本文整理汇总了Java中javax.annotation.security.DenyAll类的典型用法代码示例。如果您正苦于以下问题:Java DenyAll类的具体用法?Java DenyAll怎么用?Java DenyAll使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
DenyAll类属于javax.annotation.security包,在下文中一共展示了DenyAll类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: isAccessGranted
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@Override
public boolean isAccessGranted(UI ui, String beanName) {
if (applicationContext.findAnnotationOnBean(beanName, DenyAll.class) != null) {
// DenyAll (no authentication required)
return false;
}
if (applicationContext.findAnnotationOnBean(beanName, PermitAll.class) != null) {
// PermitAll (no authentication required)
return true;
}
// RolesAllowed - authentication required
RolesAllowed ra = applicationContext.findAnnotationOnBean(beanName, RolesAllowed.class);
if (ra != null) {
// check authentication
final AuthContext authContext = AuthContext.getCurrent()
.orElseThrow(() -> new IllegalStateException("No AuthContext available as Context resource: "
+ "failed to validate RolesAllowed security annotation on View bean name [" + beanName
+ "]"));
if (!authContext.getAuthentication().isPresent()) {
// not authenticated
return false;
}
// check permissions
if (ra.value().length > 0) {
// for empty roles names, no role is required, only authentication
if (!authContext.isPermittedAny(ra.value())) {
// no roles matches (with ANY semantic)
return false;
}
}
}
return true;
}
示例2: permitted
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@Override
public boolean permitted(SecurityContext securityCtx) {
if (this.annotation.annotationType() == DenyAll.class) {
return false;
}
if (this.annotation.annotationType() == PermitAll.class) { // XXX needed?
return true;
}
if (this.annotation.annotationType() == RolesAllowed.class) {
final String[] roles = ((RolesAllowed) this.annotation).value();
for (String role : roles) {
if (securityCtx.isUserInRole(role)) {
return true;
}
}
}
return false;
}
示例3: configure
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@Override
public void configure(ResourceInfo resourceInfo, FeatureContext context) {
final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
final Annotation[][] parameterAnnotations = am.getParameterAnnotations();
//@DenyAll shouldn't be attached to classes
final boolean annotationOnClass = (resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class) != null) ||
(resourceInfo.getResourceClass().getAnnotation(PermitAll.class) != null);
final boolean annotationOnMethod = am.isAnnotationPresent(RolesAllowed.class) || am.isAnnotationPresent(DenyAll.class) ||
am.isAnnotationPresent(PermitAll.class);
if (annotationOnClass || annotationOnMethod) {
context.register(filterClass);
} else {
for (Annotation[] annotations : parameterAnnotations) {
for (Annotation annotation : annotations) {
if (annotation instanceof Auth) {
context.register(filterClass);
return;
}
}
}
}
}
示例4: getAuthAnnotation
import javax.annotation.security.DenyAll; //导入依赖的package包/类
private Annotation getAuthAnnotation( AnnotatedElement element )
{
Annotation ann = element.getAnnotation( DenyAll.class );
if ( ann == null )
{
ann = element.getAnnotation( RolesAllowed.class );
}
if ( ann == null )
{
ann = element.getAnnotation( PermitAll.class );
}
if ( ann == null )
{
ann = element.getAnnotation( RelationCredibility.class );
}
return ann;
}
示例5: configure
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@Override
public void configure(ResourceInfo resourceInfo, FeatureContext context) {
final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
final Annotation[][] parameterAnnotations = am.getParameterAnnotations();
if (am.isAnnotationPresent(RolesAllowed.class) || am.isAnnotationPresent(DenyAll.class) ||
am.isAnnotationPresent(PermitAll.class)) {
context.register(authFilter);
} else {
for (Annotation[] annotations : parameterAnnotations) {
for (Annotation annotation : annotations) {
if (annotation instanceof Auth) {
context.register(authFilter);
return;
}
}
}
}
}
示例6: checkConflictingSecurityAnnotations
import javax.annotation.security.DenyAll; //导入依赖的package包/类
/**
* Validation
* <p/>
* Conflicting use of @RolesAllowed, @PermitAll, and @DenyAll
*
* @param method
* @param ejbName
* @param ejbModule
* @param seen
*/
private void checkConflictingSecurityAnnotations(final Annotated<Method> method, final String ejbName, final EjbModule ejbModule, final List<Method> seen) {
if (seen.contains(method.get())) {
return;
} else {
seen.add(method.get());
}
final List<String> annotations = new ArrayList<String>();
for (final Class<? extends Annotation> annotation : Arrays.asList(RolesAllowed.class, PermitAll.class, DenyAll.class)) {
if (method.getAnnotation(annotation) != null) {
annotations.add("@" + annotation.getSimpleName());
}
}
if (annotations.size() > 1) {
ejbModule.getValidation().fail(ejbName, "conflictingSecurityAnnotations", method.get().getName(), Join.join(" and ", annotations), method.get().getDeclaringClass());
}
}
示例7: nobody
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@GET
@Path("/nobody")
@Produces(MediaType.TEXT_PLAIN)
@DenyAll()
public String nobody() {
return "nobody";
}
示例8: prv
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@DenyAll
@GET
@Path("prv")
@Produces(MediaType.TEXT_PLAIN)
public String prv() {
return "Denied";
}
示例9: checkSecurity
import javax.annotation.security.DenyAll; //导入依赖的package包/类
private void checkSecurity(final MinijaxRequestContext context) {
final Annotation a = context.getResourceMethod().getSecurityAnnotation();
if (a == null) {
return;
}
final Class<?> c = a.annotationType();
if (c == PermitAll.class) {
return;
}
if (c == DenyAll.class) {
throw new ForbiddenException();
}
if (c == RolesAllowed.class) {
final SecurityContext security = context.getSecurityContext();
if (security == null || security.getUserPrincipal() == null) {
throw new NotAuthorizedException(Response.status(Status.UNAUTHORIZED).build());
}
boolean found = false;
for (final String role : ((RolesAllowed) a).value()) {
if (security.isUserInRole(role)) {
found = true;
break;
}
}
if (!found) {
throw new ForbiddenException();
}
}
}
示例10: findSecurityAnnotation
import javax.annotation.security.DenyAll; //导入依赖的package包/类
private static Annotation findSecurityAnnotation(final Annotation[] annotations) {
for (final Annotation a : annotations) {
final Class<?> c = a.annotationType();
if (c == PermitAll.class || c == DenyAll.class || c == RolesAllowed.class) {
return a;
}
}
return null;
}
示例11: permissionCheckAnnotationPresent
import javax.annotation.security.DenyAll; //导入依赖的package包/类
/**
* Check if all relevant methods in use case implementations have permission checks i.e. {@link RolesAllowed},
* {@link DenyAll} or {@link PermitAll} annotation is applied. This is only checked for methods that are declared in
* the corresponding interface and thus have the {@link Override} annotations applied.
*/
@Test
public void permissionCheckAnnotationPresent() {
String packageName = "com.cap.jumpthequeue";
Filter<String> filter = new Filter<String>() {
@Override
public boolean accept(String value) {
return value.contains(".logic.impl.usecase.Uc") && value.endsWith("Impl");
}
};
ReflectionUtil ru = ReflectionUtilImpl.getInstance();
Set<String> classNames = ru.findClassNames(packageName, true, filter);
Set<Class<?>> classes = ru.loadClasses(classNames);
SoftAssertions assertions = new SoftAssertions();
for (Class<?> clazz : classes) {
Method[] methods = clazz.getDeclaredMethods();
for (Method method : methods) {
Method parentMethod = ru.getParentMethod(method);
if (parentMethod != null) {
Class<?> declaringClass = parentMethod.getDeclaringClass();
if (declaringClass.isInterface() && declaringClass.getSimpleName().startsWith("Uc")) {
boolean hasAnnotation = false;
if (method.getAnnotation(RolesAllowed.class) != null || method.getAnnotation(DenyAll.class) != null
|| method.getAnnotation(PermitAll.class) != null) {
hasAnnotation = true;
}
assertions.assertThat(hasAnnotation)
.as("Method " + method.getName() + " in Class " + clazz.getSimpleName() + " is missing access control")
.isTrue();
}
}
}
}
assertions.assertAll();
}
示例12: SecurityAnnotationMatcher
import javax.annotation.security.DenyAll; //导入依赖的package包/类
public SecurityAnnotationMatcher(Annotation annotation) {
if (annotation.annotationType() != PermitAll.class &&
annotation.annotationType() != DenyAll.class &&
annotation.annotationType() != RolesAllowed.class)
{
throw new IllegalArgumentException("Not supported! [" + annotation + "]");
}
this.annotation = annotation;
}
示例13: denyAll
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@Test
public void denyAll() {
this.builder.denyAll();
assertTrue(getFrameMatchers().isEmpty());
assertEquals(1, getSecurityMatchers().size());
SecurityAnnotationMatcher matcher = (SecurityAnnotationMatcher) getSecurityMatchers().get(0);
assertTrue(DenyAll.class.isAssignableFrom(ReflectionUtil.get(matcher, "annotation").getClass()));
}
示例14: test
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@Override
public boolean test(Scope scope) {
AnnotatedMethod am = new AnnotatedMethod(scope.getInvokedMethod());
// DenyAll on the method take precedence over RolesAllowed and PermitAll
if (am.isAnnotationPresent(DenyAll.class)) {
return false;
}
// RolesAllowed on the method takes precedence over PermitAll
RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
if (ra != null) {
return checkRoles(ra.value());
}
// PermitAll takes precedence over RolesAllowed on the class
if (am.isAnnotationPresent(PermitAll.class)) {
// Do nothing.
return true;
}
// DenyAll can't be attached to classes
// RolesAllowed on the class takes precedence over PermitAll
ra = scope.getInvokedClass().getAnnotation(RolesAllowed.class);
if (ra != null) {
return checkRoles(ra.value());
}
return true;
}
示例15: denyAllEndpoint
import javax.annotation.security.DenyAll; //导入依赖的package包/类
@GET
@Path("/denyAllEndpoint")
@DenyAll
public Response denyAllEndpoint() throws Exception {
Response.ResponseBuilder responseBuilder = Response.ok();
return responseBuilder.build();
}