001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: package org.apache.catalina.deploy;
019:
020: import org.apache.catalina.util.RequestUtil;
021:
022: import org.apache.juli.logging.Log;
023: import org.apache.juli.logging.LogFactory;
024:
025: import java.io.Serializable;
026:
027: /**
028: * Representation of a web resource collection for a web application's security
029: * constraint, as represented in a <code><web-resource-collection></code>
030: * element in the deployment descriptor.
031: * <p>
032: * <b>WARNING</b>: It is assumed that instances of this class will be created
033: * and modified only within the context of a single thread, before the instance
034: * is made visible to the remainder of the application. After that, only read
035: * access is expected. Therefore, none of the read and write access within
036: * this class is synchronized.
037: *
038: * @author Craig R. McClanahan
039: * @version $Revision: 467222 $ $Date: 2006-10-24 05:17:11 +0200 (mar., 24 oct. 2006) $
040: */
041:
042: public class SecurityCollection implements Serializable {
043:
044: private static Log log = LogFactory
045: .getLog(SecurityCollection.class);
046:
047: // ----------------------------------------------------------- Constructors
048:
049: /**
050: * Construct a new security collection instance with default values.
051: */
052: public SecurityCollection() {
053:
054: this (null, null);
055:
056: }
057:
058: /**
059: * Construct a new security collection instance with specified values.
060: *
061: * @param name Name of this security collection
062: */
063: public SecurityCollection(String name) {
064:
065: this (name, null);
066:
067: }
068:
069: /**
070: * Construct a new security collection instance with specified values.
071: *
072: * @param name Name of this security collection
073: * @param description Description of this security collection
074: */
075: public SecurityCollection(String name, String description) {
076:
077: super ();
078: setName(name);
079: setDescription(description);
080:
081: }
082:
083: // ----------------------------------------------------- Instance Variables
084:
085: /**
086: * Description of this web resource collection.
087: */
088: private String description = null;
089:
090: /**
091: * The HTTP methods covered by this web resource collection.
092: */
093: private String methods[] = new String[0];
094:
095: /**
096: * The name of this web resource collection.
097: */
098: private String name = null;
099:
100: /**
101: * The URL patterns protected by this security collection.
102: */
103: private String patterns[] = new String[0];
104:
105: // ------------------------------------------------------------- Properties
106:
107: /**
108: * Return the description of this web resource collection.
109: */
110: public String getDescription() {
111:
112: return (this .description);
113:
114: }
115:
116: /**
117: * Set the description of this web resource collection.
118: *
119: * @param description The new description
120: */
121: public void setDescription(String description) {
122:
123: this .description = description;
124:
125: }
126:
127: /**
128: * Return the name of this web resource collection.
129: */
130: public String getName() {
131:
132: return (this .name);
133:
134: }
135:
136: /**
137: * Set the name of this web resource collection
138: *
139: * @param name The new name
140: */
141: public void setName(String name) {
142:
143: this .name = name;
144:
145: }
146:
147: // --------------------------------------------------------- Public Methods
148:
149: /**
150: * Add an HTTP request method to be part of this web resource collection.
151: */
152: public void addMethod(String method) {
153:
154: if (method == null)
155: return;
156: String results[] = new String[methods.length + 1];
157: for (int i = 0; i < methods.length; i++)
158: results[i] = methods[i];
159: results[methods.length] = method;
160: methods = results;
161:
162: }
163:
164: /**
165: * Add a URL pattern to be part of this web resource collection.
166: */
167: public void addPattern(String pattern) {
168:
169: if (pattern == null)
170: return;
171:
172: // Bugzilla 34805: add friendly warning.
173: if (pattern.endsWith("*")) {
174: if (pattern.charAt(pattern.length() - 1) != '/') {
175: if (log.isDebugEnabled()) {
176: log
177: .warn("Suspicious url pattern: \""
178: + pattern
179: + "\""
180: + " - see http://java.sun.com/aboutJava/communityprocess/first/jsr053/servlet23_PFD.pdf"
181: + " section 11.2");
182: }
183: }
184: }
185:
186: pattern = RequestUtil.URLDecode(pattern);
187: String results[] = new String[patterns.length + 1];
188: for (int i = 0; i < patterns.length; i++) {
189: results[i] = patterns[i];
190: }
191: results[patterns.length] = pattern;
192: patterns = results;
193:
194: }
195:
196: /**
197: * Return <code>true</code> if the specified HTTP request method is
198: * part of this web resource collection.
199: *
200: * @param method Request method to check
201: */
202: public boolean findMethod(String method) {
203:
204: if (methods.length == 0)
205: return (true);
206: for (int i = 0; i < methods.length; i++) {
207: if (methods[i].equals(method))
208: return (true);
209: }
210: return (false);
211:
212: }
213:
214: /**
215: * Return the set of HTTP request methods that are part of this web
216: * resource collection, or a zero-length array if all request methods
217: * are included.
218: */
219: public String[] findMethods() {
220:
221: return (methods);
222:
223: }
224:
225: /**
226: * Is the specified pattern part of this web resource collection?
227: *
228: * @param pattern Pattern to be compared
229: */
230: public boolean findPattern(String pattern) {
231:
232: for (int i = 0; i < patterns.length; i++) {
233: if (patterns[i].equals(pattern))
234: return (true);
235: }
236: return (false);
237:
238: }
239:
240: /**
241: * Return the set of URL patterns that are part of this web resource
242: * collection. If none have been specified, a zero-length array is
243: * returned.
244: */
245: public String[] findPatterns() {
246:
247: return (patterns);
248:
249: }
250:
251: /**
252: * Remove the specified HTTP request method from those that are part
253: * of this web resource collection.
254: *
255: * @param method Request method to be removed
256: */
257: public void removeMethod(String method) {
258:
259: if (method == null)
260: return;
261: int n = -1;
262: for (int i = 0; i < methods.length; i++) {
263: if (methods[i].equals(method)) {
264: n = i;
265: break;
266: }
267: }
268: if (n >= 0) {
269: int j = 0;
270: String results[] = new String[methods.length - 1];
271: for (int i = 0; i < methods.length; i++) {
272: if (i != n)
273: results[j++] = methods[i];
274: }
275: methods = results;
276: }
277:
278: }
279:
280: /**
281: * Remove the specified URL pattern from those that are part of this
282: * web resource collection.
283: *
284: * @param pattern Pattern to be removed
285: */
286: public void removePattern(String pattern) {
287:
288: if (pattern == null)
289: return;
290: int n = -1;
291: for (int i = 0; i < patterns.length; i++) {
292: if (patterns[i].equals(pattern)) {
293: n = i;
294: break;
295: }
296: }
297: if (n >= 0) {
298: int j = 0;
299: String results[] = new String[patterns.length - 1];
300: for (int i = 0; i < patterns.length; i++) {
301: if (i != n)
302: results[j++] = patterns[i];
303: }
304: patterns = results;
305: }
306:
307: }
308:
309: /**
310: * Return a String representation of this security collection.
311: */
312: public String toString() {
313:
314: StringBuffer sb = new StringBuffer("SecurityCollection[");
315: sb.append(name);
316: if (description != null) {
317: sb.append(", ");
318: sb.append(description);
319: }
320: sb.append("]");
321: return (sb.toString());
322:
323: }
324:
325: }
|