AuthMethod


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  package com.sun.enterprise.tools.verifier.tests.web;
24  
25  import com.sun.enterprise.tools.verifier.tests.web.WebTest;
26  import java.util.*;
27  import java.io.*;
28  import com.sun.enterprise.deployment.*;
29  import com.sun.enterprise.tools.verifier.*;
30  import com.sun.enterprise.tools.verifier.tests.*;
31  import com.sun.enterprise.util.FileClassLoader;
32  
33  
34  /** The auth-method element is used to configure the authentication mechanism 
35   * for the web application. As a prerequisite to gaining access to any web 
36   * resources which are protected by an authorization constraint, a user must 
37   * have authenticated using the configured mechanism. Legal values for this 
38   * element are "BASIC", "DIGEST", "FORM", or "CLIENT-CERT". 
39   */
40  public class AuthMethod extends WebTest implements WebCheck { 
41  
42      
43      /** The auth-method element is used to configure the authentication mechanism 
44       * for the web application. As a prerequisite to gaining access to any web 
45       * resources which are protected by an authorization constraint, a user must 
46       * have authenticated using the configured mechanism. Legal values for this 
47       * element are "BASIC", "DIGEST", "FORM", or "CLIENT-CERT". 
48       *
49       * @param descriptor the Web deployment descriptor 
50       *
51       * @return <code>Result</code> the results for this assertion
52       */
53      public Result check(WebBundleDescriptor descriptor) {
54  
55      Result result = getInitializedResult();
56      ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
57  
58      if (descriptor.getLoginConfiguration() != null) {
59          boolean foundIt = false;
60          boolean na = false;
61          String   authMethod = descriptor.getLoginConfiguration().getAuthenticationMethod();
62          if (authMethod.length() > 0) {
63          // use hard-coded strings until DOL gets updated
64          if ((authMethod.equals("BASIC")) || 
65              (authMethod.equals("FORM")) || 
66              (authMethod.equals("CLIENT-CERT")) || 
67              (authMethod.equals("DIGEST"))) {
68              foundIt = true;
69          } else {
70              foundIt = false;
71          }
72          } else {
73          na = true;
74          }
75       
76          if (foundIt) {
77          result.addGoodDetails(smh.getLocalString
78                         ("tests.componentNameConstructor",
79                          "For [ {0} ]",
80                          new Object  [] {compName.toString()}));
81                      
82          result.passed(smh.getLocalString
83                    (getClass().getName() + ".passed",
84                     "The auth-method [ {0} ] is legal value within web application [ {1} ]",
85                     new Object  [] {authMethod, descriptor.getName()}));
86          } else if (na) {
87          result.addNaDetails(smh.getLocalString
88                         ("tests.componentNameConstructor",
89                          "For [ {0} ]",
90                          new Object  [] {compName.toString()}));
91              result.notApplicable(smh.getLocalString
92               (getClass().getName() + ".notApplicable",
93                "There are no auth-method elements within the web archive [ {0} ]",
94                new Object  [] {descriptor.getName()}));
95          } else {
96          result.addErrorDetails(smh.getLocalString
97              ("tests.componentNameConstructor",
98              "For [ {0} ]",
99              new Object  [] {compName.toString()}));
100         result.failed(smh.getLocalString
101                   (getClass().getName() + ".failed",
102                    "Error: The auth-method [ {0} ] is not legal value within web application [ {1} ].  It must be either [ {2} ], [ {3} ], [ {4} ] or [ {5} ].",
103                    new Object  [] {authMethod, descriptor.getName(),"BASIC","FORM","CLIENT-CERT","DIGEST"}));
104         }
105     } else {
106         result.addNaDetails(smh.getLocalString
107                        ("tests.componentNameConstructor",
108                         "For [ {0} ]",
109                         new Object  [] {compName.toString()}));
110         result.notApplicable(smh.getLocalString
111                  (getClass().getName() + ".notApplicable",
112                   "There are no auth-method elements within the web archive [ {0} ]",
113                   new Object  [] {descriptor.getName()}));
114     }
115 
116     return result;
117     }
118 }
119
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags