Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.wicket.markup.html
Class SecurePackageResourceGuard

java.lang.Object
  extended by org.apache.wicket.markup.html.PackageResourceGuard
      extended by org.apache.wicket.markup.html.SecurePackageResourceGuard
All Implemented Interfaces:
IPackageResourceGuard
public class SecurePackageResourceGuard
extends PackageResourceGuard

This is a resource guard which by default denies access to all resources and thus is more secure.

All pattern are executed in the order they were provided. All pattern are executed to determine if access can be granted or not.

Note that access to the config data such as get/setPattern() and acceptXXX() is not synchronized. It is assumed that configuration has finished before the first request gets executed.

The rules are fairly simple. Each pattern must start with either "+" (include) or "-" (exclude). "*" is a placeholder for zero, one or more characters within a file or directory name. "**" is a placeholder for zero, one or more sub-directories.

Examples:

+*.gif All gif files in all directories
+test*.* All files in all directories starting with "test"
+mydir/*/*.gif All gif files two levels below the mydir directory. E.g. mydir/dir2/test.gif
+mydir/**/*.gif All gif files in all directories below mydir. E.g. mydir/test.gif or mydir/dir2/dir3/test.gif

Author:
Juergen Donnerstag
See Also:
IPackageResourceGuard, IResourceSettings.getPackageResourceGuard(), PackageResourceGuard

Nested Class Summary
static class SecurePackageResourceGuard.SearchPattern
           
static class SecurePackageResourceGuard.SimpleCache
          A very simple cache
 
Constructor Summary
SecurePackageResourceGuard()
          Constructor.
SecurePackageResourceGuard(ConcurrentMap<String,Boolean> cache)
          Constructor.
 
Method Summary
protected  boolean acceptAbsolutePath(String path)
          Whether the provided absolute path is accepted.
 void addPattern(String pattern)
           
 void clearCache()
           
 List<SecurePackageResourceGuard.SearchPattern> getPattern()
          Gets the current list of pattern.
 ConcurrentHashMap<String,Boolean> newCache()
          Deprecated. Pass the cache as a parameter to the constructor
 void setPattern(List<SecurePackageResourceGuard.SearchPattern> pattern)
          Sets pattern.
 
Methods inherited from class org.apache.wicket.markup.html.PackageResourceGuard
accept, acceptExtension, acceptFile, getBlockedExtensions, getBlockedFiles, isAllowAccessToRootResources, setAllowAccessToRootResources, setBlockedExtensions, setBlockedFiles
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SecurePackageResourceGuard

public SecurePackageResourceGuard()
Constructor.

SecurePackageResourceGuard

public SecurePackageResourceGuard(ConcurrentMap<String,Boolean> cache)
Constructor.

Parameters:
cache - the internal cache that will hold the results for all already checked resources. Use null to disable caching.
Method Detail

newCache

@Deprecated
public ConcurrentHashMap<String,Boolean> newCache()
Deprecated. Pass the cache as a parameter to the constructor

Get a new cache implementation. Subclasses may return null to disable caching. More advanced caches (e.h. ehcache) should be used in production environments to limit the size and remove "old" entries.

Returns:
the cache implementation

clearCache

public void clearCache()

acceptAbsolutePath

protected boolean acceptAbsolutePath(String path)
Whether the provided absolute path is accepted.

Overrides:
acceptAbsolutePath in class PackageResourceGuard
Parameters:
path - The absolute path, starting from the class root (packages are separated with forward slashes instead of dots).
Returns:
True if accepted, false otherwise.

getPattern

public List<SecurePackageResourceGuard.SearchPattern> getPattern()
Gets the current list of pattern. Please invoke clearCache() or setPattern(List) when finished in order to clear the cache of previous checks.

Returns:
pattern

setPattern

public void setPattern(List<SecurePackageResourceGuard.SearchPattern> pattern)
Sets pattern.

Parameters:
pattern - pattern

addPattern

public void addPattern(String pattern)
Parameters:
pattern -
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2006-2013 Apache Software Foundation. All Rights Reserved.