public class HttpConstraintElement
extends java.lang.Object
HttpConstraint
annotation value.Constructor and Description |
---|
HttpConstraintElement()
Constructs a default HTTP constraint element
|
HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic)
Convenience constructor to establish EmptyRoleSemantic.DENY
|
HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic,
ServletSecurity.TransportGuarantee guarantee,
java.lang.String... roleNames)
Constructor to establish all of getEmptyRoleSemantic, getRolesAllowed, and getTransportGuarantee.
|
HttpConstraintElement(ServletSecurity.TransportGuarantee guarantee,
java.lang.String... roleNames)
Constructor to establish non-empty getRolesAllowed and/or TransportGuarantee.CONFIDENTIAL.
|
Modifier and Type | Method and Description |
---|---|
ServletSecurity.EmptyRoleSemantic |
getEmptyRoleSemantic()
Gets the default authorization semantic.
|
java.lang.String[] |
getRolesAllowed()
Gets the names of the authorized roles.
|
ServletSecurity.TransportGuarantee |
getTransportGuarantee()
Gets the data protection requirement (i.e., whether or not SSL/TLS is required) that must be satisfied by the
transport connection.
|
public HttpConstraintElement()
public HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic)
semantic
- should be EmptyRoleSemantic.DENYpublic HttpConstraintElement(ServletSecurity.TransportGuarantee guarantee, java.lang.String... roleNames)
guarantee
- TransportGuarantee.NONE or TransportGuarantee.CONFIDENTIALroleNames
- the names of the roles that are to be allowed accesspublic HttpConstraintElement(ServletSecurity.EmptyRoleSemantic semantic, ServletSecurity.TransportGuarantee guarantee, java.lang.String... roleNames)
semantic
- EmptyRoleSemantic.DENY or EmptyRoleSemantic.PERMITguarantee
- TransportGuarantee.NONE or TransportGuarantee.CONFIDENTIALroleNames
- the names of the roles that are to be allowed access, or missing if the semantic is
EmptyRoleSemantic.DENYpublic ServletSecurity.EmptyRoleSemantic getEmptyRoleSemantic()
This value is insignificant when getRolesAllowed
returns a non-empty array, and should not be specified
when a non-empty array is specified for getRolesAllowed.
ServletSecurity.EmptyRoleSemantic
to be applied when getRolesAllowed
returns an empty (that is,
zero-length) arraypublic ServletSecurity.TransportGuarantee getTransportGuarantee()
ServletSecurity.TransportGuarantee
indicating the data protection that must be provided by the connectionpublic java.lang.String[] getRolesAllowed()
Duplicate role names appearing in getRolesAllowed are insignificant and may be discarded. The String "*" has no special meaning as a role name (should it occur in getRolesAllowed).
getEmptyRoleSemantic()
. If its value is DENY, and getRolesAllowed
returns an empty
array, access is to be denied independent of authentication state and identity. Conversely, if its value is
PERMIT
, it indicates that access is to be allowed independent of authentication state and identity. When
the array contains the names of one or more roles, it indicates that access is contingent on membership in at least
one of the named roles (independent of the value of getEmptyRoleSemantic()
).