|
Java EE 5 SDK 深圳电信培训中心.徐海蛟老师. |
||||||||
上一个类 下一个 CLASS | 框架 无框架 | ||||||||
摘要: 嵌套 | 字段 | 构造器 | 方法 | 详细信息: 字段 | 构造器 | 方法 |
javax.security.jacc Class WebUserDataPermission
java.lang.Object java.security.Permission javax.security.jacc.WebUserDataPermission
- 所有已实现的接口:
- Serializable, Guard
public final class WebUserDataPermission
- extends Permission
- implements Serializable
Class for Servlet Web user data permissions. A WebUserDataPermission is a named permission and has actions.
The name of a WebUserDataPermission (also referred to as the target name) identifies a Web resource by its context path relative URL pattern.
- 作者:
- Ron Monzillo, Gary Ellison
- 另请参见:
Permission
, Serialized Form
构造器摘要 | |
---|---|
WebUserDataPermission(HttpServletRequest request)
Creates a new WebUserDataPermission from the HttpServletRequest object. |
|
WebUserDataPermission(String name,
String actions)
Creates a new WebUserDataPermission with the specified name and actions. |
|
WebUserDataPermission(String urlPatternSpec,
String[] HTTPMethods,
String transportType)
Creates a new WebUserDataPermission with name corresponding to the URLPatternSpec, and actions composed from the array of HTTP methods and the transport type. |
方法摘要 | |
---|---|
boolean |
equals(Object o)
Checks two WebUserDataPermission objects for equality. |
String |
getActions()
Returns a canonical String representation of the actions of this WebUserDataPermission. |
int |
hashCode()
Returns the hash code value for this WebUserDataPermission. |
boolean |
implies(Permission permission)
Determines if the argument Permission is "implied by" this WebUserDataPermission. |
类方法继承 java.security.Permission |
---|
checkGuard, getName, newPermissionCollection, toString |
类方法继承 java.lang.Object |
---|
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
构造器详细信息 |
---|
WebUserDataPermission
public WebUserDataPermission(String name, String actions)
- Creates a new WebUserDataPermission with the specified name and actions.
The name contains a URLPatternSpec that identifies the web resources to which the permissions applies. The syntax of a URLPatternSpec is as follows:
URLPatternList ::= URLPattern | URLPatternList colon URLPattern URLPatternSpec ::= null | URLPattern | URLPattern colon URLPatternList
A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor. The empty string is an exact URLPattern, and may occur anywhere in a URLPatternSpec that an exact URLPattern may occur. The first URLPattern in a URLPatternSpec may be any of the pattern types, exact, path-prefix, extension, or default as defined in the Java Servlet Specification). When a URLPatternSpec includes a URLPatternList, the patterns of the URLPatternList identify the resources to which the permission does NOT apply and depend on the pattern type and value of the first pattern as follows:
- No pattern may exist in the URLPatternList that matches the first pattern.
- If the first pattern is a path-prefix pattern, only exact patterns matched by the first pattern and path-prefix patterns matched by, but different from, the first pattern may occur in the URLPatternList.
- If the first pattern is an extension pattern, only exact patterns that are matched by the first pattern and path-prefix patterns may occur in the URLPatternList.
- If the first pattern is the default pattern, "/", any pattern except the default pattern may occur in the URLPatternList.
- If the first pattern is an exact pattern a URLPatternList must not be present in the URLPatternSpec.
The actions parameter contains a comma separated list of HTTP methods that may be followed by a transportType separated from the HTTP method by a colon.
ExtensionMethod ::= any token as defined by RFC 2616 (that is, 1*[any CHAR except CTLs or separators]) HTTPMethod ::= "Get" | "POST" | "PUT" | "DELETE" | "HEAD" | "OPTIONS" | "TRACE" | ExtensionMethod HTTPMethodList ::= HTTPMethod | HTTPMethodList comma HTTPMethod HTTPMethodExceptionList ::= exclaimationPoint HTTPMethodList HTTPMethodSpec ::= emptyString | HTTPMethodExceptionList | HTTPMethodList transportType ::= "INTEGRAL" | "CONFIDENTIAL" | "NONE" actions ::= null | HTTPMethodSpec | HTTPMethodSpec colon transportType
If duplicates occur in the HTTPMethodSpec they must be eliminated by the permission constructor.
An empty string HTTPMethodSpec is a shorthand for a List containing all the possible HTTP methods.
If the HTTPMethodSpec contains an HTTPMethodExceptionList (i.e., it begins with an exclaimationPoint), the permission pertains to all methods except those occuring in the exception list.
An actions string without a transportType is a shorthand for a actions string with the value "NONE" as its TransportType.
A granted permission representing a transportType of "NONE", indicates that the associated resources may be accessed using any conection type.
- 参数:
name
- the URLPatternSpec that identifies the application specific web resources to which the permission pertains. All URLPatterns in the URLPatternSpec are relative to the context path of the deployed web application module, and the same URLPattern must not occur more than once in a URLPatternSpec. A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor.actions
- identifies the HTTP methods and transport type to which the permission pertains. If the value passed through this parameter is null or the empty string, then the permission is constructed with actions corresponding to all the possible HTTP methods and transportType "NONE".
WebUserDataPermission
public WebUserDataPermission(String urlPatternSpec, String[] HTTPMethods, String transportType)
- Creates a new WebUserDataPermission with name corresponding to the
URLPatternSpec, and actions composed from the array of HTTP methods
and the transport type.
- 参数:
urlPatternSpec
- the URLPatternSpec that identifies the application specific web resources to which the permission pertains. All URLPatterns in the URLPatternSpec are relative to the context path of the deployed web application module, and the same URLPattern must not occur more than once in a URLPatternSpec. A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor.HTTPMethods
- an array of strings each element of which contains the value of an HTTP method. If the value passed through this parameter is null or is an array with no elements, then the permission is constructed with actions corresponding to all the possible HTTP methods.transportType
- a String whose value is a transportType. If the value passed through this parameter is null, then the permission is constructed with actions corresponding to transportType "NONE".
WebUserDataPermission
public WebUserDataPermission(HttpServletRequest request)
- Creates a new WebUserDataPermission from the HttpServletRequest
object.
- 参数:
request
- the HttpServletRequest object corresponding to the Servlet operation to which the permission pertains. The permission name is the substring of the requestURI (HttpServletRequest.getRequestURI()) that begins after the contextPath (HttpServletRequest.getContextPath()). When the substring operation yields the string "/", the permission is constructed with the empty string as its name. The HTTP method component of the permission's actions is as obtained from HttpServletRequest.getMethod(). The TransportType component of the permission's actions is determined by calling HttpServletRequest.isSecure().
方法详细信息 |
---|
equals
public boolean equals(Object o)
- Checks two WebUserDataPermission objects for equality.
WebUserDataPermission objects are equivalent if their
URLPatternSpec and (canonicalized) actions values are equivalent.
The URLPatternSpec of a reference permission is equivalent to that
of an argument permission if their first patterns are
equivalent, and the patterns of the URLPatternList of the reference
permission collectively match exactly the same set of patterns
as are matched by the patterns of the URLPatternList of the
argument permission.
Two Permission objects, P1 and P2, are equivalent if and only if P1.implies(P2) && P2.implies(P1).
- 规范说明:
equals
in classPermission
- 参数:
o
- the WebUserDataPermission object being tested for equality with this WebUserDataPermission.- 返回:
- true if the argument WebUserDataPermission object is equivalent to this WebUserDataPermission.
getActions
public String getActions()
- Returns a canonical String representation of the actions of this
WebUserDataPermission. The canonical form of the actions of a
WebUserDataPermission is described by the following syntax description.
ExtensionMethod ::= any token as defined by RFC 2616 (that is, 1*[any CHAR except CTLs or separators]) HTTPMethod ::= "GET" | "POST" | "PUT" | "DELETE" | "HEAD" | "OPTIONS" | "TRACE" | ExtensionMethod HTTPMethodList ::= HTTPMethod | HTTPMethodList comma HTTPMethod HTTPMethodExceptionList ::= exclaimationPoint HTTPMethodList HTTPMethodSpec ::= emptyString | HTTPMethodExceptionList | HTTPMethodList transportType ::= "INTEGRAL" | "CONFIDENTIAL" | "NONE" actions ::= null | HTTPMethodList | HTTPMethodSpec colon transportType
If the permission's HTTP methods correspond to the entire HTTP method set and the permission's transport type is "INTEGRAL" or "CONFIDENTIAL", the HTTP methods shall be represented in the canonical form by an emptyString HTTPMethodSpec. If the permission's HTTP methods correspond to the entire HTTP method set, and the permission's transport type is not "INTEGRAL"or "CONFIDENTIAL", the canonical actions value shall be the null value.
If the permission's methods do not correspond to the entire HTTP method set, duplicates must be eliminated and the remaining elements must be ordered such that the predefined methods preceed the extension methods, and such that within each method classification the corresponding methods occur in ascending lexical order. The resulting (non-emptyString) HTTPMethodSpec must be included in the canonical form, and if the permission's transport type is not "INTEGRAL" or "CONFIDENTIAL", the canonical actions value must be exactly the resulting HTTPMethodSpec.
- 规范说明:
getActions
in classPermission
- 返回:
- a String containing the canonicalized actions of this WebUserDataPermission (or the null value).
hashCode
public int hashCode()
- Returns the hash code value for this WebUserDataPermission. The
properties of the returned hash code must be as follows:
- During the lifetime of a Java application, the hashCode method shall return the same integer value every time it is called on a WebUserDataPermission object. The value returned by hashCode for a particular EJBMethod permission need not remain consistent from one execution of an application to another.
- If two WebUserDataPermission objects are equal according to the equals method, then calling the hashCode method on each of the two Permission objects must produce the same integer result (within an application).
- 规范说明:
hashCode
in classPermission
- 返回:
- the integer hash code value for this object.
implies
public boolean implies(Permission permission)
- Determines if the argument Permission is "implied by" this
WebUserDataPermission. For this to be the case all of the following
must be true:
- The argument is an instanceof WebUserDataPermission.
- The first URLPattern in the name of the argument permission is matched by the first URLPattern in the name of this permission.
- The first URLPattern in the name of the argument permission is NOT matched by any URLPattern in the URLPatternList of the URLPatternSpec of this permission.
- If the first URLPattern in the name of the argument permission matches the first URLPattern in the URLPatternSpec of this permission, then every URLPattern in the URLPatternList of the URLPatternSpec of this permission is matched by a URLPattern in the URLPatternList of the argument permission.
- The HTTP methods represented by the actions of the argument permission are a subset of the HTTP methods represented by the actions of this permission.
- The transportType in the actions of this permission either corresponds to the value "NONE", or equals the transportType in the actions of the argument permission.
URLPattern matching is performed using the Servlet matching rules where two URL patterns match if they are related as follows:
- their pattern values are String equivalent, or
- this pattern is the path-prefix pattern "/*", or
- this pattern is a path-prefix pattern (that is, it starts with "/" and ends with "/*") and the argument pattern starts with the substring of this pattern, minus its last 2 characters, and the next character of the argument pattern, if there is one, is "/", or
- this pattern is an extension pattern (that is, it starts with "*.") and the argument pattern ends with this pattern, or
- the reference pattern is the special default pattern, "/", which matches all argument patterns.
All of the comparisons described above are case sensitive.
- 规范说明:
implies
in classPermission
- 参数:
permission
- "this" WebUserDataPermission is checked to see if it implies the argument permission.- 返回:
- true if the specified permission is implied by this object, false if not.
|
Java EE 5 SDK 深圳电信培训中心.徐海蛟老师. |
||||||||
上一个类 下一个 CLASS | 框架 无框架 | ||||||||
摘要: 嵌套 | 字段 | 构造器 | 方法 | 详细信息: 字段 | 构造器 | 方法 |
提交错误或意见
版权所有 2007 Sun Microsystems, Inc. 保留所有权利。 请遵守许可证条款。深圳电信培训中心.徐海蛟老师教学参考.