diff options
author | Simone Bordet | 2011-02-24 11:21:33 +0000 |
---|---|---|
committer | Simone Bordet | 2011-02-24 11:21:33 +0000 |
commit | f5cb64ff547d93b004baffe033f2a03f66199a95 (patch) | |
tree | a7e86b03ef777baf3f8080d93d728adf1ab60980 /jetty-security/src/main/java | |
parent | 42d8d84239897597e4bdd88acf380b51a5e19e9f (diff) | |
download | org.eclipse.jetty.project-f5cb64ff547d93b004baffe033f2a03f66199a95.tar.gz org.eclipse.jetty.project-f5cb64ff547d93b004baffe033f2a03f66199a95.tar.xz org.eclipse.jetty.project-f5cb64ff547d93b004baffe033f2a03f66199a95.zip |
Fixes 338068 (Leaking ConstraintMappings on redeploy).
git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@2829 7e9141cc-0065-0410-87d8-b60c137991c4
Diffstat (limited to 'jetty-security/src/main/java')
-rw-r--r-- | jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java | 85 |
1 files changed, 42 insertions, 43 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java index c3dad890d2..f8d92e8d27 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java @@ -4,17 +4,16 @@ // All rights reserved. This program and the accompanying materials // are made available under the terms of the Eclipse Public License v1.0 // and Apache License v2.0 which accompanies this distribution. -// The Eclipse Public License is available at +// The Eclipse Public License is available at // http://www.eclipse.org/legal/epl-v10.html // The Apache License v2.0 is available at // http://www.opensource.org/licenses/apache2.0.php -// You may elect to redistribute this code under either of these licenses. +// You may elect to redistribute this code under either of these licenses. // ======================================================================== package org.eclipse.jetty.security; import java.io.IOException; -import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.Collections; @@ -31,10 +30,7 @@ import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.HttpConnection; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.Response; -import org.eclipse.jetty.server.SessionManager; import org.eclipse.jetty.server.UserIdentity; -import org.eclipse.jetty.server.handler.ContextHandler; -import org.eclipse.jetty.server.session.SessionHandler; import org.eclipse.jetty.util.StringMap; import org.eclipse.jetty.util.TypeUtil; @@ -43,7 +39,7 @@ import org.eclipse.jetty.util.TypeUtil; * Handler to enforce SecurityConstraints. This implementation is servlet spec * 2.4 compliant and precomputes the constraint combinations for runtime * efficiency. - * + * */ public class ConstraintSecurityHandler extends SecurityHandler implements ConstraintAware { @@ -51,9 +47,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr private final Set<String> _roles = new CopyOnWriteArraySet<String>(); private final PathMap _constraintMap = new PathMap(); private boolean _strict = true; - private SessionHandler _sessionHandler; - /* ------------------------------------------------------------ */ /** Get the strict mode. * @return true if the security handler is running in strict mode. @@ -74,7 +68,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr * <li>The * role in a constraint applies to ANY role rather than all roles defined in * the deployment descriptor. * </ul> - * + * * @param strict the strict to set * @see #setRoles(Set) * @see #setConstraintMappings(List, Set) @@ -86,7 +80,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr /* ------------------------------------------------------------ */ /** - * @return Returns the contraintMappings. + * @return Returns the constraintMappings. */ public List<ConstraintMapping> getConstraintMappings() { @@ -98,41 +92,41 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr { return _roles; } - + /* ------------------------------------------------------------ */ /** * Process the constraints following the combining rules in Servlet 3.0 EA * spec section 13.7.1 Note that much of the logic is in the RoleInfo class. - * + * * @param constraintMappings - * The contraintMappings to set, from which the set of known roles + * The constraintMappings to set, from which the set of known roles * is determined. */ public void setConstraintMappings(List<ConstraintMapping> constraintMappings) { setConstraintMappings(constraintMappings,null); } - + /** * Process the constraints following the combining rules in Servlet 3.0 EA * spec section 13.7.1 Note that much of the logic is in the RoleInfo class. - * + * * @param constraintMappings - * The contraintMappings to set as array, from which the set of known roles + * The constraintMappings to set as array, from which the set of known roles * is determined. Needed to retain API compatibility for 7.x */ public void setConstraintMappings( ConstraintMapping[] constraintMappings ) { setConstraintMappings( Arrays.asList(constraintMappings), null); } - + /* ------------------------------------------------------------ */ /** * Process the constraints following the combining rules in Servlet 3.0 EA * spec section 13.7.1 Note that much of the logic is in the RoleInfo class. - * + * * @param constraintMappings - * The contraintMappings to set. + * The constraintMappings to set. * @param roles The known roles (or null to determine them from the mappings) */ public void setConstraintMappings(List<ConstraintMapping> constraintMappings, Set<String> roles) @@ -141,7 +135,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr throw new IllegalStateException("Started"); _constraintMappings.clear(); _constraintMappings.addAll(constraintMappings); - + if (roles==null) { roles = new HashSet<String>(); @@ -158,7 +152,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr } setRoles(roles); } - + /* ------------------------------------------------------------ */ /** * Set the known roles. @@ -171,12 +165,12 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr { if (isStarted()) throw new IllegalStateException("Started"); - + _roles.clear(); _roles.addAll(roles); } - - + + /* ------------------------------------------------------------ */ /** @@ -188,10 +182,10 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr if (mapping.getConstraint()!=null && mapping.getConstraint().getRoles()!=null) for (String role : mapping.getConstraint().getRoles()) addRole(role); - + if (isStarted()) { - processContraintMapping(mapping); + processConstraintMapping(mapping); } } @@ -228,17 +222,22 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr { for (ConstraintMapping mapping : _constraintMappings) { - processContraintMapping(mapping); + processConstraintMapping(mapping); } } - - if (ContextHandler.getCurrentContext()!=null) - _sessionHandler = ContextHandler.getCurrentContext().getContextHandler().getNestedHandlerByClass(SessionHandler.class); - super.doStart(); } - protected void processContraintMapping(ConstraintMapping mapping) + @Override + protected void doStop() throws Exception + { + _constraintMap.clear(); + _constraintMappings.clear(); + _roles.clear(); + super.doStop(); + } + + protected void processConstraintMapping(ConstraintMapping mapping) { Map<String, RoleInfo> mappings = (Map<String, RoleInfo>)_constraintMap.get(mapping.getPathSpec()); if (mappings == null) @@ -249,7 +248,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr RoleInfo allMethodsRoleInfo = mappings.get(null); if (allMethodsRoleInfo != null && allMethodsRoleInfo.isForbidden()) return; - + String httpMethod = mapping.getMethod(); RoleInfo roleInfo = mappings.get(httpMethod); if (roleInfo == null) @@ -263,7 +262,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr } if (roleInfo.isForbidden()) return; - + Constraint constraint = mapping.getConstraint(); boolean forbidden = constraint.isForbidden(); roleInfo.setForbidden(forbidden); @@ -320,7 +319,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr } } } - + protected Object prepareConstraintInfo(String pathInContext, Request request) { Map<String, RoleInfo> mappings = (Map<String, RoleInfo>)_constraintMap.match(pathInContext); @@ -333,7 +332,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr roleInfo = mappings.get(null); return roleInfo; } - + return null; } @@ -341,12 +340,12 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr { if (constraintInfo == null) return true; - + RoleInfo roleInfo = (RoleInfo)constraintInfo; if (roleInfo.isForbidden()) return false; - - + + UserDataConstraint dataConstraint = roleInfo.getUserDataConstraint(); if (dataConstraint == null || dataConstraint == UserDataConstraint.None) { @@ -390,7 +389,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr } else response.sendError(Response.SC_FORBIDDEN,"!Confidential"); - + request.setHandled(true); return false; } @@ -424,10 +423,10 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr { return true; } - + if (roleInfo.isAnyRole() && request.getAuthType()!=null) return true; - + for (String role : roleInfo.getRoles()) { if (userIdentity.isUserInRole(role, null)) |