[jboss-cvs] JBossAS SVN: r112756 - branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Mar 12 15:41:05 EDT 2012 

Author: dehort
Date: 2012-03-12 15:41:03 -0400 (Mon, 12 Mar 2012)
New Revision: 112756

Modified:
   branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java
Log:
Modified the WebPermissionMapping so that the JACC policy is built correctly with regards to the addToUncheckedPolicy calls.
[JBPAPP-8432]


Modified: branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java
===================================================================
--- branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java	2012-03-12 18:49:29 UTC (rev 112755)
+++ branches/JBPAPP_5_1_2_GA_JBPAPP-8432/server/src/main/org/jboss/web/WebPermissionMapping.java	2012-03-12 19:41:03 UTC (rev 112756)
@@ -213,9 +213,12 @@
                wrp = new WebResourcePermission(qurl, httpMethods);
             }
             pc.addToRole(role, wrp);
-            
+          
+            //there are totally 7 http methods from the jacc spec (See WebResourceCollectionMetaData.ALL_HTTP_METHOD_NAMES)
+            final int NUMBER_OF_HTTP_METHODS = 7;
+
             //JACC 1.1: create !(httpmethods) in unchecked perms
-            if(httpMethods != null)
+            if(httpMethods != null && httpMethods.length != NUMBER_OF_HTTP_METHODS)
             {
                WebResourcePermission wrpUnchecked = new WebResourcePermission(info.pattern, 
                      "!" + getCommaSeparatedString(httpMethods));
@@ -224,14 +227,16 @@
          }
 
          // Create the unchecked permissions
-         String[] missingHttpMethods = info.getMissingMethods(); 
-         if( missingHttpMethods.length > 0 )
+         String[] missingHttpMethods = info.getMissingMethods();
+         int length = missingHttpMethods.length;
+         roles = info.getRoleMethods();
+         if( length > 0 && !roles.hasNext() )
          {
-            // Create the unchecked permissions WebResourcePermissions
+        	// Create the unchecked permissions WebResourcePermissions
             WebResourcePermission wrp = new WebResourcePermission(qurl, missingHttpMethods);
             pc.addToUncheckedPolicy(wrp);  
          }
-         else
+         else if(!roles.hasNext())
             pc.addToUncheckedPolicy(new WebResourcePermission(qurl, (String)null));
          
          //SECURITY-63: Missing auth-constraint needs unchecked policy

More information about the jboss-cvs-commits mailing list