[jboss-cvs] JBossAS SVN: r112756 - branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Mar 12 15:41:05 EDT 2012
Author: dehort
Date: 2012-03-12 15:41:03 -0400 (Mon, 12 Mar 2012)
New Revision: 112756
Modified:
branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java
Log:
Modified the WebPermissionMapping so that the JACC policy is built correctly with regards to the addToUncheckedPolicy calls.
[JBPAPP-8432]
Modified: branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java
===================================================================
--- branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java 2012-03-12 18:49:29 UTC (rev 112755)
+++ branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java 2012-03-12 19:41:03 UTC (rev 112756)
@@ -213,9 +213,12 @@
wrp = new WebResourcePermission(qurl, httpMethods);
}
pc.addToRole(role, wrp);
-
+
+ //there are totally 7 http methods from the jacc spec (See WebResourceCollectionMetaData.ALL_HTTP_METHOD_NAMES)
+ final int NUMBER_OF_HTTP_METHODS = 7;
+
//JACC 1.1: create !(httpmethods) in unchecked perms
- if(httpMethods != null)
+ if(httpMethods != null && httpMethods.length != NUMBER_OF_HTTP_METHODS)
{
WebResourcePermission wrpUnchecked = new WebResourcePermission(info.pattern,
"!" + getCommaSeparatedString(httpMethods));
@@ -224,14 +227,16 @@
}
// Create the unchecked permissions
- String[] missingHttpMethods = info.getMissingMethods();
- if( missingHttpMethods.length > 0 )
+ String[] missingHttpMethods = info.getMissingMethods();
+ int length = missingHttpMethods.length;
+ roles = info.getRoleMethods();
+ if( length > 0 && !roles.hasNext() )
{
- // Create the unchecked permissions WebResourcePermissions
+ // Create the unchecked permissions WebResourcePermissions
WebResourcePermission wrp = new WebResourcePermission(qurl, missingHttpMethods);
pc.addToUncheckedPolicy(wrp);
}
- else
+ else if(!roles.hasNext())
pc.addToUncheckedPolicy(new WebResourcePermission(qurl, (String)null));
//SECURITY-63: Missing auth-constraint needs unchecked policy
More information about the jboss-cvs-commits
mailing list