Class SecurityConstraint
- java.lang.Object
-
- org.glassfish.embeddable.web.config.SecurityConstraint
-
public class SecurityConstraint extends Object
Class used for configuring security constraints including Web Resource Collections (URL patterns, HTTP methods), Authorization Constraint (role names) and User Data Constraints (whether the web request needs to be received over a protected transport such as TLS). Usage example:SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setWebResourceCollection(webResources); securityConstraint.setAuthConstraint("ADMINISTRATORS"); securityConstraint.setUserDataConstraint(TransportGuarantee.CONFIDENTIAL);
- Author:
- Rajiv Mordani, Amy Roh
- See Also:
WebResourceCollection
-
-
Constructor Summary
Constructors Constructor Description SecurityConstraint()
Create an instance of SecurityConstraint
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description String[]
getAuthConstraint()
Gets the roles authorized to access the URL patterns and HTTP methodsTransportGuarantee
getDataConstraint()
Gets the transport guarantee requirements for this SecurityConstraintSet<WebResourceCollection>
getWebResourceCollection()
Gets the web resource collection for this security constraintvoid
setAuthConstraint(String... roleNames)
Sets the roles authorized to access the URL patterns and HTTP methodsvoid
setUserDataConstraint(TransportGuarantee tg)
Sets the requirement that the constrained requests be received over a protected transport layer connection.void
setWebResourceCollection(Set<WebResourceCollection> webResourceCollection)
Sets the web resource collection associated with this security constrintString
toString()
Returns a formatted string of the state.
-
-
-
Method Detail
-
setWebResourceCollection
public void setWebResourceCollection(Set<WebResourceCollection> webResourceCollection)
Sets the web resource collection associated with this security constrint- Parameters:
webResourceCollection
- the web resource collection for this constraint definition- See Also:
WebResourceCollection
-
getWebResourceCollection
public Set<WebResourceCollection> getWebResourceCollection()
Gets the web resource collection for this security constraint- Returns:
- the web resource collection for this security constraint
- See Also:
WebResourceCollection
-
setAuthConstraint
public void setAuthConstraint(String... roleNames)
Sets the roles authorized to access the URL patterns and HTTP methods- Parameters:
roleNames
- the roles authorized to access the url patterns and HTTP methods.
-
setUserDataConstraint
public void setUserDataConstraint(TransportGuarantee tg)
Sets the requirement that the constrained requests be received over a protected transport layer connection. This guarantees how the data will be transported between client and server. The choices for type of transport guarantee include NONE, INTEGRAL, and CONFIDENTIAL. If no user data constraint applies to a request, the container must accept the request when received over any connection, including an unprotected one.- Parameters:
tg
- the transport guarntee- See Also:
TransportGuarantee
-
getAuthConstraint
public String[] getAuthConstraint()
Gets the roles authorized to access the URL patterns and HTTP methods- Returns:
- an array of roles as a String authorized to access the URL patterns and HTTP methods.
-
getDataConstraint
public TransportGuarantee getDataConstraint()
Gets the transport guarantee requirements for this SecurityConstraint- Returns:
- the transport guarantee requirement for this SecurityConstraint
- See Also:
TransportGuarantee
-
-