[jboss-cvs] JBossAS SVN: r63510 - trunk/server/src/main/org/jboss/web.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Jun 13 16:12:21 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-06-13 16:12:21 -0400 (Wed, 13 Jun 2007)
New Revision: 63510
Modified:
trunk/server/src/main/org/jboss/web/WebPermissionMapping.java
Log:
SECURITY-63:Missing auth-constraint requires an unchecked permission
Modified: trunk/server/src/main/org/jboss/web/WebPermissionMapping.java
===================================================================
--- trunk/server/src/main/org/jboss/web/WebPermissionMapping.java 2007-06-13 19:32:44 UTC (rev 63509)
+++ trunk/server/src/main/org/jboss/web/WebPermissionMapping.java 2007-06-13 20:12:21 UTC (rev 63510)
@@ -99,7 +99,7 @@
if( wsmd.isExcluded() )
{
info.addExcludedMethods(httpMethods);
- }
+ }
}
}
}
@@ -139,7 +139,10 @@
}
info.addRoles(mappedRoles, httpMethods);
// Add the transport to methods
- info.addTransport(transport, httpMethods);
+ info.addTransport(transport, httpMethods);
+ //SECURITY-63: Missing auth-constraint needs unchecked policy
+ if(wsmd.getAuthConstraint() == null)
+ info.isMissingAuthConstraint = true;
}
}
}
@@ -205,6 +208,12 @@
}
else
pc.addToUncheckedPolicy(new WebResourcePermission(qurl, (String)null));
+
+ //SECURITY-63: Missing auth-constraint needs unchecked policy
+ if(info.isMissingAuthConstraint)
+ {
+ pc.addToUncheckedPolicy(new WebResourcePermission(qurl, (String)null));
+ }
// Create the unchecked permissions WebUserDataPermissions
Iterator transportContraints = info.getTransportMethods();
@@ -526,6 +535,11 @@
* obsolete?
*/
boolean isOverriden;
+
+ /**
+ * A Security Constraint is missing an <auth-constraint/>
+ */
+ boolean isMissingAuthConstraint;
/**
* @param pattern - the url-pattern value
More information about the jboss-cvs-commits
mailing list