本文介绍了以编程方式从web.xml检索安全性约束的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

是否有可能从web.xml获取约束列表?

Is there any possiblity to obtain the list of constraints from web.xml ?

 <security-constraint>
    <web-resource-collection>
        <web-resource-name>admin</web-resource-name>
        <url-pattern>/admin/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
 </security-constraint>

更好的是有一种编程方式来添加新约束吗?

Even better is there a programmatic way to add new constraints ?

谢谢,
Victor

Thanks,Victor

推荐答案

如果您有 ServletContainerInitializer ,在其 onStartup()方法中,您基本上可以执行容器在解析web.xml时所执行的操作。例如:?

If you have a ServletContainerInitializer, in its onStartup() method, you would basically do what your container does when it parses your web.xml. For example:

@Override
public void onStartup(Set<Class<?>> classes, ServletContext ctx) throws ServletException {
    ServletRegistration.Dynamic servlet = ctx.addServlet("myServlet", "com.package.myServlet"); // loop through classes set to find all your servlets
    HttpConstraintElement constraint = new HttpConstraintElement(); // many constructors with options
    ServletSecurityElement securityElement = new ServletSecurityElement(constraint); // many different constructors
    servlet.setServletSecurity(securityElement);
}

我为所有种类评论过的构造函数中有很多选项配置,甚至通过servlet 3.0 。我会让你发现它们。

There are a lot of options in the constructors I've commented for all sorts of configurations, even through the servlet 3.0 security annotations. I'll let you discover them all.

至于初始化后添加新约束, setServletSecurity() 表示:

As for adding new constraints after initialization, the javadoc for setServletSecurity() says:

* @throws IllegalStateException if the {@link ServletContext} from
* which this <code>ServletRegistration</code> was obtained has
* already been initialized

我找不到任何获取清单的信息通过 ServletContext 接口的约束,但你总是可以自己解析web.xml。

I couldn't find anything for obtaining a list of constraints through ServletContext interface, but you can always parse the web.xml yourself.

这篇关于以编程方式从web.xml检索安全性约束的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!