
(HttpServletRequest.getContextPath()). When the substring operation
yields the string "/", the permission is constructed with the empty
string as its name. The constructor must transform all colon
characters occuring in the name to escaped encoding as defined in
RFC 2396. The HTTP method component of the permission's
actions is as obtained from HttpServletRequest.getMethod().
The TransportType component of the permission's
actions is determined by calling HttpServletRequest.isSecure().public boolean equals(Object o)
Two Permission objects, P1 and P2, are equivalent if and only if P1.implies(P2) && P2.implies(P1).
equals
in class Permission
o
- the WebUserDataPermission object being tested for equality
with this WebUserDataPermission.
public String getActions()
ExtensionMethod ::= any token as defined by RFC 2616 (that is, 1*[any CHAR except CTLs or separators]) HTTPMethod ::= "GET" | "POST" | "PUT" | "DELETE" | "HEAD" | "OPTIONS" | "TRACE" | ExtensionMethod HTTPMethodList ::= HTTPMethod | HTTPMethodList comma HTTPMethod HTTPMethodExceptionList ::= exclaimationPoint HTTPMethodList HTTPMethodSpec ::= emptyString | HTTPMethodExceptionList | HTTPMethodList transportType ::= "INTEGRAL" | "CONFIDENTIAL" | "NONE" actions ::= null | HTTPMethodList | HTTPMethodSpec colon transportType
If the permission's HTTP methods correspond to the entire HTTP method set and the permission's transport type is "INTEGRAL" or "CONFIDENTIAL", the HTTP methods shall be represented in the canonical form by an emptyString HTTPMethodSpec. If the permission's HTTP methods correspond to the entire HTTP method set, and the permission's transport type is not "INTEGRAL"or "CONFIDENTIAL", the canonical actions value shall be the null value.
If the permission's methods do not correspond to the entire HTTP method set, duplicates must be eliminated and the remaining elements must be ordered such that the predefined methods preceed the extension methods, and such that within each method classification the corresponding methods occur in ascending lexical order. The resulting (non-emptyString) HTTPMethodSpec must be included in the canonical form, and if the permission's transport type is not "INTEGRAL" or "CONFIDENTIAL", the canonical actions value must be exactly the resulting HTTPMethodSpec.
getActions
in class Permission
public int hashCode()
hashCode
in class Permission
public boolean implies(Permission permission)
URLPattern matching is performed using the Servlet matching rules where two URL patterns match if they are related as follows:
All of the comparisons described above are case sensitive.
implies
in class Permission
permission
- "this" WebUserDataPermission is checked to see if
it implies the argument permission.
Copyright © 1996-2017, Oracle and/or its affiliates. All Rights Reserved. Use is subject to license terms.