Class SecurityHandler.PathMapped

java.lang.Object
org.eclipse.jetty.util.component.AbstractLifeCycle
org.eclipse.jetty.util.component.ContainerLifeCycle
org.eclipse.jetty.server.Handler.Abstract
org.eclipse.jetty.server.Handler.AbstractContainer
org.eclipse.jetty.server.Handler.Wrapper
org.eclipse.jetty.security.SecurityHandler
org.eclipse.jetty.security.SecurityHandler.PathMapped
All Implemented Interfaces:
Comparator<org.eclipse.jetty.http.pathmap.PathSpec>, Authenticator.Configuration, org.eclipse.jetty.server.Handler, org.eclipse.jetty.server.Handler.Container, org.eclipse.jetty.server.Handler.Singleton, org.eclipse.jetty.server.Request.Handler, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.LifeCycle, org.eclipse.jetty.util.thread.Invocable
Enclosing class:
SecurityHandler
public static class SecurityHandler.PathMapped extends SecurityHandler implements Comparator<org.eclipse.jetty.http.pathmap.PathSpec>

A concrete implementation of SecurityHandler that uses a PathMappings to match request to a list of Constraints, which are applied in the order of least significant to most significant.

An example of using this class is: 

SecurityHandler.PathMapped handler = new SecurityHandler.PathMapped();
handler.put("/*", Constraint.combine(Constraint.FORBIDDEN, Constraint.SECURE_TRANSPORT));
handler.put("", Constraint.ALLOWED);
handler.put("/login", Constraint.ALLOWED);
handler.put("*.png", Constraint.ANY_TRANSPORT);
handler.put("/admin/*", Constraint.from("admin", "operator"));
handler.put("/admin/super/*", Constraint.from("operator"));
handler.put("/user/*", Constraint.ANY_USER);
handler.put("*.xml", Constraint.FORBIDDEN);

When getConstraint(String, Request) is called, any matching constraints are sorted into least to most significant with compare(PathSpec, PathSpec), resulting in the order in which Constraint.combine(Constraint, Constraint) will be applied. For example:

If there is no match for the request path, then the constraint is assumed to be Constraint.ALLOWED.

It is therefore good practice to always explicitly configure a constraint for path /* or /.

  • Nested Class Summary

    Nested classes/interfaces inherited from class SecurityHandler

    SecurityHandler.NotChecked, SecurityHandler.PathMapped, SecurityHandler.PathMethodMapped

    Nested classes/interfaces inherited from class org.eclipse.jetty.server.Handler.Abstract

    org.eclipse.jetty.server.Handler.Abstract.NonBlocking

    Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener, org.eclipse.jetty.util.component.AbstractLifeCycle.StopException

    Nested classes/interfaces inherited from interface Authenticator.Configuration

    Authenticator.Configuration.Wrapper

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

    org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

    org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.Dumpable.DumpAppendable

    Nested classes/interfaces inherited from interface org.eclipse.jetty.server.Handler

    org.eclipse.jetty.server.Handler.Abstract, org.eclipse.jetty.server.Handler.AbstractContainer, org.eclipse.jetty.server.Handler.Collection, org.eclipse.jetty.server.Handler.Container, org.eclipse.jetty.server.Handler.Sequence, org.eclipse.jetty.server.Handler.Singleton, org.eclipse.jetty.server.Handler.Wrapper

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.thread.Invocable

    org.eclipse.jetty.util.thread.Invocable.Callable, org.eclipse.jetty.util.thread.Invocable.InvocationType, org.eclipse.jetty.util.thread.Invocable.ReadyTask, org.eclipse.jetty.util.thread.Invocable.Task

    Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

    org.eclipse.jetty.util.component.LifeCycle.Listener

    Nested classes/interfaces inherited from interface org.eclipse.jetty.server.Request.Handler

    org.eclipse.jetty.server.Request.Handler.AbortException

  • Field Summary

    Fields inherited from class SecurityHandler

    SESSION_AUTHENTICATED_ATTRIBUTE

    Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    FAILED, STARTED, STARTING, STOPPED, STOPPING

    Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

    LEGEND

    Fields inherited from interface org.eclipse.jetty.util.thread.Invocable

    __nonBlocking, NOOP

  • Constructor Summary

    Constructors
    Constructor
    Description
    PathMapped()
     
    PathMapped(org.eclipse.jetty.server.Handler handler)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    int
    compare(org.eclipse.jetty.http.pathmap.PathSpec ps1, org.eclipse.jetty.http.pathmap.PathSpec ps2)
    Comparator method to sort paths from least specific to most specific.
    Constraint
    get(org.eclipse.jetty.http.pathmap.PathSpec pathSpec)
     
    protected Constraint
    getConstraint(String pathInContext, org.eclipse.jetty.server.Request request)
     
    protected Set<String>
    getKnownRoles()
     
    protected int
    pathSpecGroupPrecedence(org.eclipse.jetty.http.pathmap.PathSpecGroup group)
    Get the relative precedence of a PathSpecGroup used by compare(MappedResource, MappedResource) to sort Constraints.
    Constraint
    put(String pathSpec, Constraint constraint)
    Associates the specified request path pattern with the specified Constraint.
    Constraint
    put(org.eclipse.jetty.http.pathmap.PathSpec pathSpec, Constraint constraint)
    Associates the specified request path pattern with the specified Constraint.
    Constraint
    remove(org.eclipse.jetty.http.pathmap.PathSpec pathSpec)
     

    Methods inherited from class SecurityHandler

    doStart, doStop, findIdentityService, findLoginService, getAuthenticationType, getAuthenticator, getAuthenticatorFactory, getCurrentSecurityHandler, getIdentityService, getKnownAuthenticatorFactories, getLoginService, getParameter, getParameterNames, getRealmName, getSessionMaxInactiveIntervalOnAuthentication, handle, isAuthorized, isSessionRenewedOnAuthentication, redirectToSecure, setAuthenticationType, setAuthenticator, setAuthenticatorFactory, setIdentityService, setLoginService, setParameter, setRealmName, setSessionMaxInactiveIntervalOnAuthentication, setSessionRenewedOnAuthentication

    Methods inherited from class org.eclipse.jetty.server.Handler.Wrapper

    getHandler, getInvocationType, setHandler

    Methods inherited from class org.eclipse.jetty.server.Handler.AbstractContainer

    findContainerOf, getDescendant, getDescendants, isDynamic, setDynamic, setServer

    Methods inherited from class org.eclipse.jetty.server.Handler.Abstract

    destroy, getServer

    Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

    addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dumpObjects, dumpStdErr, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, installBean, installBean, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, start, stop, unmanage, updateBean, updateBean, updateBeans, updateBeans

    Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

    getEventListeners, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, setEventListeners, start, stop, toString

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface Comparator

    equals, reversed, thenComparing, thenComparing, thenComparing, thenComparingDouble, thenComparingInt, thenComparingLong

    Methods inherited from interface org.eclipse.jetty.util.component.Container

    getCachedBeans, getEventListeners

    Methods inherited from interface org.eclipse.jetty.util.component.Destroyable

    destroy

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

    dumpSelf

    Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

    isDumpable

    Methods inherited from interface org.eclipse.jetty.server.Handler

    getServer, setServer

    Methods inherited from interface org.eclipse.jetty.server.Handler.Container

    getContainer, getDescendant, getDescendants, getDescendants

    Methods inherited from interface org.eclipse.jetty.server.Handler.Singleton

    getHandlers, getTail, insertHandler, setHandler

    Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

    addEventListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeEventListener, start, stop

  • Constructor Details

    • PathMapped

      public PathMapped()

    • PathMapped

      public PathMapped(org.eclipse.jetty.server.Handler handler)

  • Method Details

    • put

      public Constraint put(String pathSpec, Constraint constraint)

      Associates the specified request path pattern with the specified Constraint.

      Parameters:
      pathSpec - the request path pattern to match
      constraint - the associated Constraint
      Returns:
      the previous Constraint associated with the request path pattern, or null if there was no previous association

    • put

      public Constraint put(org.eclipse.jetty.http.pathmap.PathSpec pathSpec, Constraint constraint)

      Associates the specified request path pattern with the specified Constraint.

      Parameters:
      pathSpec - the request path pattern to match
      constraint - the associated Constraint
      Returns:
      the previous Constraint associated with the request path pattern, or null if there was no previous association

    • get

      public Constraint get(org.eclipse.jetty.http.pathmap.PathSpec pathSpec)

    • remove

      public Constraint remove(org.eclipse.jetty.http.pathmap.PathSpec pathSpec)

    • getConstraint

      protected Constraint getConstraint(String pathInContext, org.eclipse.jetty.server.Request request)
      Specified by:
      getConstraint in class SecurityHandler

    • compare

      public int compare(org.eclipse.jetty.http.pathmap.PathSpec ps1, org.eclipse.jetty.http.pathmap.PathSpec ps2)
      Comparator method to sort paths from least specific to most specific. Using the pathSpecGroupPrecedence(PathSpecGroup) to rank different groups and PathSpec.getSpecLength() to rank within a group. This method may be overridden to provide different precedence between constraints.
      Specified by:
      compare in interface Comparator<org.eclipse.jetty.http.pathmap.PathSpec>
      Parameters:
      ps1 - the first PathSpec to be compared.
      ps2 - the second PathSpec to be compared.
      Returns:
      -1, 0 or 1

    • pathSpecGroupPrecedence

      protected int pathSpecGroupPrecedence(org.eclipse.jetty.http.pathmap.PathSpecGroup group)
      Get the relative precedence of a PathSpecGroup used by compare(MappedResource, MappedResource) to sort Constraints. The precedence from most significant to least is:
      • PathSpecGroup.EXACT
      • PathSpecGroup.ROOT
      • PathSpecGroup.SUFFIX_GLOB
      • PathSpecGroup.MIDDLE_GLOB
      • PathSpecGroup.PREFIX_GLOB
      • PathSpecGroup.DEFAULT
      Parameters:
      group - The group to rank.
      Returns:
      An integer representing relative precedence between PathSpecGroups.

    • getKnownRoles

      protected Set<String> getKnownRoles()
      Overrides:
      getKnownRoles in class SecurityHandler