public class HttpConstraintElement extends Object
HttpConstraint
annotation value.Constructor and Description |
---|
HttpConstraintElement()
Constructs a default HTTP constraint element
|
HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic)
Convenience constructor to establish EmptyRoleSemantic.DENY
|
HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic,
ServletSecurity.TransportGuarantee guarantee,
String... roleNames)
Constructor to establish all of getEmptyRoleSemantic,
getRolesAllowed, and getTransportGuarantee.
|
HttpConstraintElement(ServletSecurity.TransportGuarantee guarantee,
String... roleNames)
Constructor to establish non-empty getRolesAllowed and/or
TransportGuarantee.CONFIDENTIAL.
|
Modifier and Type | Method and Description |
---|---|
ServletSecurity.EmptyRoleSemantic |
getEmptyRoleSemantic()
Gets the default authorization semantic.
|
String[] |
getRolesAllowed()
Gets the names of the authorized roles.
|
ServletSecurity.TransportGuarantee |
getTransportGuarantee()
Gets the data protection requirement (i.e., whether or not SSL/TLS is
required) that must be satisfied by the transport connection.
|
public HttpConstraintElement()
public HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic)
semantic
- should be EmptyRoleSemantic.DENYpublic HttpConstraintElement(ServletSecurity.TransportGuarantee guarantee, String... roleNames)
guarantee
- TransportGuarantee.NONE or
TransportGuarantee.CONFIDENTIALroleNames
- the names of the roles that are to be
allowed accesspublic HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic, ServletSecurity.TransportGuarantee guarantee, String... roleNames)
semantic
- EmptyRoleSemantic.DENY or
EmptyRoleSemantic.PERMITguarantee
- TransportGuarantee.NONE or
TransportGuarantee.CONFIDENTIALroleNames
- the names of the roles that are to be allowed
access, or missing if the semantic is EmptyRoleSemantic.DENYpublic ServletSecurity.EmptyRoleSemantic getEmptyRoleSemantic()
This value is insignificant when getRolesAllowed
returns a non-empty array, and should not be specified when a
non-empty array is specified for getRolesAllowed.
ServletSecurity.EmptyRoleSemantic
to be applied when
getRolesAllowed
returns an empty (that is, zero-length)
arraypublic ServletSecurity.TransportGuarantee getTransportGuarantee()
ServletSecurity.TransportGuarantee
indicating the data
protection that must be provided by the connectionpublic String[] getRolesAllowed()
Duplicate role names appearing in getRolesAllowed are insignificant and may be discarded. The String "*" has no special meaning as a role name (should it occur in getRolesAllowed).
getEmptyRoleSemantic()
. If its value is DENY,
and getRolesAllowed
returns an empty array,
access is to be denied independent of authentication state and
identity. Conversely, if its value is PERMIT
, it
indicates that access is to be allowed independent of authentication
state and identity. When the array contains the names of one or
more roles, it indicates that access is contingent on membership in at
least one of the named roles (independent of the value of
getEmptyRoleSemantic()
).Copyright © 1999-2017, Oracle and/or its affiliates. All Rights Reserved. Use is subject to license terms. Portions Copyright © 1999-2002 The Apache Software Foundation.