Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to 'jetty-security/src/main/java/org/eclipse')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintAware.java4
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java74
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/IdentityService.java4
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java17
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java12
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java13
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java2
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java4
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java6
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java2
10 files changed, 64 insertions, 74 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintAware.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintAware.java
index a93166ca99..15f64dc430 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintAware.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintAware.java
@@ -21,9 +21,6 @@ package org.eclipse.jetty.security;
import java.util.List;
import java.util.Set;
-/**
- * @version $Rev: 4466 $ $Date: 2009-02-10 23:42:54 +0100 (Tue, 10 Feb 2009) $
- */
public interface ConstraintAware
{
List<ConstraintMapping> getConstraintMappings();
@@ -65,6 +62,7 @@ public interface ConstraintAware
/**
* See Servlet Spec 31, sec 13.8.4, pg 145
* Container must check if there are urls with uncovered http methods
+ * @return true if urls with uncovered http methods
*/
boolean checkPathsWithUncoveredHttpMethods();
}
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
index fe9fef76d5..1e022fd363 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
@@ -50,14 +50,12 @@ import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.security.Constraint;
-/* ------------------------------------------------------------ */
/**
* ConstraintSecurityHandler
- *
+ * <p>
* Handler to enforce SecurityConstraints. This implementation is servlet spec
* 3.1 compliant and pre-computes the constraint combinations for runtime
* efficiency.
- *
*/
public class ConstraintSecurityHandler extends SecurityHandler implements ConstraintAware
{
@@ -78,9 +76,6 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
}
/* ------------------------------------------------------------ */
- /**
- * @param constraint
- */
public static Constraint createConstraint(Constraint constraint)
{
try
@@ -97,10 +92,11 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/**
* Create a security constraint
*
- * @param name
- * @param authenticate
- * @param roles
- * @param dataConstraint
+ * @param name the name of the constraint
+ * @param authenticate true to authenticate
+ * @param roles list of roles
+ * @param dataConstraint the data constraint
+ * @return the constraint
*/
public static Constraint createConstraint (String name, boolean authenticate, String[] roles, int dataConstraint)
{
@@ -116,8 +112,11 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/* ------------------------------------------------------------ */
/**
- * @param name
- * @param element
+ * Create a Constraint
+ *
+ * @param name the name
+ * @param element the http constraint element
+ * @return the created constraint
*/
public static Constraint createConstraint (String name, HttpConstraintElement element)
{
@@ -127,10 +126,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/* ------------------------------------------------------------ */
/**
- * @param name
- * @param rolesAllowed
- * @param permitOrDeny
- * @param transport
+ * Create Constraint
+ *
+ * @param name the name
+ * @param rolesAllowed the list of allowed roles
+ * @param permitOrDeny the permission semantic
+ * @param transport the transport guarantee
+ * @return the created constraint
*/
public static Constraint createConstraint (String name, String[] rolesAllowed, EmptyRoleSemantic permitOrDeny, TransportGuarantee transport)
{
@@ -167,10 +169,6 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/* ------------------------------------------------------------ */
- /**
- * @param pathSpec
- * @param constraintMappings
- */
public static List<ConstraintMapping> getConstraintMappingsForPath(String pathSpec, List<ConstraintMapping> constraintMappings)
{
if (pathSpec == null || "".equals(pathSpec.trim()) || constraintMappings == null || constraintMappings.size() == 0)
@@ -192,8 +190,9 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/** Take out of the constraint mappings those that match the
* given path.
*
- * @param pathSpec
+ * @param pathSpec the path spec
* @param constraintMappings a new list minus the matching constraints
+ * @return the list of constraint mappings
*/
public static List<ConstraintMapping> removeConstraintMappingsForPath(String pathSpec, List<ConstraintMapping> constraintMappings)
{
@@ -215,12 +214,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/* ------------------------------------------------------------ */
- /** Generate Constraints and ContraintMappings for the given url pattern and ServletSecurityElement
+ /**
+ * Generate Constraints and ContraintMappings for the given url pattern and ServletSecurityElement
*
- * @param name
- * @param pathSpec
- * @param securityElement
- * @return
+ * @param name the name
+ * @param pathSpec the path spec
+ * @param securityElement the servlet security element
+ * @return the list of constraint mappings
*/
public static List<ConstraintMapping> createConstraintsWithMappingsForPath (String name, String pathSpec, ServletSecurityElement securityElement)
{
@@ -463,7 +463,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
* Create and combine the constraint with the existing processed
* constraints.
*
- * @param mapping
+ * @param mapping the constraint mapping
*/
protected void processConstraintMapping(ConstraintMapping mapping)
{
@@ -521,8 +521,8 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
* the mappings: an entry that names the method of the Request specifically, an
* entry that names constraints that apply to all methods, entries of the form
* &lt;method&gt;.omission, where the method of the Request is not named in the omission.
- * @param mapping
- * @param mappings
+ * @param mapping the constraint mapping
+ * @param mappings the mappings of roles
*/
protected void processConstraintMappingWithMethodOmissions (ConstraintMapping mapping, Map<String, RoleInfo> mappings)
{
@@ -544,8 +544,8 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/* ------------------------------------------------------------ */
/**
* Initialize or update the RoleInfo from the constraint
- * @param ri
- * @param mapping
+ * @param ri the role info
+ * @param mapping the constraint mapping
*/
protected void configureRoleInfo (RoleInfo ri, ConstraintMapping mapping)
{
@@ -870,9 +870,9 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
* Check if any http method omissions exist in the list of method
* to auth info mappings.
*
- * @param path
- * @param methodMappings
- * @return
+ * @param path the path
+ * @param methodMappings the method mappings
+ * @return true if ommision exist
*/
protected boolean omissionsExist (String path, Map<String, RoleInfo> methodMappings)
{
@@ -890,11 +890,11 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
/* ------------------------------------------------------------ */
/**
- * Given a string of the form &lt;method&gt;.&lt;method&gt;.omission
+ * Given a string of the form <code>&lt;method&gt;.&lt;method&gt;.omission</code>
* split out the individual method names.
*
- * @param omission
- * @return
+ * @param omission the method
+ * @return the list of strings
*/
protected Set<String> getOmittedMethods (String omission)
{
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/IdentityService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/IdentityService.java
index f93f09523a..b32da00297 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/IdentityService.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/IdentityService.java
@@ -24,10 +24,8 @@ import javax.security.auth.Subject;
import org.eclipse.jetty.server.UserIdentity;
-/* ------------------------------------------------------------ */
/**
* Associates UserIdentities from with threads and UserIdentity.Contexts.
- *
*/
public interface IdentityService
{
@@ -37,7 +35,7 @@ public interface IdentityService
/**
* Associate a user identity with the current thread.
* This is called with as a thread enters the
- * {@link SecurityHandler#handle(String, Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)}
+ * {@link SecurityHandler#handle(String, org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)}
* method and then again with a null argument as that call exits.
* @param user The current user or null for no user to associated.
* @return an object representing the previous associated state
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java b/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java
index b4937d3a66..d5c8244141 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/PropertyUserStore.java
@@ -46,12 +46,12 @@ import org.eclipse.jetty.util.security.Credential;
/**
* PropertyUserStore
- *
+ * <p>
* This class monitors a property file of the format mentioned below and notifies registered listeners of the changes to the the given file.
*
- * <PRE>
+ * <pre>
* username: password [,rolename ...]
- * </PRE>
+ * </pre>
*
* Passwords may be clear text, obfuscated or checksummed. The class com.eclipse.Util.Password should be used to generate obfuscated passwords or password
* checksums.
@@ -93,7 +93,8 @@ public class PropertyUserStore extends AbstractLifeCycle
/* ------------------------------------------------------------ */
/**
- * returns the resource associated with the configured properties file, creating it if necessary
+ * @return the resource associated with the configured properties file, creating it if necessary
+ * @throws IOException if unable to get the resource
*/
public Resource getConfigResource() throws IOException
{
@@ -108,15 +109,16 @@ public class PropertyUserStore extends AbstractLifeCycle
/* ------------------------------------------------------------ */
/**
* sets the refresh interval (in seconds)
+ * @param sec the refresh interval
*/
- public void setRefreshInterval(int msec)
+ public void setRefreshInterval(int sec)
{
- _refreshInterval = msec;
+ _refreshInterval = sec;
}
/* ------------------------------------------------------------ */
/**
- * refresh interval in seconds for how often the properties file should be checked for changes
+ * @return refresh interval in seconds for how often the properties file should be checked for changes
*/
public int getRefreshInterval()
{
@@ -334,6 +336,7 @@ public class PropertyUserStore extends AbstractLifeCycle
/**
* registers a listener to be notified of the contents of the property file
+ * @param listener the user listener
*/
public void registerUserListener(UserListener listener)
{
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
index 1a8abdf6c7..532f4b863a 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
@@ -44,6 +44,7 @@ import org.eclipse.jetty.util.log.Logger;
/**
* Abstract SecurityHandler.
+ * <p>
* Select and apply an {@link Authenticator} to a request.
* <p>
* The Authenticator may either be directly set on the handler
@@ -54,7 +55,6 @@ import org.eclipse.jetty.util.log.Logger;
* Authentication.Configuration. At startup, any context init parameters
* that start with "org.eclipse.jetty.security." that do not have
* values in the SecurityHandler init parameters, are copied.
- *
*/
public abstract class SecurityHandler extends HandlerWrapper implements Authenticator.AuthConfiguration
{
@@ -129,8 +129,9 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
}
/* ------------------------------------------------------------ */
- /** Set the authenticator.
- * @param authenticator
+ /**
+ * Set the authenticator.
+ * @param authenticator the authenticator
* @throws IllegalStateException if the SecurityHandler is running
*/
public void setAuthenticator(Authenticator authenticator)
@@ -247,8 +248,8 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
/* ------------------------------------------------------------ */
/** Set an initialization parameter.
- * @param key
- * @param value
+ * @param key the init key
+ * @param value the init value
* @return previous value
* @throws IllegalStateException if the SecurityHandler is running
*/
@@ -414,6 +415,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
/** Set renew the session on Authentication.
* <p>
* If set to true, then on authentication, the session associated with a reqeuest is invalidated and replaced with a new session.
+ * @param renew true to renew the authentication on session
* @see org.eclipse.jetty.security.Authenticator.AuthConfiguration#isSessionRenewedOnAuthentication()
*/
public void setSessionRenewedOnAuthentication(boolean renew)
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
index 0da4ca4cc3..814a284c11 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
@@ -42,9 +42,6 @@ import org.eclipse.jetty.util.security.CertificateValidator;
import org.eclipse.jetty.util.security.Constraint;
import org.eclipse.jetty.util.security.Password;
-/**
- * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
- */
public class ClientCertAuthenticator extends LoginAuthenticator
{
/** String name of keystore password property. */
@@ -83,12 +80,6 @@ public class ClientCertAuthenticator extends LoginAuthenticator
return Constraint.__CERT_AUTH;
}
-
-
- /**
- * @return Authentication for request
- * @throws ServerAuthException
- */
@Override
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
{
@@ -166,7 +157,7 @@ public class ClientCertAuthenticator extends LoginAuthenticator
* @param storeProvider keystore provider
* @param storePassword keystore password
* @return created keystore
- * @throws Exception
+ * @throws Exception if unable to get keystore
*/
protected KeyStore getKeyStore(String storePath, String storeType, String storeProvider, String storePassword) throws Exception
{
@@ -183,7 +174,7 @@ public class ClientCertAuthenticator extends LoginAuthenticator
* @param crlPath path of certificate revocation list file
* @return a (possibly empty) collection view of java.security.cert.CRL objects initialized with the data from the
* input stream.
- * @throws Exception
+ * @throws Exception if unable to load CRL
*/
protected Collection<? extends CRL> loadCRL(String crlPath) throws Exception
{
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
index 53276acdd0..ff896c82ad 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
@@ -140,7 +140,7 @@ public class DeferredAuthentication implements Authentication.Deferred
/* ------------------------------------------------------------ */
/**
- * @param response
+ * @param response the response
* @return true if this response is from a deferred call to {@link #authenticate(ServletRequest)}
*/
public static boolean isDeferred(HttpServletResponse response)
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
index 48e4b84a50..4fc87fd0a9 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
@@ -64,8 +64,6 @@ import org.eclipse.jetty.util.security.Constraint;
* to the /j_security_check URI within the context. FormAuthentication uses
* {@link SessionAuthentication} to wrap Authentication results so that they
* are associated with the session.</p>
- *
- *
*/
public class FormAuthenticator extends LoginAuthenticator
{
@@ -109,7 +107,7 @@ public class FormAuthenticator extends LoginAuthenticator
* be remembered. If false, only the first uri that leads to a login
* page redirect is remembered.
* See https://bugs.eclipse.org/bugs/show_bug.cgi?id=379909
- * @param alwaysSave
+ * @param alwaysSave true to always save the uri
*/
public void setAlwaysSaveUri (boolean alwaysSave)
{
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
index ea559ff6c7..e85b680fbe 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
@@ -92,11 +92,11 @@ public abstract class LoginAuthenticator implements Authenticator
/** Change the session id.
* The session is changed to a new instance with a new ID if and only if:<ul>
* <li>A session exists.
- * <li>The {@link AuthConfiguration#isSessionRenewedOnAuthentication()} returns true.
+ * <li>The {@link org.eclipse.jetty.security.Authenticator.AuthConfiguration#isSessionRenewedOnAuthentication()} returns true.
* <li>The session ID has been given to unauthenticated responses
* </ul>
- * @param request
- * @param response
+ * @param request the request
+ * @param response the response
* @return The new session.
*/
protected HttpSession renewSession(HttpServletRequest request, HttpServletResponse response)
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
index 3f0fbe6f68..8692635bb1 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
@@ -46,7 +46,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
/**
* Allow for a custom authMethod value to be set for instances where SPENGO may not be appropriate
- * @param authMethod
+ * @param authMethod the auth method
*/
public SpnegoAuthenticator( String authMethod )
{

Back to the top