KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > enterprise > security > Audit


1 /*
2  * The contents of this file are subject to the terms
3  * of the Common Development and Distribution License
4  * (the License). You may not use this file except in
5  * compliance with the License.
6  *
7  * You can obtain a copy of the license at
8  * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9  * glassfish/bootstrap/legal/CDDLv1.0.txt.
10  * See the License for the specific language governing
11  * permissions and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL
14  * Header Notice in each file and include the License file
15  * at glassfish/bootstrap/legal/CDDLv1.0.txt.
16  * If applicable, add the following below the CDDL Header,
17  * with the fields enclosed by brackets [] replaced by
18  * you own identifying information:
19  * "Portions Copyrighted [year] [name of copyright owner]"
20  *
21  * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22  */
23
24 package com.sun.enterprise.security;
25
26 import java.util.*;
27 import java.lang.reflect.*;
28
29 import java.util.logging.Logger JavaDoc;
30 import java.util.logging.Level JavaDoc;
31 import java.security.Principal JavaDoc;
32
33 import com.sun.enterprise.config.serverbeans.Server;
34 import com.sun.enterprise.config.serverbeans.SecurityService;
35 import com.sun.enterprise.config.serverbeans.ServerBeansFactory;
36 import com.sun.enterprise.config.ConfigContext;
37 import com.sun.enterprise.server.ApplicationServer;
38
39 import com.sun.logging.LogDomains;
40 import org.apache.catalina.HttpRequest;
41
42 import com.sun.enterprise.deployment.Application;
43 import com.sun.enterprise.deployment.EjbBundleDescriptor;
44 import com.sun.enterprise.deployment.EjbDescriptor;
45 import com.sun.enterprise.deployment.MethodPermission;
46 import com.sun.enterprise.deployment.MethodDescriptor;
47 import com.sun.enterprise.deployment.RunAsIdentityDescriptor;
48 import com.sun.enterprise.deployment.EjbIORConfigurationDescriptor;
49 import com.sun.enterprise.deployment.WebBundleDescriptor;
50 import com.sun.enterprise.deployment.SecurityConstraintImpl;
51 import com.sun.enterprise.deployment.AuthorizationConstraintImpl;
52 import com.sun.enterprise.deployment.WebResourceCollectionImpl;
53 import com.sun.enterprise.deployment.web.LoginConfiguration;
54 import com.sun.enterprise.deployment.web.UserDataConstraint;
55 import com.sun.enterprise.deployment.web.SecurityRole;
56 import com.sun.enterprise.deployment.WebComponentDescriptor;
57 import com.sun.ejb.containers.EJBLocalRemoteObject;
58 import com.sun.enterprise.security.SecurityContext;
59
60 import com.sun.enterprise.deployment.Role;
61 import com.sun.enterprise.deployment.interfaces.SecurityRoleMapper;
62 import javax.servlet.http.HttpServletRequest JavaDoc;
63
64 import com.sun.appserv.security.AuditModule;
65
66 /**
67  * Audit support class.
68  *
69  * <P>This class provides convenience methods for producing audit output.
70  * Audit output is logged using the standard iAS logger SECURITYLOGGER.
71  * However, audit output is only produced if auditing is active. Auditing
72  * is configured in server.xml in the security-service element.
73  *
74  * <P>Audit output if logged with Level.WARNING.
75  *
76  * <P>Some diagnostic methods are also provided for debugging.
77  *
78  */
79 public class Audit extends AuditModule
80 {
81     private static final String JavaDoc AUDIT_ON = "auditOn";
82     private static boolean auditFlag = false;
83     private static Logger JavaDoc logger =
84         LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
85     /*
86     private static String strPrivateAudit = null;
87     private static String strDenied = null;
88     private static String strOK = null;
89     private static String strMethodName = null;
90     private static String strSession = null;
91     */
92     
93     /**
94      * Check auditing state.
95      *
96      * @returns True if auditing is active currently.
97      *
98      */
99     public static boolean isActive()
100     {
101         return auditFlag;
102     }
103
104     public void init(Properties props) {
105         super.init(props);
106         String JavaDoc audit = props.getProperty(AUDIT_ON);
107         auditFlag = (audit == null)?false: Boolean.valueOf(audit).booleanValue();
108     }
109     
110     /**
111      * Invoked post authentication request for a user in a given realm
112      * @param user username for whom the authentication request was made
113      * @param realm the realm name under which the user is authenticated.
114      * @param success the status of the authentication
115      */
116     public void authentication(String JavaDoc user, String JavaDoc realm, boolean success) {
117         if (auditFlag) {
118             StringBuffer JavaDoc sbuf = new StringBuffer JavaDoc("Audit: Authentication for user = (");
119             sbuf.append(user);
120             sbuf.append(") under realm = (");
121             sbuf.append(realm).append(") returned = ").append(success);
122             logger.log(Level.INFO, sbuf.toString());
123         }
124     }
125     
126     /**
127      * Invoked post web authorization request.
128      * @param user the username for whom the authorization was performed
129      * @param req the HttpRequest object for the web request
130      * @param type either hasResourcePermission, hasUserDataPermission or
131      * hasRoleRefPermission
132      * @param success the status of the web authorization request
133      */
134     public void webInvocation(String JavaDoc user, HttpServletRequest JavaDoc req,
135             String JavaDoc type, boolean success)
136     {
137         if (auditFlag){
138             StringBuilder JavaDoc sbuf = new StringBuilder JavaDoc("Audit: [Web] Authorization for user = (");
139             sbuf.append(user).append(") and permission type = (").append(type).append(") for request ");
140             sbuf.append(req.getMethod()).append(" ").append(req.getRequestURI()).append(" returned =").append(success);
141             logger.log(Level.INFO, sbuf.toString());
142         }
143     }
144     /**
145      * Invoked post ejb authorization request.
146      * @param user the username for whom the authorization was performed
147      * @param ejb the ejb name for which this authorization was performed
148      * @param method the method name for which this authorization was performed
149      * @param success the status of the ejb authorization request
150      */
151     public void ejbInvocation(String JavaDoc user, String JavaDoc ejb, String JavaDoc method, boolean success) {
152         if(auditFlag){
153             // Modified from StringBuffer to StringBuilder
154 StringBuilder JavaDoc sbuf = new StringBuilder JavaDoc("Audit: [EJB] Authorization for user =");
155             sbuf.append(user).append(" for ejb = (");
156             sbuf.append(ejb).append(") method = (").append(method).append(") returned =").append(success);
157             logger.log(Level.INFO, sbuf.toString());
158         }
159     }
160
161     /**
162      * Invoked post ejb authorization request.
163      * @param user the username for whom the authorization was performed
164      * @param ejb the ejb name for which this authorization was performed
165      * @param method the method name for which this authorization was performed
166      * @param success the status of the ejb authorization request
167      */
168
169     /**
170      * Invoked during validation of the web service request
171      * @param uri The URL representation of the web service endpoint
172      * @param endpoint The name of the endpoint representation
173      * @param success the status of the web service request validation
174      */
175     public void webServiceInvocation(String JavaDoc uri, String JavaDoc endpoint, boolean success) {
176
177         if(auditFlag){
178             StringBuilder JavaDoc sbuf = new StringBuilder JavaDoc("Audit: [WebService] ");
179             sbuf.append("uri: ").append(uri);
180             sbuf.append("endpoint: ").append(endpoint);
181             sbuf.append(", valid request =").append(success);
182             logger.log(Level.INFO, sbuf.toString());
183         }
184     }
185
186
187     /**
188      * Invoked during validation of the web service request
189      * @param endpoint The URL representation of the web service endpoint
190      * @param success the status of the web service request validation
191      */
192     public void ejbAsWebServiceInvocation(String JavaDoc endpoint, boolean success) {
193
194         if(auditFlag){
195             StringBuilder JavaDoc sbuf = new StringBuilder JavaDoc("Audit: [EjbAsWebService] ");
196             sbuf.append("endpoint : ").append(endpoint).append(", valid request =").append(success);
197             logger.log(Level.INFO, sbuf.toString());
198         }
199     }
200
201
202     /**
203      * Invoked upon completion of the server startup
204      */
205     public void serverStarted() {
206         if(auditFlag){
207             logger.log(Level.INFO, "Audit: Application server startup complete");
208         }
209     }
210
211     /**
212      * Invoked upon completion of the server shutdown
213      */
214     public void serverShutdown() {
215         if(auditFlag){
216             logger.log(Level.INFO, "Audit: Application server shutdown complete");
217         }
218     }
219
220     /**
221      * Initialize auditing. This reads the server.xml configuration to
222      * determine whether audit is turned on or off.
223      *
224      */
225     /*
226     public static void init()
227     {
228         try {
229             ConfigContext configContext =
230                 ApplicationServer.getServerContext().getConfigContext();
231             assert(configContext != null);
232
233             Server configBean =
234                 ServerBeansFactory.getServerBean(configContext);
235             assert(configBean != null);
236
237             SecurityService securityBean =
238                 ServerBeansFactory.getSecurityServiceBean(configContext);
239             assert(securityBean != null);
240
241             auditFlag = securityBean.isAuditEnabled();
242             
243         } catch (Exception e) {
244             logger.log(Level.WARNING, "audit.badinit", e);
245         }
246
247         if (auditFlag) {
248             logger.info("audit.enabled");
249         }
250
251                                 // load i18n message bits for audit entries
252         ResourceBundle resBundle = logger.getResourceBundle();
253         strPrivateAudit = resBundle.getString("audit.string_private_audit");
254         strDenied = " " + resBundle.getString("audit.denied");
255         strOK = " " + resBundle.getString("audit.ok");
256         strMethodName = " " + resBundle.getString("audit.methodname");
257         strSession = " " + resBundle.getString("audit.session");
258     }
259
260 */
261     /**
262      * Log an EJB method invocation.
263      *
264      * @param user Effective user for the invocation.
265      * @param ejb EJB name.
266      * @param method Method name.
267      * @param success True if the invocation was allowed, false if denied.
268      *
269      */
270 /*
271     public static void ejbMethodInvocation(SecurityContext secCtx,
272                                            EJBLocalRemoteObject ejbObj,
273                                            Method method,
274                                            boolean success)
275     {
276         if (!logger.isLoggable(Level.INFO)) {
277             return;
278         }
279         
280         String user = "(null)";
281         if (secCtx != null) {
282             Principal p = secCtx.getCallerPrincipal();
283             if (p!=null) {
284                 user = p.getName();
285             }
286         }
287
288         String ejb = "(N/A)";
289         if (ejbObj != null) {
290             ejb = ejbObj.toString();
291         }
292
293         String meth = "(N/A)";
294         if (method != null) {
295             meth = method.toString();
296         }
297         
298         StringBuffer sb = new StringBuffer();
299         sb.append(strPrivateAudit); // "Audit: principal="
300         
301         if(user != null) {
302             sb.append(user);
303         } else {
304             sb.append("(null)");
305         }
306
307         sb.append(" ejb=");
308         sb.append(ejb);
309         sb.append(strMethodName); // " method="
310         sb.append(method);
311         if (success) {
312             sb.append(strOK); // " OK"
313         } else {
314             sb.append(strDenied); // " DENIED"
315         }
316
317         logger.info(sb.toString());
318     }
319
320 */
321     /**
322      * Log a servlet invocation.
323      *
324      * @param req The HttpRequest.
325      * @param success True if the invocation was allowed, false if denied.
326      *
327      */
328   /*
329     public static void webInvocation(HttpRequest req, boolean success)
330     {
331         /// DO NOTHING FOR NOW.
332         //if (!logger.isLoggable(Level.INFO) || !auditFlag) {
333         // return;
334         //}
335                 
336         //if (req == null) {
337         // logger.fine("Audit: No HttpRequest available.");
338         // return;
339         //}
340         
341         //if (!(req instanceof HttpRequestBase)) {
342         // logger.fine("Audit internal error, class: " + req.getClass());
343         // return;
344         //}
345
346         //HttpRequestBase reqs = (HttpRequestBase)req;
347         
348         //StringBuffer sb = new StringBuffer();
349         //sb.append(strPrivateAudit); // "Audit: principal="
350         
351         //String user = reqs.getRemoteUser();
352         //if (user != null) {
353         // sb.append(user);
354         //} else {
355         // sb.append("(null)");
356         //}
357
358         //sb.append(" ");
359         //sb.append(reqs.getMethod());
360         //sb.append(" ");
361         //sb.append(reqs.getRequestURI());
362         //sb.append(strSession); // " session="
363         //sb.append(reqs.getRequestedSessionId());
364         //if (success) {
365         // sb.append(strOK); // " OK"
366         //} else {
367         // sb.append(strDenied); // " DENIED"
368         //}
369
370         //logger.info(sb.toString());
371     }
372
373     */
374     /**
375      * Diagnostic method. Read roles and ACLs from the given Application
376      * and dump a somewhat organized summary of what has been set.
377      * This can be used to diagnose deployment or runtime deployment errors
378      * as well as to help in configuring application descriptors.
379      *
380      * <P>Implementation is not particularly efficient but this is only
381      * called for debugging purposes at startup. All errors are ignored.
382      *
383      * @param app Application object to analyze.
384      *
385      */
386     public static void showACL(Application app)
387     {
388         if (!isActive() || !logger.isLoggable(Level.FINEST)) {
389             return;
390         }
391
392         try {
393             dumpDiagnostics(app);
394
395         } catch (Throwable JavaDoc e) {
396             logger.fine("Error while showing ACL diagnostics: " +
397                         e.toString());
398         }
399     }
400
401     
402     /**
403      * Do the work for showACL().
404      *
405      */
406     private static void dumpDiagnostics(Application app)
407     {
408         logger.finest("====[ Role and ACL Summary ]==========");
409         if (!app.isVirtual()) {
410             logger.finest("Summary for application: "+
411                           app.getRegistrationName());
412         } else {
413             logger.finest("Standalone module.");
414         }
415         logger.finest("EJB components: "+
416                            app.getEjbComponentCount());
417         logger.finest("Web components: " +
418                            app.getWebComponentCount());
419
420         Iterator i;
421         StringBuffer JavaDoc sb;
422         
423         // show all roles with associated group & user mappings
424 Set allRoles = app.getRoles();
425         if (allRoles == null) {
426             logger.finest("- No roles present.");
427             return;
428         }
429         SecurityRoleMapper rmap = app.getRoleMapper();
430         if (rmap == null) {
431             logger.finest("- No role mappings present.");
432             return;
433         }
434         
435         i = allRoles.iterator();
436         logger.finest("--[ Configured roles and mappings ]--");
437         HashMap allRoleMap = new HashMap();
438         
439         while (i.hasNext()) {
440             Role r = (Role)i.next();
441             logger.finest(" [" + r.getName() + "]");
442             allRoleMap.put(r.getName(), new HashSet());
443             
444             sb = new StringBuffer JavaDoc();
445             sb.append(" is mapped to groups: ");
446             Enumeration grps = rmap.getGroupsAssignedTo(r);
447             while (grps.hasMoreElements()) {
448                 sb.append(grps.nextElement());
449                 sb.append(" ");
450             }
451             logger.finest(sb.toString());
452
453             sb = new StringBuffer JavaDoc();
454             sb.append(" is mapped to principals: ");
455             Enumeration users = rmap.getUsersAssignedTo(r);
456             while (users.hasMoreElements()) {
457                 sb.append(users.nextElement());
458                 sb.append(" ");
459             }
460             logger.finest(sb.toString());
461         }
462
463         // Process all EJB modules
464
465         Set ejbDescriptorSet = app.getEjbBundleDescriptors() ;
466
467         i = ejbDescriptorSet.iterator();
468         while (i.hasNext()) {
469
470             EjbBundleDescriptor bundle = (EjbBundleDescriptor)i.next();
471
472             logger.finest("--[ EJB module: " + bundle.getName() + " ]--");
473             Set ejbs = bundle.getEjbs();
474             Iterator it = ejbs.iterator();
475             while (it.hasNext()) {
476
477                 EjbDescriptor ejb = (EjbDescriptor)it.next();
478                 logger.finest("EJB: "+ejb.getEjbClassName());
479
480                 // check and show run-as if present
481 if (!ejb.getUsesCallerIdentity()) {
482                      RunAsIdentityDescriptor runas = ejb.getRunAsIdentity();
483                      if (runas == null) {
484                          logger.finest(" (ejb does not use caller "+
485                                             "identity)");
486                      } else {
487                          String JavaDoc role = runas.getRoleName();
488                          String JavaDoc user = runas.getPrincipal();
489                          logger.finest(" Will run-as: Role: " + role +
490                                             " Principal: " + user);
491                          if (role==null || "".equals(role) ||
492                              user==null || "".equals(user)) {
493                                  if(logger.isLoggable(Level.FINEST)){
494                                     logger.finest("*** Configuration error!");
495                                  }
496                          }
497                      }
498                 }
499
500                 // iterate through available methods
501 logger.finest(" Method to Role restriction list:");
502                 Set methods = ejb.getMethodDescriptors();
503                 Iterator si = methods.iterator();
504                 
505                 while (si.hasNext()) {
506                     
507                     MethodDescriptor md = (MethodDescriptor)si.next();
508                     logger.finest(" "+md.getFormattedString());
509
510                     Set perms = ejb.getMethodPermissionsFor(md);
511                     StringBuffer JavaDoc rbuf = new StringBuffer JavaDoc();
512                     rbuf.append(" can only be invoked by: ");
513                     Iterator sip = perms.iterator();
514                     boolean unchecked=false,excluded=false,roleBased=false;
515                     
516                     while (sip.hasNext()) {
517                         MethodPermission p = (MethodPermission)sip.next();
518                         if (p.isExcluded()) {
519                             excluded=true;
520                             logger.finest(" excluded - can not "+
521                                                "be invoked");
522                         } else if (p.isUnchecked()) {
523                             unchecked=true;
524                             logger.finest(" unchecked - can be "+
525                                                "invoked by all");
526                         } else if (p.isRoleBased()) {
527                             roleBased = true;
528                             Role r = p.getRole();
529                             rbuf.append(r.getName());
530                             rbuf.append(" ");
531                                 // add to role's accessible list
532 HashSet ram = (HashSet)allRoleMap.get(r.getName());
533                             ram.add(bundle.getName() + ":" +
534                                     ejb.getEjbClassName() + "." +
535                                     md.getFormattedString());
536                         }
537                     }
538
539                     if (roleBased) {
540                         logger.finest(rbuf.toString());
541                         if (excluded || unchecked) {
542                             logger.finest("*** Configuration error!");
543                         }
544                     } else if (unchecked) {
545                         if (excluded) {
546                             logger.finest("*** Configuration error!");
547                         }
548                         Set rks = allRoleMap.keySet();
549                         Iterator rksi = rks.iterator();
550                         while (rksi.hasNext()) {
551                             HashSet ram = (HashSet)allRoleMap.get(rksi.next());
552                             ram.add(bundle.getName() + ":" +
553                                     ejb.getEjbClassName() + "." +
554                                     md.getFormattedString());
555                         }
556                     } else if (!excluded) {
557                         logger.finest("*** Configuration error!");
558                     }
559                 }
560
561                 // IOR config for this ejb
562 logger.finest(" IOR configuration:");
563                 Set iors = ejb.getIORConfigurationDescriptors();
564                 if (iors != null) {
565                     Iterator iorsi = iors.iterator();
566                     while (iorsi.hasNext()) {
567                         EjbIORConfigurationDescriptor ior =
568                             (EjbIORConfigurationDescriptor)iorsi.next();
569                         StringBuffer JavaDoc iorsb = new StringBuffer JavaDoc();
570                         iorsb.append("realm=");
571                         iorsb.append(ior.getRealmName());
572                         iorsb.append(", integrity=");
573                         iorsb.append(ior.getIntegrity());
574                         iorsb.append(", trust-in-target=");
575                         iorsb.append(ior.getEstablishTrustInTarget());
576                         iorsb.append(", trust-in-client=");
577                         iorsb.append(ior.getEstablishTrustInClient());
578                         iorsb.append(", propagation=");
579                         iorsb.append(ior.getCallerPropagation());
580                         iorsb.append(", auth-method=");
581                         iorsb.append(ior.getAuthenticationMethod());
582                         logger.finest(iorsb.toString());
583                     }
584                 }
585             }
586         }
587
588         // show role->accessible methods list
589 logger.finest("--[ EJB methods accessible by role ]--");
590
591         Set rks = allRoleMap.keySet();
592         Iterator rksi = rks.iterator();
593         while (rksi.hasNext()) {
594             String JavaDoc roleName = (String JavaDoc)rksi.next();
595             logger.finest(" [" + roleName + "]");
596             HashSet ram = (HashSet)allRoleMap.get(roleName);
597             Iterator rami = ram.iterator();
598             while (rami.hasNext()) {
599                 String JavaDoc meth = (String JavaDoc)rami.next();
600                 logger.finest(" "+meth);
601             }
602         }
603
604         
605
606         // Process all Web modules
607
608         Set webDescriptorSet = app.getWebBundleDescriptors() ;
609
610         i = webDescriptorSet.iterator();
611         while (i.hasNext()) {
612             WebBundleDescriptor wbd = (WebBundleDescriptor)i.next();
613             logger.finest("--[ Web module: " + wbd.getContextRoot() + " ]--");
614
615             // login config
616 LoginConfiguration lconf = wbd.getLoginConfiguration();
617             if (lconf != null) {
618                 logger.finest(" Login config: realm="+
619                               lconf.getRealmName() + ", method="+
620                               lconf.getAuthenticationMethod() + ", form="+
621                               lconf.getFormLoginPage() + ", error="+
622                               lconf.getFormErrorPage());
623             }
624
625             // get WebComponentDescriptorsSet() info
626 logger.finest(" Contains components:");
627             Set webComps = wbd.getWebComponentDescriptorsSet();
628             Iterator webCompsIt = webComps.iterator();
629             while (webCompsIt.hasNext()) {
630                 WebComponentDescriptor wcd =
631                     (WebComponentDescriptor)webCompsIt.next();
632                 StringBuffer JavaDoc name = new StringBuffer JavaDoc();
633                 name.append(" - "+wcd.getCanonicalName());
634                 name.append(" [ ");
635                 Enumeration urlPs = wcd.getUrlPatterns();
636                 while (urlPs.hasMoreElements()) {
637                     name.append(urlPs.nextElement().toString());
638                     name.append(" ");
639                 }
640                 name.append("]");
641                 logger.finest(name.toString());
642                 
643                 RunAsIdentityDescriptor runas =
644                     (RunAsIdentityDescriptor)wcd.getRunAsIdentity();
645                 if (runas!=null) {
646                     String JavaDoc role = runas.getRoleName();
647                     String JavaDoc user = runas.getPrincipal();
648                     logger.finest(" Will run-as: Role: " + role +
649                                   " Principal: " + user);
650                     if (role==null || "".equals(role) ||
651                         user==null || "".equals(user)) {
652                         logger.finest("*** Configuration error!");
653                     }
654                 }
655                 
656             }
657             
658             // security constraints
659 logger.finest(" Security constraints:");
660             Enumeration scEnum = wbd.getSecurityConstraints();
661             while (scEnum.hasMoreElements()) {
662
663                 SecurityConstraintImpl sc =
664                     (SecurityConstraintImpl)scEnum.nextElement();
665
666                 Set wrcSet = sc.getWebResourceCollectionSet();
667                 Iterator wrcIt = wrcSet.iterator();
668                 while (wrcIt.hasNext()) {
669                     WebResourceCollectionImpl wrc =
670                         (WebResourceCollectionImpl)wrcIt.next();
671
672                     // show list of methods for this collection
673 Enumeration methEnum = wrc.getHttpMethods();
674                     StringBuffer JavaDoc sbm = new StringBuffer JavaDoc();
675                     while (methEnum.hasMoreElements()) {
676                         sbm.append(methEnum.nextElement());
677                         sbm.append(" ");
678                     }
679                     logger.finest(" Using method: "+sbm.toString());
680
681                     // and then list of url patterns
682 Enumeration urlEnum = wrc.getUrlPatterns();
683                     while (urlEnum.hasMoreElements()) {
684                         logger.finest(" "+
685                                       urlEnum.nextElement().toString());
686                     }
687                 } // end res.collection iterator
688
689                 // show roles which apply to above set of collections
690 AuthorizationConstraintImpl authCons =
691                  (AuthorizationConstraintImpl)sc.getAuthorizationConstraint();
692                 Enumeration rolesEnum = authCons.getSecurityRoles();
693                 StringBuffer JavaDoc rsb = new StringBuffer JavaDoc();
694                 rsb.append(" Accessible by roles: ");
695                 while (rolesEnum.hasMoreElements()) {
696                     SecurityRole sr = (SecurityRole)rolesEnum.nextElement();
697                     rsb.append(sr.getName());
698                     rsb.append(" ");
699                 }
700                 logger.finest(rsb.toString());
701
702                 // show transport guarantee
703 UserDataConstraint udc =sc.getUserDataConstraint();
704                 if (udc != null) {
705                     logger.finest(" Transport guarantee: "+
706                                   udc.getTransportGuarantee());
707                 }
708                 
709             } // end sec.constraint
710
711         } // end webDescriptorSet.iterator
712
713
714         logger.finest("======================================");
715     }
716     
717
718 }
719
Popular Tags