| 
 | J2EE1.4 SDK | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectjava.security.Permission
javax.security.jacc.WebResourcePermission
Class for Servlet web resource permissions. A WebResourcePermission is a named permission and has actions.
The name of a WebResourcePermission (also referred to as the target name) identifies the Web resources to which the permission pertains.
Implementations of this class MAY implement newPermissionCollection or inherit its implementation from the super class.
Permission, 
Serialized Form| Constructor Summary | |
| WebResourcePermission(HttpServletRequest request)Creates a new WebResourcePermission from the HttpServletRequest object. | |
| WebResourcePermission(java.lang.String name,
                      java.lang.String actions)Creates a new WebResourcePermission with the specified name and actions. | |
| WebResourcePermission(java.lang.String urlPatternSpec,
                      java.lang.String[] HTTPMethods)Creates a new WebResourcePermission with name corresponding to the URLPatternSpec, and actions composed from the array of HTTP methods. | |
| Method Summary | |
|  boolean | equals(java.lang.Object o)Checks two WebResourcePermission objects for equality. | 
|  java.lang.String | getActions()Returns a canonical String representation of the actions of this WebResourcePermission. | 
|  int | hashCode()Returns the hash code value for this WebResourcePermission. | 
|  boolean | implies(java.security.Permission permission)Determines if the argument Permission is "implied by" this WebResourcePermission. | 
| Methods inherited from class java.security.Permission | 
| checkGuard, getName, newPermissionCollection, toString | 
| Methods inherited from class java.lang.Object | 
| clone, finalize, getClass, notify, notifyAll, wait, wait, wait | 
| Constructor Detail | 
public WebResourcePermission(java.lang.String name,
                             java.lang.String actions)
The name contains a URLPatternSpec that identifies the web resources to which the permissions applies. The syntax of a URLPatternSpec is as follows:
          URLPatternList ::= URLPattern | URLPatternList colon URLPattern
          URLPatternSpec ::= null | URLPattern | URLPattern colon URLPatternList
 A null URLPatternSpec is translated to the default URLPattern, "/", by the permission constructor. The empty string is an exact URLPattern, and may occur anywhere in a URLPatternSpec that an exact URLPattern may occur. The first URLPattern in a URLPatternSpec may be any of the pattern types, exact, path-prefix, extension, or default as defined in the Java Servlet Specification). When a URLPatternSpec includes a URLPatternList, the patterns of the URLPatternList identify the resources to which the permission does NOT apply and depend on the pattern type and value of the first pattern as follows:
The actions parameter contains a comma seperated list of HTTP methods. The syntax of the actions parameter is defined as follows:
          HTTPMethod ::= "GET" | "POST" | "PUT" | "DELETE" | "HEAD" |
                   "OPTIONS" | "TRACE"
          
          HTTPMethodList ::= HTTPMethod | HTTPMethodList comma HTTPMethod
 
          HTTPMethodSpec ::= null | HTTPMethodList
 If duplicates occur in the HTTPMethodSpec they must be eliminated by the permission constructor.
A null or empty string HTTPMethodSpec indicates that the permission applies to all HTTP methods at the resources identified by the URL pattern.
name - the URLPatternSpec that identifies the application 
 specific web resources to which the permission pertains. 
 All URLPatterns in the URLPatternSpec are relative to the context path
 of the deployed web application module, and the same URLPattern must not
 occur more than once in a URLPatternSpec. A null URLPatternSpec is 
 translated to the default URLPattern, "/", by the permission constructor.
 actions - identifies the HTTP methods to which the permission
 pertains. If the value passed through this parameter is null or
 the empty string, then the permission is constructed with
 actions corresponding to all the possible HTTP methods.
public WebResourcePermission(java.lang.String urlPatternSpec,
                             java.lang.String[] HTTPMethods)
urlPatternSpec - the URLPatternSpec that identifies the 
 application specific web resources to which the permission pertains.
 All URLPatterns in the URLPatternSpec are relative to the context path
 of the deployed web application module, and the same URLPattern must not
 occur more than once in a URLPatternSpec. A null URLPatternSpec is 
 translated to the default URLPattern, "/", by the permission constructor.
 HTTPMethods - an array of strings each element of which contains
 the value of an HTTP method. If the value passed through this
 parameter is null or is an array with no elements, then the permission
 is constructed with actions corresponding to all the possible HTTP
 methods.public WebResourcePermission(HttpServletRequest request)
request - the HttpServletRequest object corresponding
 to the Servlet operation to which the permission pertains.
 The permission name is the substring of the requestURI 
 (HttpServletRequest.getRequestURI()) that begins after the contextPath
 (HttpServletRequest.getContextPath()). When the substring operation
 yields the string "/", the permission is constructed with the empty
 string as its name. The permission's actions field is obtained from 
 HttpServletRequest.getMethod().| Method Detail | 
public boolean equals(java.lang.Object o)
Two Permission objects, P1 and P2, are equivalent if and only if P1.implies(P2) && P2.implies(P1).
o - the WebResourcePermission object being tested for equality
 with this WebResourcePermission.
 
public java.lang.String getActions()
public int hashCode()
public boolean implies(java.security.Permission permission)
URLPattern matching is performed using the Servlet matching rules where two URL patterns match if they are related as follows:
All of the comparisons described above are case sensitive.
permission - "this" WebResourcePermission is checked to see if
 it implies the argument permission.
 
| 
 | J2EE1.4 SDK | |||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
Copyright 2003 Sun Microsystems, Inc. All rights reserved.