diff options
Diffstat (limited to 'jetty-util/src/main/java/org/eclipse/jetty/util/security/Constraint.java')
-rw-r--r-- | jetty-util/src/main/java/org/eclipse/jetty/util/security/Constraint.java | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/security/Constraint.java b/jetty-util/src/main/java/org/eclipse/jetty/util/security/Constraint.java index 4d2d9118e2..85ae39f03e 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/security/Constraint.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/security/Constraint.java @@ -23,6 +23,8 @@ import java.util.Arrays; /* ------------------------------------------------------------ */ /** + * Constraint + * * Describe an auth and/or data constraint. * * @@ -65,6 +67,8 @@ public class Constraint implements Cloneable, Serializable public final static String NONE = "NONE"; public final static String ANY_ROLE = "*"; + + public final static String ANY_AUTH = "**"; //Servlet Spec 3.1 pg 140 /* ------------------------------------------------------------ */ private String _name; @@ -74,6 +78,8 @@ public class Constraint implements Cloneable, Serializable private int _dataConstraint = DC_UNSET; private boolean _anyRole = false; + + private boolean _anyAuth = false; private boolean _authenticate = false; @@ -119,9 +125,15 @@ public class Constraint implements Cloneable, Serializable { _roles = roles; _anyRole = false; + _anyAuth = false; if (roles != null) - for (int i = roles.length; !_anyRole && i-- > 0;) + { + for (int i = roles.length; i-- > 0;) + { _anyRole |= ANY_ROLE.equals(roles[i]); + _anyAuth |= ANY_AUTH.equals(roles[i]); + } + } } /* ------------------------------------------------------------ */ @@ -132,6 +144,16 @@ public class Constraint implements Cloneable, Serializable { return _anyRole; } + + + /* ------------------------------------------------------------ */ + /** Servlet Spec 3.1, pg 140 + * @return True if any authenticated user is permitted (ie a role "**" was specified in the constraint). + */ + public boolean isAnyAuth() + { + return _anyAuth; + } /* ------------------------------------------------------------ */ /** |