blob: 0077c8448e53eba1016fa39e60f2d2df769e6f4e [file] [log] [blame]
<!--
Copyright (c) 2010, 2018 Oracle and/or its affiliates. All rights reserved.
This program and the accompanying materials are made available under the
terms of the Eclipse Public License v. 2.0, which is available at
http://www.eclipse.org/legal/epl-2.0.
This Source Code may also be made available under the following Secondary
Licenses when the conditions for such availability set forth in the
Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
version 2 with the GNU Classpath Exception, which is available at
https://www.gnu.org/software/classpath/license.html.
SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
-->
<FindBugsFilter>
<!--
Request: Kumar & Ron
Approval: Bill Shannon
Date:08/12/2009
Notes from Ron:
The proprietary callback classes predate Glassfish v2. we
maintained support for them in v2 and v3, where they are
available for use by auth modules written to the proprietary spi
(which we continue to support in v3). We only made the
proprietary spi available to parties within sun; including the
opensso/then access manager team, and for the native ws-security
auth-modules created by the xwss team for appserver 8.1. The
ws-secuity modules are being phased out in favor of the new
wsit/ws-policy based auth modules, and the opensso modules should
evolve to the standard spi.
-->
<Match>
<Or>
<Class name="com.sun.enterprise.security.jauth.callback.CertStoreCallback"/>
<Class name="com.sun.enterprise.security.jauth.callback.SecretKeyCallback"/>
<Class name="com.sun.enterprise.security.jauth.callback.PrivateKeyCallback"/>
<Class name="com.sun.enterprise.security.jauth.callback.PrivateKeyCallback$IssuerSerialNumRequest"/>
<Class name="com.sun.enterprise.security.jauth.AuthException"/>
<Class name="com.sun.enterprise.security.jauth.callback.SecretKeyCallback$AliasRequest"/>
<Class name="com.sun.enterprise.security.jauth.callback.TrustStoreCallback"/>
<Class name="com.sun.enterprise.security.jauth.callback.PrivateKeyCallback$SubjectKeyIDRequest"/>
<Class name="com.sun.enterprise.security.jauth.callback.PasswordValidationCallback"/>
<Class name="com.sun.enterprise.security.jauth.callback.PrivateKeyCallback$AliasRequest"/>
</Or>
<Bug pattern="NM_SAME_SIMPLE_NAME_AS_SUPERCLASS"/>
</Match>
<!--
This code uses reflection to construct an object. The actual object
will be constructed for use later, this code just makes sure that
the constructor exists and doesn't fail. The object is thrown away.
-->
<Match>
<Class name="com.sun.enterprise.security.acl.RoleMapper"/>
<Method name="getDefaultP2RMappingClassName"/>
<Bug pattern="DLS_DEAD_LOCAL_STORE"/>
</Match>
<!--
Need to keep both method getUsername in
com.sun.enterprise.security.auth.digest.impl.KeyDigestAlgoParamImpl
and method getUserName in
com.sun.enterprise.security.ee.auth.login.DigestCredentials
with names differing only in case, for compatibility.
-->
<Match>
<Class name="com.sun.enterprise.security.auth.digest.impl.KeyDigestAlgoParamImpl"/>
<Method name="getUsername"/>
<Bug pattern="NM_CONFUSING"/>
</Match>
</FindBugsFilter>