public class HttpConstraintElement
extends java.lang.Object
HttpConstraint
annotation value.Constructor and Description |
---|
HttpConstraintElement()
Constructs a default HTTP constraint element
|
HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic)
Convenience constructor to establish EmptyRoleSemantic.DENY
|
HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic,
ServletSecurity.TransportGuarantee guarantee,
java.lang.String... roleNames)
Constructor to establish all of getEmptyRoleSemantic, getRolesAllowed, and getTransportGuarantee.
|
HttpConstraintElement(ServletSecurity.TransportGuarantee guarantee,
java.lang.String... roleNames)
Constructor to establish non-empty getRolesAllowed and/or TransportGuarantee.CONFIDENTIAL.
|
Modifier and Type | Method and Description |
---|---|
ServletSecurity.EmptyRoleSemantic |
getEmptyRoleSemantic()
Gets the default authorization semantic.
|
java.lang.String[] |
getRolesAllowed()
Gets the names of the authorized roles.
|
ServletSecurity.TransportGuarantee |
getTransportGuarantee()
Gets the data protection requirement (i.e., whether or not SSL/TLS is required) that must be satisfied by the
transport connection.
|
public HttpConstraintElement()
public HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic)
semantic
- should be EmptyRoleSemantic.DENYpublic HttpConstraintElement(ServletSecurity.TransportGuarantee guarantee, java.lang.String... roleNames)
guarantee
- TransportGuarantee.NONE or TransportGuarantee.CONFIDENTIALroleNames
- the names of the roles that are to be allowed accesspublic HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic, ServletSecurity.TransportGuarantee guarantee, java.lang.String... roleNames)
semantic
- EmptyRoleSemantic.DENY or EmptyRoleSemantic.PERMITguarantee
- TransportGuarantee.NONE or TransportGuarantee.CONFIDENTIALroleNames
- the names of the roles that are to be allowed access, or missing if the semantic is
EmptyRoleSemantic.DENYpublic ServletSecurity.EmptyRoleSemantic getEmptyRoleSemantic()
This value is insignificant when getRolesAllowed
returns a non-empty array, and should not be
specified when a non-empty array is specified for getRolesAllowed.
ServletSecurity.EmptyRoleSemantic
to be applied when getRolesAllowed
returns an empty (that is,
zero-length) arraypublic ServletSecurity.TransportGuarantee getTransportGuarantee()
ServletSecurity.TransportGuarantee
indicating the data protection that must be provided by the connectionpublic java.lang.String[] getRolesAllowed()
Duplicate role names appearing in getRolesAllowed are insignificant and may be discarded. The String "*" has no special meaning as a role name (should it occur in getRolesAllowed).
getEmptyRoleSemantic()
. If its value is DENY, and getRolesAllowed
returns an
empty array, access is to be denied independent of authentication state and identity. Conversely, if its
value is PERMIT
, it indicates that access is to be allowed independent of authentication
state and identity. When the array contains the names of one or more roles, it indicates that access is
contingent on membership in at least one of the named roles (independent of the value of
getEmptyRoleSemantic()
).