2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 package javax.servlet.annotation;
19 import java.lang.annotation.Documented;
20 import java.lang.annotation.Retention;
21 import java.lang.annotation.RetentionPolicy;
23 import javax.servlet.annotation.ServletSecurity.EmptyRoleSemantic;
24 import javax.servlet.annotation.ServletSecurity.TransportGuarantee;
27 * Specific security constraints can be applied to different types of request,
28 * differentiated by the HTTP protocol method type by using this annotation
29 * inside the {@link javax.servlet.annotation.ServletSecurity} annotation.
34 @Retention(RetentionPolicy.RUNTIME)
36 public @interface HttpMethodConstraint {
39 * HTTP Protocol method name (e.g. POST, PUT)
46 * The EmptyRoleSemantic determines the behaviour when the rolesAllowed list
49 * @return empty role semantic
51 EmptyRoleSemantic emptyRoleSemantic() default EmptyRoleSemantic.PERMIT;
54 * Determines whether SSL/TLS is required to process the current request.
56 * @return transport guarantee
58 TransportGuarantee transportGuarantee() default TransportGuarantee.NONE;
61 * The authorized roles' names. The container may discard duplicate role
62 * names during processing of the annotation. N.B. The String "*" does not
63 * have a special meaning if it occurs as a role name.
65 * @return array of names. The array may be of zero length, in which case
66 * the EmptyRoleSemantic applies; the returned value determines
67 * whether access is to be permitted or denied regardless of the
68 * identity and authentication state in either case, PERMIT or DENY.<br />
69 * Otherwise, when the array contains one or more role names access
70 * is permitted if the user a member of at least one of the named
71 * roles. The EmptyRoleSemantic is not applied in this case.
73 String[] rolesAllowed() default {};