Basic cleanups for core module
Signed-off-by: arjantijms <arjan.tijms@gmail.com>
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/EJBResource.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/EJBResource.java
index 3652b67..dd83be2 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/EJBResource.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/EJBResource.java
@@ -35,7 +35,7 @@
return true;
}
- if ((obj == null) || (obj.getClass() != getClass())) {
+ if (obj == null || obj.getClass() != getClass()) {
return false;
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java
index b517ff9..8296bf5 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java
@@ -106,7 +106,7 @@
if (defaultRole == null) {
defaultRoleName = DEFAULT_ROLE_NAME;
try {
- assert (secService != null);
+ assert secService != null;
defaultRoleName = secService.getAnonymousRole();
} catch (Exception e) {
_logger.log(Level.WARNING, "java_security.anonymous_role_reading_exception", e);
@@ -142,7 +142,7 @@
private void addRoleToPrincipal(final Principal principal, String role) {
assert roleToSubject != null;
Subject subject = roleToSubject.get(role);
- final Subject sub = (subject == null) ? new Subject() : subject;
+ final Subject sub = subject == null ? new Subject() : subject;
AppservAccessController.doPrivileged(new PrivilegedAction<>() {
@Override
@@ -195,7 +195,7 @@
// @return true or false depending on activation of
// the mapping via domain.xml.
boolean isDefaultRTSMActivated() {
- return (defaultP2RMappingClassName != null);
+ return defaultP2RMappingClassName != null;
}
/**
@@ -418,10 +418,9 @@
}
if (rdd.getModuleDescriptor() != null) {
return rdd.getModuleDescriptor().getArchiveUri();
- } else {
- // cannot happen unless glassfish code is changed
- throw new AssertionError(rdd.getClass() + " is not a known descriptor type");
}
+ // cannot happen unless glassfish code is changed
+ throw new AssertionError(rdd.getClass() + " is not a known descriptor type");
}
@@ -507,8 +506,8 @@
int actualNum = 0;
Set<Principal> pSet = roleToPrincipal.get(r.getName());
Set<Group> gSet = roleToGroup.get(r.getName());
- actualNum += (pSet == null) ? 0 : pSet.size();
- actualNum += (gSet == null) ? 0 : gSet.size();
+ actualNum += pSet == null ? 0 : pSet.size();
+ actualNum += gSet == null ? 0 : gSet.size();
if (targetNumPrin != actualNum) {
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "Module " + currentMapping.owner + " has different number of mappings for role " + r.getName()
@@ -620,7 +619,7 @@
public Subject get(Object key) {
synchronized (roleMap) {
Subject s = roleMap.get(key);
- if ((s == null) && (key instanceof String) && (!"**".equals(key))) {
+ if (s == null && key instanceof String && !"**".equals(key)) {
final Subject fs = new Subject();
final String roleName = (String) key;
AppservAccessController.doPrivileged(new PrivilegedAction<>() {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/WebResource.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/WebResource.java
index 774fb74..2a3377a 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/WebResource.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/WebResource.java
@@ -51,7 +51,7 @@
return true;
}
- if ((obj == null) || (obj.getClass() != getClass())) {
+ if (obj == null || obj.getClass() != getClass()) {
return false;
}
@@ -62,7 +62,7 @@
@Override
public boolean implies(Resource resource) {
- if ((resource == null) || (resource.getClass() != getClass())) {
+ if (resource == null || resource.getClass() != getClass()) {
return false;
}
@@ -77,16 +77,14 @@
if (that.wildcard) {
// one wildcard can imply another
return that.path.startsWith(path);
- } else {
- // make sure ap.path is longer so a/b/* doesn't imply a/b
- return (that.path.length() > this.path.length()) && that.path.startsWith(this.path);
}
+ // make sure ap.path is longer so a/b/* doesn't imply a/b
+ return that.path.length() > this.path.length() && that.path.startsWith(this.path);
}
if (that.wildcard) {
// a non-wildcard can't imply a wildcard
return false;
- } else {
- return this.path.equals(that.path);
}
+ return this.path.equals(that.path);
}
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/DigestProcessor.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/DigestProcessor.java
index cbbb5c4..4971951 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/DigestProcessor.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/DigestProcessor.java
@@ -65,7 +65,7 @@
com.sun.enterprise.security.auth.digest.api.DigestAlgorithmParameter key = null;
this.passwd = passwd;
for (DigestAlgorithmParameter dap : params) {
- if (A1.equals(dap.getName()) && (dap instanceof com.sun.enterprise.security.auth.digest.api.Key)) {
+ if (A1.equals(dap.getName()) && dap instanceof com.sun.enterprise.security.auth.digest.api.Key) {
key = dap;
} else {
data = dap;
@@ -168,7 +168,7 @@
DigestAlgorithmParameter dataP = (DigestAlgorithmParameter) datastore[i];
byte[] tmpData = valueOf(dataP);
bos.write(tmpData, 0, tmpData.length);
- if (param.getDelimiter() != null && (i + 1 < datastore.length)) {
+ if (param.getDelimiter() != null && i + 1 < datastore.length) {
bos.write(param.getDelimiter(), 0, param.getDelimiter().length);
}
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/HttpDigestParamGenerator.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/HttpDigestParamGenerator.java
index 6b30e12..542fd28 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/HttpDigestParamGenerator.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/digest/impl/HttpDigestParamGenerator.java
@@ -110,7 +110,7 @@
}
}
- if ((userName == null) || (realmName == null) || (nOnce == null) || (uri == null) || (response == null)) {
+ if (userName == null || realmName == null || nOnce == null || uri == null || response == null) {
return null;
}
if (qop == null) {
@@ -208,8 +208,7 @@
}
if (quotedString.length() > 2) {
return quotedString.substring(1, quotedString.length() - 1);
- } else {
- return "";
}
+ return "";
}
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/authorize/HandlerData.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/authorize/HandlerData.java
index 5a3d83b..72385c1 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/authorize/HandlerData.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/authorize/HandlerData.java
@@ -60,7 +60,8 @@
}
if (PolicyContextHandlerImpl.SUBJECT.equalsIgnoreCase(key)) {
return SecurityContext.getCurrent().getSubject();
- } else if (PolicyContextHandlerImpl.REUSE.equalsIgnoreCase(key)) {
+ }
+ if (PolicyContextHandlerImpl.REUSE.equalsIgnoreCase(key)) {
PermissionCacheFactory.resetCaches();
return Integer.valueOf(0);
}
@@ -70,12 +71,13 @@
}
if (PolicyContextHandlerImpl.SOAP_MESSAGE.equalsIgnoreCase(key)) {
- return (ejbDelegate != null) ? ejbDelegate.getSOAPMessage(inv) : null;
+ return ejbDelegate != null ? ejbDelegate.getSOAPMessage(inv) : null;
}
if (PolicyContextHandlerImpl.ENTERPRISE_BEAN.equalsIgnoreCase(key)) {
- return (ejbDelegate != null) ? ejbDelegate.getEnterpriseBean(inv) : null;
- } else if (PolicyContextHandlerImpl.EJB_ARGUMENTS.equalsIgnoreCase(key)) {
- return (ejbDelegate != null) ? ejbDelegate.getEJbArguments(inv) : null;
+ return ejbDelegate != null ? ejbDelegate.getEnterpriseBean(inv) : null;
+ }
+ if (PolicyContextHandlerImpl.EJB_ARGUMENTS.equalsIgnoreCase(key)) {
+ return ejbDelegate != null ? ejbDelegate.getEJbArguments(inv) : null;
}
return null;
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java
index 7d5f8ef..92f7843 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java
@@ -89,7 +89,7 @@
public void init(Properties props) {
super.init(props);
String audit = props.getProperty(AUDIT_ON);
- auditFlag = (audit == null) ? false : Boolean.valueOf(audit);
+ auditFlag = audit == null ? false : Boolean.valueOf(audit);
}
/**
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java
index b2d5ab9..9f99334 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java
@@ -46,7 +46,7 @@
// TODO: need someway to not override the SecMgr if the EmbeddedServer was
// run with a different non-default SM.
// right now there seems no way to find out if the SM is the VM's default SM.
- if (secMgr != null && !(J2EESecurityManager.class.equals(secMgr.getClass()))) {
+ if (secMgr != null && !J2EESecurityManager.class.equals(secMgr.getClass())) {
J2EESecurityManager mgr = new J2EESecurityManager();
try {
System.setSecurityManager(mgr);
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCache.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCache.java
index 42e2f4e..29721e2 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCache.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCache.java
@@ -199,14 +199,13 @@
} finally {
rLock.unlock();
}
- } else {
- // set the load indicators so that readers will
- // bypass the cache until it is loaded
- // release the writelock and return
- cache = null;
- loading = true;
- wLock.unlock();
}
+ // set the load indicators so that readers will
+ // bypass the cache until it is loaded
+ // release the writelock and return
+ cache = null;
+ loading = true;
+ wLock.unlock();
// cache will be null if we proceed past this point
// NO LOCKS ARE HELD AT THIS POINT
@@ -313,7 +312,7 @@
// since cache is non-null, we know we are NOT loading
// setting cache to null will force a (re)load
cache = null;
- epoch = (epoch + 1 == 0) ? 1 : epoch + 1;
+ epoch = epoch + 1 == 0 ? 1 : epoch + 1;
}
} finally {
wLock.unlock();
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java
index 270d916..94b5a05 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java
@@ -83,8 +83,8 @@
*/
@Override
public boolean handles(ReadableArchive location) {
- return (DeploymentUtils.isArchiveOfType(location, DOLUtils.warType(), habitat)
- || DeploymentUtils.isArchiveOfType(location, DOLUtils.earType(), habitat) || isJar(location));
+ return DeploymentUtils.isArchiveOfType(location, DOLUtils.warType(), habitat)
+ || DeploymentUtils.isArchiveOfType(location, DOLUtils.earType(), habitat) || isJar(location);
}
/**
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java
index 1c6c685..9a93859 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java
@@ -300,7 +300,7 @@
* detect special case of EJBs embedded in a war, and make sure psuedo policy context id is unique within app
*/
Object root = ejbBundleDesc.getModuleDescriptor().getDescriptor();
- if ((root != ejbBundleDesc) && (root instanceof WebBundleDescriptor)) {
+ if (root != ejbBundleDesc && root instanceof WebBundleDescriptor) {
cid = createUniquePseudoModuleID(ejbBundleDesc);
} else {
cid = VersioningUtils.getRepositoryName(ejbBundleDesc.getApplication().getRegistrationName()) + '/'
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/JDBCLoginModule.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/JDBCLoginModule.java
index b6ef7aa..3f7119f 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/JDBCLoginModule.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/JDBCLoginModule.java
@@ -45,7 +45,7 @@
final JDBCRealm jdbcRealm = (JDBCRealm) _currentRealm;
// A JDBC user must have a name not null and non-empty.
- if ((_username == null) || (_username.length() == 0)) {
+ if (_username == null || _username.length() == 0) {
String msg = sm.getString("jdbclm.nulluser");
throw new LoginException(msg);
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/PamLoginModule.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/PamLoginModule.java
index 810d623..e7851f6 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/PamLoginModule.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/PamLoginModule.java
@@ -40,7 +40,7 @@
protected void authenticateUser() throws LoginException {
// A Unix user must have a name not null so check here.
- if ((_username == null) || (_username.length() == 0)) {
+ if (_username == null || _username.length() == 0) {
throw new LoginException("Invalid Username");
}
UnixUser user = authenticate(_username, _password);
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java
index 110e310..098afcc 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java
@@ -132,7 +132,7 @@
@Override
public java.lang.Boolean run() {
// if realm is null, LCD will log into the default realm
- if (((SecurityServicesUtil.getInstance() != null) && SecurityServicesUtil.getInstance().isServer())
+ if (SecurityServicesUtil.getInstance() != null && SecurityServicesUtil.getInstance().isServer()
|| Util.isEmbeddedServer()) {
LoginContextDriver.login(user, password, realm);
} else {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java
index 4a5a3ee..d78ea85 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java
@@ -66,7 +66,7 @@
protected final boolean validate(Password passwd, DigestAlgorithmParameter[] params) throws NoSuchAlgorithmException {
for (DigestAlgorithmParameter dap : params) {
- if (A1.equals(dap.getName()) && (dap instanceof Key)) {
+ if (A1.equals(dap.getName()) && dap instanceof Key) {
key = dap;
} else if (RESPONSE.equals(dap.getName())) {
clientResponse = dap;
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/authorize/EJBPolicyContextDelegate.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/authorize/EJBPolicyContextDelegate.java
index bc9f040..92f7e08 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/authorize/EJBPolicyContextDelegate.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/authorize/EJBPolicyContextDelegate.java
@@ -48,7 +48,7 @@
if (eInv.isAWebService()) {
return null;
}
- return (eInv.getMethodParams() != null) ? eInv.getMethodParams() : new Object[0];
+ return eInv.getMethodParams() != null ? eInv.getMethodParams() : new Object[0];
}
return null;
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthContext.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthContext.java
index c4ccc4c..ad5d51f 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthContext.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthContext.java
@@ -173,9 +173,8 @@
if (firstRequiredError != null) {
throw firstRequiredError;
- } else {
- throw ae;
}
+ throw ae;
}
if (entries[i].getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthPolicy.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthPolicy.java
index 0a48cc1..5d17e9a 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthPolicy.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthPolicy.java
@@ -98,7 +98,7 @@
}
if (authenticateRecipient && contentInd >= 0) {
- this.recipientBeforeContent = (recipientInd < contentInd);
+ this.recipientBeforeContent = recipientInd < contentInd;
}
}
}
@@ -155,11 +155,11 @@
}
public boolean isSenderAuthRequired() {
- return (this.isSourceAuthRequired() ? (this.getSourceAuth() == SOURCE_AUTH_SENDER ? true : false) : false);
+ return this.isSourceAuthRequired() ? this.getSourceAuth() == SOURCE_AUTH_SENDER ? true : false : false;
}
public boolean isContentAuthRequired() {
- return (this.isSourceAuthRequired() ? (this.getSourceAuth() == SOURCE_AUTH_CONTENT ? true : false) : false);
+ return this.isSourceAuthRequired() ? this.getSourceAuth() == SOURCE_AUTH_CONTENT ? true : false : false;
}
public boolean isRecipientAuthRequired() {
@@ -179,7 +179,7 @@
// Behaves same as noArg variant when orderForValidation is false. In either
// case, the returned value is only relevant when recipientAuth is required.
public boolean isRecipientAuthBeforeContent(boolean orderForValidation) {
- return (orderForValidation ? !this.recipientBeforeContent : this.recipientBeforeContent);
+ return orderForValidation ? !this.recipientBeforeContent : this.recipientBeforeContent;
}
@Override
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java
index 68aa49c..6a7f73f 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java
@@ -139,7 +139,7 @@
} catch (IOException ioe) {
throw new AuthException(ioe.toString());
}
- this.epoch = (next == 0 ? 1 : next);
+ this.epoch = next == 0 ? 1 : next;
parser = nextParser;
}
}
@@ -558,7 +558,7 @@
for (int i = 0; rValues != null && i < rValues.length; i++) {
if (rValues[i] != null) {
- boolean thisValue = ((Boolean) rValues[i]);
+ boolean thisValue = (Boolean) rValues[i];
rvalue = rvalue | thisValue;
}
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/AuthMessagePolicy.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/AuthMessagePolicy.java
index ebc351c..29bbb0b 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/AuthMessagePolicy.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/AuthMessagePolicy.java
@@ -100,8 +100,8 @@
public static MessagePolicy getMessagePolicy(String authSource, String authRecipient) {
boolean sourceSender = SENDER.equals(authSource);
boolean sourceContent = CONTENT.equals(authSource);
- boolean recipientAuth = (authRecipient != null);
- boolean mandatory = (sourceSender || sourceContent) || recipientAuth;
+ boolean recipientAuth = authRecipient != null;
+ boolean mandatory = sourceSender || sourceContent || recipientAuth;
return getMessagePolicy(authSource, authRecipient, mandatory);
}
@@ -109,7 +109,7 @@
boolean sourceSender = SENDER.equals(authSource);
boolean sourceContent = CONTENT.equals(authSource);
- boolean recipientAuth = (authRecipient != null);
+ boolean recipientAuth = authRecipient != null;
boolean beforeContent = BEFORE_CONTENT.equals(authRecipient);
List<TargetPolicy> targetPolicies = new ArrayList<>();
@@ -214,7 +214,7 @@
// XXX don't know how to get JavaMethod from operation
MessageDescriptor msgDesc = (MessageDescriptor) msgDescs.get(j);
String opName = msgDesc.getOperationName();
- if ((opName == null && matchMsd == null)) {
+ if (opName == null && matchMsd == null) {
matchMsd = msd;
} else if (opName != null && opName.equals(operation)) {
matchMsd = msd;
@@ -258,7 +258,7 @@
// we cannot determine the opcode of a request at runtime.
for (int j = 0; j < msgSecDescs.size(); j++) {
- if (j != i && !policiesAreEqual(msd, ((MessageSecurityDescriptor) msgSecDescs.get(j)))) {
+ if (j != i && !policiesAreEqual(msd, (MessageSecurityDescriptor) msgSecDescs.get(j))) {
onePolicy = false;
}
}
@@ -314,8 +314,8 @@
}
private static boolean policiesAreEqual(MessageSecurityDescriptor reference, MessageSecurityDescriptor other) {
- return (protectionDescriptorsAreEqual(reference.getRequestProtectionDescriptor(), other.getRequestProtectionDescriptor())
- && protectionDescriptorsAreEqual(reference.getResponseProtectionDescriptor(), other.getResponseProtectionDescriptor()));
+ return protectionDescriptorsAreEqual(reference.getRequestProtectionDescriptor(), other.getRequestProtectionDescriptor())
+ && protectionDescriptorsAreEqual(reference.getResponseProtectionDescriptor(), other.getResponseProtectionDescriptor());
}
private static boolean protectionDescriptorsAreEqual(ProtectionDescriptor pd1, ProtectionDescriptor pd2) {
@@ -325,9 +325,9 @@
String authSource2 = pd2.getAttributeValue(ProtectionDescriptor.AUTH_SOURCE);
String authRecipient2 = pd2.getAttributeValue(ProtectionDescriptor.AUTH_RECIPIENT);
- boolean sameAuthSource = (authSource1 == null && authSource2 == null) || (authSource1 != null && authSource1.equals(authSource2));
- boolean sameAuthRecipient = (authRecipient1 == null && authRecipient2 == null)
- || (authRecipient1 != null && authRecipient1.equals(authRecipient2));
+ boolean sameAuthSource = authSource1 == null && authSource2 == null || authSource1 != null && authSource1.equals(authSource2);
+ boolean sameAuthRecipient = authRecipient1 == null && authRecipient2 == null
+ || authRecipient1 != null && authRecipient1.equals(authRecipient2);
return sameAuthSource && sameAuthRecipient;
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java
index 642545e..04c4c86 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java
@@ -221,7 +221,7 @@
final Principal callerPrincipal = sc != null ? sc.getCallerPrincipal() : null;
final Principal defaultPrincipal = SecurityContext.getDefaultCallerPrincipal();
- return ((Boolean) AppservAccessController.doPrivileged(new PrivilegedAction() {
+ return (Boolean) AppservAccessController.doPrivileged(new PrivilegedAction() {
/**
* this method uses 4 (numbered) criteria to determine if the argument WebPrincipal can be reused
@@ -299,7 +299,7 @@
return Boolean.TRUE;
}
- }));
+ });
}
private void processCallerPrincipal(CallerPrincipalCallback cpCallback) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/ClientContainerCallbackHandler.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/ClientContainerCallbackHandler.java
index 27b7c1f..60f50a5 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/ClientContainerCallbackHandler.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/ClientContainerCallbackHandler.java
@@ -69,8 +69,8 @@
int i = 0;
while (i < callbacks.length) {
if (!processedSomeAppclientCallbacks) {
- if ((callbacks[i] instanceof NameCallback) || (callbacks[i] instanceof PasswordCallback)
- || (callbacks[i] instanceof ChoiceCallback)) {
+ if (callbacks[i] instanceof NameCallback || callbacks[i] instanceof PasswordCallback
+ || callbacks[i] instanceof ChoiceCallback) {
String loginName = UsernamePasswordStore.getUsername();
char[] password = UsernamePasswordStore.getPassword();
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java
index 4dd8b0b..0f6de9f 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java
@@ -151,18 +151,18 @@
try {
rLock.lock();
- disabled = (!listenerWrapper.isEnabled());
+ disabled = !listenerWrapper.isEnabled();
if (!disabled) {
d = listenerWrapper.getConfigData();
if (d != null) {
- c = (isServer ? d.sConfig : d.cConfig);
+ c = isServer ? d.sConfig : d.cConfig;
lastP = d.provider;
}
}
} finally {
rLock.unlock();
- if (disabled || c != null || (d != null && lastP == null)) {
+ if (disabled || c != null || d != null && lastP == null) {
return c;
}
}
@@ -185,7 +185,7 @@
}
}
- return ((isServer) ? d.sConfig : d.cConfig);
+ return isServer ? d.sConfig : d.cConfig;
}
/**
@@ -281,7 +281,7 @@
this.appCtxt = appCtxt;
this.rwLock = new ReentrantReadWriteLock(true);
this.wLock = rwLock.writeLock();
- enabled = (factory != null);
+ enabled = factory != null;
listener = new AuthConfigRegistrationListener(layer, appCtxt);
if (Globals.getDefaultHabitat() != null) {
delegate = Globals.get(WebServicesDelegate.class);
@@ -390,7 +390,7 @@
@Override
public void notify(String layer, String appContext) {
if (this.layer.equals(layer)
- && ((this.appCtxt == null && appContext == null) || (appContext != null && appContext.equals(this.appCtxt)))) {
+ && (this.appCtxt == null && appContext == null || appContext != null && appContext.equals(this.appCtxt))) {
try {
wLock.lock();
data = null;
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java
index 6f5146a..6a7ce09 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java
@@ -116,7 +116,7 @@
boolean hasSlaveFactory = false;
try {
rwLock.readLock().lock();
- hasSlaveFactory = (slaveFactory != null);
+ hasSlaveFactory = slaveFactory != null;
} finally {
rwLock.readLock().unlock();
}
@@ -136,7 +136,7 @@
boolean hasSlaveProvider = false;
try {
rwLock.readLock().lock();
- hasSlaveProvider = (slaveProvider != null);
+ hasSlaveProvider = slaveProvider != null;
} finally {
rwLock.readLock().unlock();
}
@@ -205,9 +205,9 @@
com.sun.enterprise.security.jauth.ServerAuthModule sam0 = (com.sun.enterprise.security.jauth.ServerAuthModule) newModule;
- AuthPolicy requestPolicy = (entry.getRequestPolicy() != null) ? new AuthPolicy(entry.getRequestPolicy()) : null;
+ AuthPolicy requestPolicy = entry.getRequestPolicy() != null ? new AuthPolicy(entry.getRequestPolicy()) : null;
- AuthPolicy responsePolicy = (entry.getResponsePolicy() != null) ? new AuthPolicy(entry.getResponsePolicy()) : null;
+ AuthPolicy responsePolicy = entry.getResponsePolicy() != null ? new AuthPolicy(entry.getResponsePolicy()) : null;
sam0.initialize(requestPolicy, responsePolicy, handler, map);
}
@@ -339,9 +339,9 @@
}
// check whether a policy is set
- MessagePolicy reqP = (requestPolicy != null || responsePolicy != null) ? requestPolicy : idEntry.requestPolicy; // default;
+ MessagePolicy reqP = requestPolicy != null || responsePolicy != null ? requestPolicy : idEntry.requestPolicy; // default;
- MessagePolicy respP = (requestPolicy != null || responsePolicy != null) ? responsePolicy : idEntry.responsePolicy; // default;
+ MessagePolicy respP = requestPolicy != null || responsePolicy != null ? responsePolicy : idEntry.responsePolicy; // default;
// optimization: if policy was not set, return null
if (reqP == null && respP == null) {
@@ -642,8 +642,8 @@
boolean hasSlaveProvider = false;
rwLock.readLock().lock();
try {
- hasSlaveFactory = (slaveFactory != null);
- hasSlaveProvider = (slaveProvider != null);
+ hasSlaveFactory = slaveFactory != null;
+ hasSlaveProvider = slaveProvider != null;
} finally {
rwLock.readLock().unlock();
}
@@ -694,7 +694,7 @@
}
}
}
- epoch = (next == 0 ? 1 : next);
+ epoch = next == 0 ? 1 : next;
parser = nextParser;
} catch (IOException ex) {
throw new RuntimeException(ex);
@@ -864,7 +864,7 @@
Entry entry = getEntry(layer, providerID, requestPolicy, responsePolicy, type);
- return (entry != null) ? createModuleInfo(entry, handler, type, properties) : null;
+ return entry != null ? createModuleInfo(entry, handler, type, properties) : null;
}
// lazy initialize this as SunWebApp is not available in
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/HttpServletHelper.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/HttpServletHelper.java
index b1a1b11..a70c0db 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/HttpServletHelper.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/HttpServletHelper.java
@@ -59,7 +59,7 @@
map.put(HttpServletConstants.POLICY_CONTEXT, policyContextId);
SunWebApp sunWebApp = webBundle.getSunDescriptor();
- String pid = (sunWebApp != null ? sunWebApp.getAttributeValue(SunWebApp.HTTPSERVLET_SECURITY_PROVIDER) : null);
+ String pid = sunWebApp != null ? sunWebApp.getAttributeValue(SunWebApp.HTTPSERVLET_SECURITY_PROVIDER) : null;
boolean nullConfigProvider = false;
if (isSystemApp && (pid == null || pid.length() == 0)) {
@@ -69,8 +69,8 @@
}
}
- if (((pid != null && pid.length() > 0) || nullConfigProvider) && (!hasExactMatchAuthProvider())) {
- AuthConfigProvider configProvider = ((nullConfigProvider) ? null : new GFServerConfigProvider(new HashMap(), null));
+ if ((pid != null && pid.length() > 0 || nullConfigProvider) && !hasExactMatchAuthProvider()) {
+ AuthConfigProvider configProvider = nullConfigProvider ? null : new GFServerConfigProvider(new HashMap(), null);
String jmacProviderRegisID = factory.registerConfigProvider(configProvider, GFServerConfigProvider.HTTPSERVLET, appContext,
"GlassFish provider: " + GFServerConfigProvider.HTTPSERVLET + ":" + appContext);
this.setJmacProviderRegisID(jmacProviderRegisID);
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java
index f94a660..43d5366 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java
@@ -16,6 +16,8 @@
package com.sun.enterprise.security.web.integration;
+import static java.util.logging.Level.FINE;
+
import java.security.Permission;
import java.security.Permissions;
import java.util.ArrayList;
@@ -42,6 +44,7 @@
import com.sun.enterprise.deployment.web.WebResourceCollection;
import jakarta.security.jacc.PolicyConfiguration;
+import jakarta.security.jacc.PolicyContextException;
import jakarta.security.jacc.WebResourcePermission;
import jakarta.security.jacc.WebRoleRefPermission;
import jakarta.security.jacc.WebUserDataPermission;
@@ -57,9 +60,6 @@
static Logger logger = LogUtils.getLogger();
- public WebPermissionUtil() {
- }
-
/* changed to order default pattern / below extension */
private static final int PT_DEFAULT = 0;
private static final int PT_EXTENSION = 1;
@@ -71,20 +71,22 @@
if (pattern.startsWith("*.")) {
return PT_EXTENSION;
}
+
if (pattern.startsWith("/") && pattern.endsWith("/*")) {
return PT_PREFIX;
- } else if (pattern.equals("/")) {
- return PT_DEFAULT;
- } else {
- return PT_EXACT;
}
+
+ if (pattern.equals("/")) {
+ return PT_DEFAULT;
+ }
+
+ return PT_EXACT;
}
static boolean implies(String pattern, String path) {
-
// Check for exact match
if (pattern.equals(path)) {
- return (true);
+ return true;
}
// Check for path prefix matching
@@ -94,39 +96,39 @@
int length = pattern.length();
if (length == 0) {
- return (true); // "/*" is the same as "/"
+ return true; // "/*" is the same as "/"
}
- return (path.startsWith(pattern) && (path.length() == length || path.substring(length).startsWith("/")));
+ return path.startsWith(pattern) && (path.length() == length || path.substring(length).startsWith("/"));
}
// Check for suffix matching
if (pattern.startsWith("*.")) {
int slash = path.lastIndexOf('/');
int period = path.lastIndexOf('.');
- if ((slash >= 0) && (period > slash) && path.endsWith(pattern.substring(1))) {
- return (true);
+ if (slash >= 0 && period > slash && path.endsWith(pattern.substring(1))) {
+ return true;
}
- return (false);
+
+ return false;
}
// Check for universal mapping
if (pattern.equals("/")) {
- return (true);
+ return true;
}
- return (false);
+ return false;
}
- public static HashMap parseConstraints(WebBundleDescriptor wbd) {
-
- if (logger.isLoggable(Level.FINE)) {
+ public static Map<String, MapValue> parseConstraints(WebBundleDescriptor webBundleDescriptor) {
+ if (logger.isLoggable(FINE)) {
logger.entering("WebPermissionUtil", "parseConstraints");
}
- Set<Role> roleSet = wbd.getRoles();
+ Set<Role> roleSet = webBundleDescriptor.getRoles();
- HashMap<String, MapValue> qpMap = new HashMap();
+ Map<String, MapValue> qpMap = new HashMap<>();
/*
* bootstrap the map with the default pattern; the default pattern will not be "committed", unless a constraint is
@@ -135,33 +137,33 @@
qpMap.put("/", new MapValue("/"));
// Enumerate over security constraints
- Enumeration<SecurityConstraint> esc = wbd.getSecurityConstraints();
- while (esc.hasMoreElements()) {
+ Enumeration<SecurityConstraint> securityConstraints = webBundleDescriptor.getSecurityConstraints();
+ while (securityConstraints.hasMoreElements()) {
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint translation: begin parsing security constraint");
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint translation: begin parsing security constraint");
}
- SecurityConstraint sc = esc.nextElement();
- AuthorizationConstraint ac = sc.getAuthorizationConstraint();
- UserDataConstraint udc = sc.getUserDataConstraint();
+ SecurityConstraint securityConstraint = securityConstraints.nextElement();
+ AuthorizationConstraint authorizationConstraint = securityConstraint.getAuthorizationConstraint();
+ UserDataConstraint userDataConstraint = securityConstraint.getUserDataConstraint();
// Enumerate over collections of URLPatterns within constraint
- for (WebResourceCollection wrc : sc.getWebResourceCollections()) {
+ for (WebResourceCollection webResourceCollection : securityConstraint.getWebResourceCollections()) {
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint translation: begin parsing web resource collection");
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint translation: begin parsing web resource collection");
}
// Enumerate over URLPatterns within collection
- for (String url : wrc.getUrlPatterns()) {
+ for (String url : webResourceCollection.getUrlPatterns()) {
if (url != null) {
// FIX TO BE CONFIRMED: encode all colons
url = url.replaceAll(":", "%3A");
}
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint translation: process url: " + url);
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint translation: process url: " + url);
}
// determine if pattern is already in map
@@ -198,8 +200,7 @@
case PT_PREFIX:
if ((otherUrlType == PT_PREFIX || otherUrlType == PT_EXACT) && implies(url, otherUrl)) {
mValue.addQualifier(otherUrl);
- } else if ((otherUrlType == PT_PREFIX && implies(otherUrl, url))
- || (otherUrlType == PT_EXTENSION || otherUrlType == PT_DEFAULT)) {
+ } else if (otherUrlType == PT_PREFIX && implies(otherUrl, url) || otherUrlType == PT_EXTENSION || otherUrlType == PT_DEFAULT) {
qpVal.getValue().addQualifier(url);
}
break;
@@ -213,7 +214,7 @@
// the defualt pattern, if it exists in the
// map.
case PT_EXTENSION:
- if (otherUrlType == PT_PREFIX || (otherUrlType == PT_EXACT && implies(url, otherUrl))) {
+ if (otherUrlType == PT_PREFIX || otherUrlType == PT_EXACT && implies(url, otherUrl)) {
mValue.addQualifier(otherUrl);
} else if (otherUrlType == PT_DEFAULT) {
qpVal.getValue().addQualifier(url);
@@ -235,8 +236,8 @@
// every path-prefix or extension pattern (in
// the map) that implies the new pattern.
case PT_EXACT:
- if (((otherUrlType == PT_PREFIX || otherUrlType == PT_EXTENSION) && implies(otherUrl, url))
- || (otherUrlType == PT_DEFAULT)) {
+ if ((otherUrlType == PT_PREFIX || otherUrlType == PT_EXTENSION) && implies(otherUrl, url)
+ || otherUrlType == PT_DEFAULT) {
qpVal.getValue().addQualifier(url);
}
break;
@@ -250,37 +251,36 @@
}
- String[] methodNames = wrc.getHttpMethodsAsArray();
+ String[] methodNames = webResourceCollection.getHttpMethodsAsArray();
BitSet methods = MethodValue.methodArrayToSet(methodNames);
BitSet omittedMethods = null;
if (methods.isEmpty()) {
- String[] omittedNames = wrc.getHttpMethodOmissionsAsArray();
- omittedMethods = MethodValue.methodArrayToSet(omittedNames);
+ omittedMethods = MethodValue.methodArrayToSet(webResourceCollection.getHttpMethodOmissionsAsArray());
}
// set and commit the method outcomes on the pattern
// note that an empty omitted method set is used to represent
// the set of all http methods
- mValue.setMethodOutcomes(roleSet, ac, udc, methods, omittedMethods);
+ mValue.setMethodOutcomes(roleSet, authorizationConstraint, userDataConstraint, methods, omittedMethods);
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint translation: end processing url: " + url);
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint translation: end processing url: " + url);
}
}
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint translation: end parsing web resource collection");
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint translation: end parsing web resource collection");
}
}
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint translation: end parsing security constraint");
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint translation: end parsing security constraint");
}
}
- if (logger.isLoggable(Level.FINE)) {
+ if (logger.isLoggable(FINE)) {
logger.exiting("WebPermissionUtil", "parseConstraints");
}
@@ -305,8 +305,8 @@
collection.add(new WebResourcePermission(name, actions));
collection.add(new WebUserDataPermission(name, actions));
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint capture: adding excluded methods: " + actions);
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint capture: adding excluded methods: " + actions);
}
}
@@ -317,8 +317,8 @@
map.put(roleName, collection);
}
collection.add(p);
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint capture: adding methods to role: " + roleName + " methods: " + p.getActions());
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint capture: adding methods to role: " + roleName + " methods: " + p.getActions());
}
return collection;
}
@@ -343,6 +343,7 @@
addToRoleMap(map, roleName, new WebResourcePermission(name, actions));
}
}
+
// handle explicit methods, skip roles that were handled above
BitSet methods = m.getMethodSet();
if (!methods.isEmpty()) {
@@ -376,8 +377,8 @@
collection.add(new WebResourcePermission(name, actions));
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint capture: adding unchecked (for authorization) methods: " + actions);
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint capture: adding unchecked (for authorization) methods: " + actions);
}
}
@@ -428,13 +429,13 @@
continue;
}
- actions = (actions == null) ? "" : actions;
+ actions = actions == null ? "" : actions;
String combinedActions = actions + ":" + transport;
collection.add(new WebUserDataPermission(name, combinedActions));
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint capture: adding methods that accept connections with protection: " + transport
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint capture: adding methods that accept connections with protection: " + transport
+ " methods: " + actions);
}
}
@@ -462,106 +463,104 @@
pc.removeRole("*");
}
- public static void processConstraints(WebBundleDescriptor wbd, PolicyConfiguration pc)
- throws jakarta.security.jacc.PolicyContextException {
- if (logger.isLoggable(Level.FINE)) {
+ public static void processConstraints(WebBundleDescriptor webBundleDescriptor, PolicyConfiguration policyConfiguration) throws PolicyContextException {
+ if (logger.isLoggable(FINE)) {
logger.entering("WebPermissionUtil", "processConstraints");
- logger.log(Level.FINE, "JACC: constraint translation: CODEBASE = " + pc.getContextID());
+ logger.log(FINE, "JACC: constraint translation: CODEBASE = " + policyConfiguration.getContextID());
}
- HashMap qpMap = parseConstraints(wbd);
+ Map<String, MapValue> qpMap = parseConstraints(webBundleDescriptor);
HashMap<String, Permissions> roleMap = new HashMap<>();
Permissions excluded = new Permissions();
Permissions unchecked = new Permissions();
- boolean deny = wbd.isDenyUncoveredHttpMethods();
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint capture: begin processing qualified url patterns"
+ boolean deny = webBundleDescriptor.isDenyUncoveredHttpMethods();
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint capture: begin processing qualified url patterns"
+ " - uncovered http methods will be " + (deny ? "denied" : "permitted"));
}
// for each urlPatternSpec in the map
- Iterator it = qpMap.values().iterator();
+ Iterator<MapValue> it = qpMap.values().iterator();
while (it.hasNext()) {
- MapValue m = (MapValue) it.next();
- if (!m.irrelevantByQualifier) {
+ MapValue mapValue = it.next();
+ if (!mapValue.irrelevantByQualifier) {
- String name = m.urlPatternSpec.toString();
+ String name = mapValue.urlPatternSpec.toString();
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint capture: urlPattern: " + name);
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint capture: urlPattern: " + name);
}
// handle Uncovered Methods
- m.handleUncoveredMethods(deny);
+ mapValue.handleUncoveredMethods(deny);
// handle excluded methods
- handleExcluded(excluded, m, name);
+ handleExcluded(excluded, mapValue, name);
// handle methods requiring role
- handleRoles(roleMap, m, name);
+ handleRoles(roleMap, mapValue, name);
// handle methods that are not auth constrained
- handleNoAuth(unchecked, m, name);
+ handleNoAuth(unchecked, mapValue, name);
// handle transport constraints
- handleConnections(unchecked, m, name);
+ handleConnections(unchecked, mapValue, name);
}
}
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: constraint capture: end processing qualified url patterns");
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: constraint capture: end processing qualified url patterns");
Enumeration e = excluded.elements();
while (e.hasMoreElements()) {
Permission p = (Permission) e.nextElement();
- String ptype = (p instanceof WebResourcePermission) ? "WRP " : "WUDP ";
- logger.log(Level.FINE,
+ String ptype = p instanceof WebResourcePermission ? "WRP " : "WUDP ";
+ logger.log(FINE,
"JACC: permission(excluded) type: " + ptype + " name: " + p.getName() + " actions: " + p.getActions());
}
e = unchecked.elements();
while (e.hasMoreElements()) {
Permission p = (Permission) e.nextElement();
- String ptype = (p instanceof WebResourcePermission) ? "WRP " : "WUDP ";
- logger.log(Level.FINE,
+ String ptype = p instanceof WebResourcePermission ? "WRP " : "WUDP ";
+ logger.log(FINE,
"JACC: permission(unchecked) type: " + ptype + " name: " + p.getName() + " actions: " + p.getActions());
}
}
- pc.addToExcludedPolicy(excluded);
+ policyConfiguration.addToExcludedPolicy(excluded);
- pc.addToUncheckedPolicy(unchecked);
+ policyConfiguration.addToUncheckedPolicy(unchecked);
for (Map.Entry<String, Permissions> rVal : roleMap.entrySet()) {
String role = rVal.getKey();
Permissions pCollection = rVal.getValue();
- pc.addToRole(role, pCollection);
+ policyConfiguration.addToRole(role, pCollection);
- if (logger.isLoggable(Level.FINE)) {
+ if (logger.isLoggable(FINE)) {
Enumeration e = pCollection.elements();
while (e.hasMoreElements()) {
Permission p = (Permission) e.nextElement();
- String ptype = (p instanceof WebResourcePermission) ? "WRP " : "WUDP ";
- logger.log(Level.FINE,
+ String ptype = p instanceof WebResourcePermission ? "WRP " : "WUDP ";
+ logger.log(FINE,
"JACC: permission(" + role + ") type: " + ptype + " name: " + p.getName() + " actions: " + p.getActions());
}
}
}
- if (logger.isLoggable(Level.FINE)) {
+ if (logger.isLoggable(FINE)) {
logger.exiting("WebPermissionUtil", "processConstraints");
}
}
- public static void createWebRoleRefPermission(WebBundleDescriptor wbd, PolicyConfiguration pc)
- throws jakarta.security.jacc.PolicyContextException {
- if (logger.isLoggable(Level.FINE)) {
+ public static void createWebRoleRefPermission(WebBundleDescriptor wbd, PolicyConfiguration pc) throws PolicyContextException {
+ if (logger.isLoggable(FINE)) {
logger.entering("WebPermissionUtil", "createWebRoleRefPermission");
- logger.log(Level.FINE, "JACC: role-reference translation: Processing WebRoleRefPermission : CODEBASE = " + pc.getContextID());
+ logger.log(FINE, "JACC: role-reference translation: Processing WebRoleRefPermission : CODEBASE = " + pc.getContextID());
}
List role = new ArrayList();
Set roleset = wbd.getRoles();
@@ -582,8 +581,8 @@
WebRoleRefPermission wrrp = new WebRoleRefPermission(name, action);
role.add(new Role(action));
pc.addToRole(srr.getSecurityRoleLink().getName(), wrrp);
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE,
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE,
"JACC: role-reference translation: RoleRefPermission created with name(servlet-name) = " + name
+ " and action(Role-name tag) = " + action + " added to role(role-link tag) = "
+ srr.getSecurityRoleLink().getName());
@@ -591,23 +590,23 @@
}
}
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE,
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE,
"JACC: role-reference translation: Going through the list of roles not present in RoleRef elements and creating WebRoleRefPermissions ");
}
for (Object element : roleset) {
Role r = (Role) element;
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: role-reference translation: Looking at Role = " + r.getName());
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: role-reference translation: Looking at Role = " + r.getName());
}
if (!role.contains(r)) {
String action = r.getName();
WebRoleRefPermission wrrp = new WebRoleRefPermission(name, action);
pc.addToRole(action, wrrp);
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE,
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE,
"JACC: role-reference translation: RoleRef = " + action + " is added for servlet-resource = " + name);
- logger.log(Level.FINE, "JACC: role-reference translation: Permission added for above role-ref =" + wrrp.getName()
+ logger.log(FINE, "JACC: role-reference translation: Permission added for above role-ref =" + wrrp.getName()
+ " " + wrrp.getActions());
}
}
@@ -615,11 +614,11 @@
/**
* JACC MR8 add WebRoleRefPermission for the any authenticated user role '**'
*/
- if ((!role.contains(anyAuthUserRole)) && !rolesetContainsAnyAuthUserRole) {
+ if (!role.contains(anyAuthUserRole) && !rolesetContainsAnyAuthUserRole) {
addAnyAuthenticatedUserRoleRef(pc, name);
}
}
- if (logger.isLoggable(Level.FINE)) {
+ if (logger.isLoggable(FINE)) {
logger.exiting("WebPermissionUtil", "createWebRoleRefPermission");
}
@@ -632,16 +631,16 @@
*/
for (Object element : roleset) {
Role r = (Role) element;
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: role-reference translation: Looking at Role = " + r.getName());
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: role-reference translation: Looking at Role = " + r.getName());
}
String action = r.getName();
WebRoleRefPermission wrrp = new WebRoleRefPermission("", action);
pc.addToRole(action, wrrp);
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE,
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE,
"JACC: role-reference translation: RoleRef = " + action + " is added for jsp's that can't be mapped to servlets");
- logger.log(Level.FINE, "JACC: role-reference translation: Permission added for above role-ref =" + wrrp.getName() + " "
+ logger.log(FINE, "JACC: role-reference translation: Permission added for above role-ref =" + wrrp.getName() + " "
+ wrrp.getActions());
}
}
@@ -662,8 +661,8 @@
String action = "**";
WebRoleRefPermission wrrp = new WebRoleRefPermission(name, action);
pc.addToRole(action, wrrp);
- if (logger.isLoggable(Level.FINE)) {
- logger.log(Level.FINE, "JACC: any authenticated user role-reference translation: Permission added for role-ref ="
+ if (logger.isLoggable(FINE)) {
+ logger.log(FINE, "JACC: any authenticated user role-reference translation: Permission added for role-ref ="
+ wrrp.getName() + " " + wrrp.getActions());
}
}
@@ -753,7 +752,7 @@
}
boolean isTransportConstrained() {
- if (excluded || (connectSet != 0 && !bitIsSet(connectSet, connectTypeNone))) {
+ if (excluded || connectSet != 0 && !bitIsSet(connectSet, connectTypeNone)) {
return true;
}
return false;
@@ -799,8 +798,8 @@
}
addConnectType(udc == null ? null : udc.getTransportGuarantee());
- if (WebPermissionUtil.logger.isLoggable(Level.FINE)) {
- WebPermissionUtil.logger.log(Level.FINE, "JACC: setOutcome yields: " + toString());
+ if (WebPermissionUtil.logger.isLoggable(FINE)) {
+ WebPermissionUtil.logger.log(FINE, "JACC: setOutcome yields: " + toString());
}
}
@@ -838,7 +837,7 @@
* allow access without authentication.
*/
boolean isUncovered() {
- return (!excluded && !ignoreRoleList && roleList.isEmpty() && connectSet == 0);
+ return !excluded && !ignoreRoleList && roleList.isEmpty() && connectSet == 0;
}
}
@@ -890,7 +889,7 @@
actions.append(getMethodName(i));
}
- return (actions == null ? null : actions.toString());
+ return actions == null ? null : actions.toString();
}
static String[] getMethodArray(BitSet methodSet) {
@@ -970,8 +969,8 @@
methodValue = new MethodValue(methodName, otherConstraint);
methodValues.put(methodName, methodValue);
- if (WebPermissionUtil.logger.isLoggable(Level.FINE)) {
- WebPermissionUtil.logger.log(Level.FINE, "JACC: created MethodValue: " + methodValue);
+ if (WebPermissionUtil.logger.isLoggable(FINE)) {
+ WebPermissionUtil.logger.log(FINE, "JACC: created MethodValue: " + methodValue);
}
}
return methodValue;
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPrincipal.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPrincipal.java
index 88174d6..8a9e822 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPrincipal.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPrincipal.java
@@ -27,62 +27,52 @@
public class WebPrincipal extends PrincipalImpl implements SecurityContextProxy {
- /**
- *
- */
private static final long serialVersionUID = -7855179427171479644L;
private char[] password;
-
- private X509Certificate[] certs;
-
+ private X509Certificate[] certificates;
private boolean useCertificate;
-
- private SecurityContext secCtx;
-
+ private SecurityContext securityContext;
private Principal customPrincipal;
- public WebPrincipal(Principal p, SecurityContext context) {
- super(p.getName());
- if (!(p instanceof PrincipalImpl)) {
- customPrincipal = p;
+ public WebPrincipal(Principal principal, SecurityContext context) {
+ super(principal.getName());
+ if (!(principal instanceof PrincipalImpl)) {
+ customPrincipal = principal;
}
this.useCertificate = false;
- this.secCtx = context;
+ this.securityContext = context;
}
public WebPrincipal(String user, char[] pwd, SecurityContext context) {
super(user);
+
// Copy the password to another reference before storing it to the
// instance field.
- this.password = (pwd == null) ? null : Arrays.copyOf(pwd, pwd.length);
+ this.password = pwd == null ? null : Arrays.copyOf(pwd, pwd.length);
this.useCertificate = false;
- this.secCtx = context;
+ this.securityContext = context;
}
- @Deprecated
public WebPrincipal(String user, String password, SecurityContext context) {
this(user, password.toCharArray(), context);
-
}
public WebPrincipal(X509Certificate[] certs, SecurityContext context) {
super(certs[0].getSubjectDN().getName());
- this.certs = certs;
+ this.certificates = certs;
this.useCertificate = true;
- this.secCtx = context;
+ this.securityContext = context;
}
public char[] getPassword() {
// Copy the password to another reference and return the reference
- char[] passwordCopy = (password == null) ? null : Arrays.copyOf(password, password.length);
-
- return passwordCopy;
+ return password == null ? null : Arrays.copyOf(password, password.length);
}
public X509Certificate[] getCertificates() {
- return certs;
+ return certificates;
}
public boolean isUsingCertificate() {
@@ -91,7 +81,7 @@
@Override
public SecurityContext getSecurityContext() {
- return secCtx;
+ return securityContext;
}
@Override
@@ -99,15 +89,16 @@
if (customPrincipal == null) {
return super.getName();
}
+
return customPrincipal.getName();
}
@Override
public boolean equals(Object another) {
-
if (customPrincipal == null) {
return super.equals(another);
}
+
return customPrincipal.equals(another);
}
@@ -116,6 +107,7 @@
if (customPrincipal == null) {
return super.hashCode();
}
+
return customPrincipal.hashCode();
}
@@ -124,7 +116,7 @@
if (customPrincipal == null) {
return super.toString();
}
+
return customPrincipal.toString();
}
-
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java
index 65876c9..9e3ae9f 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java
@@ -358,7 +358,7 @@
if (prdm == null) {
Principal[] principals = null;
- principals = (principalSet == null ? null : (Principal[]) principalSet.toArray(new Principal[0]));
+ principals = principalSet == null ? null : (Principal[]) principalSet.toArray(new Principal[0]);
if (logger.isLoggable(Level.FINE)) {
logger.log(Level.FINE, "[Web-Security] Generating a protection domain for Permission check.");
@@ -571,10 +571,10 @@
private void recordWebInvocation(final HttpServletRequest httpsr, final String type, final boolean isGranted) {
AuditManager auditManager = SecurityServicesUtil.getInstance().getAuditManager();
- if (auditManager != null && auditManager.isAuditOn() && (auditManager instanceof AppServerAuditManager)) {
+ if (auditManager != null && auditManager.isAuditOn() && auditManager instanceof AppServerAuditManager) {
final AppServerAuditManager appServerAuditManager = (AppServerAuditManager) auditManager;
Principal prin = httpsr.getUserPrincipal();
- String user = (prin != null) ? prin.getName() : null;
+ String user = prin != null ? prin.getName() : null;
appServerAuditManager.webInvocation(user, httpsr, type, isGranted);
}
}
@@ -655,7 +655,7 @@
}
}
}
- return ((result != null) ? result.toString() : null);
+ return result != null ? result.toString() : null;
}
/*
