2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 package javax.servlet.annotation;
19 import java.lang.annotation.Documented;
20 import java.lang.annotation.Retention;
21 import java.lang.annotation.RetentionPolicy;
23 import javax.servlet.annotation.ServletSecurity.EmptyRoleSemantic;
24 import javax.servlet.annotation.ServletSecurity.TransportGuarantee;
27 * This annotation represents the security constraints that are applied to all
28 * requests with HTTP protocol method types that are not otherwise represented
29 * by a corresponding {@link javax.servlet.annotation.HttpMethodConstraint} in a
30 * {@link javax.servlet.annotation.ServletSecurity} annotation.
34 @Retention(RetentionPolicy.RUNTIME)
36 public @interface HttpConstraint {
39 * The EmptyRoleSemantic determines the behaviour when the rolesAllowed list
42 * @return empty role semantic
44 EmptyRoleSemantic value() default EmptyRoleSemantic.PERMIT;
47 * Determines whether SSL/TLS is required to process the current request.
49 * @return transport guarantee
51 TransportGuarantee transportGuarantee() default TransportGuarantee.NONE;
54 * The authorized roles' names. The container may discard duplicate role
55 * names during processing of the annotation. N.B. The String "*" does not
56 * have a special meaning if it occurs as a role name.
58 * @return array of names. The array may be of zero length, in which case
59 * the EmptyRoleSemantic applies; the returned value determines
60 * whether access is to be permitted or denied regardless of the
61 * identity and authentication state in either case, PERMIT or DENY.<br />
62 * Otherwise, when the array contains one or more role names access
63 * is permitted if the user a member of at least one of the named
64 * roles. The EmptyRoleSemantic is not applied in this case.
67 String[] rolesAllowed() default {};