Source code

001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.http;
019
020import org.apache.yetus.audience.InterfaceAudience;
021import org.eclipse.jetty.security.ConstraintMapping;
022import org.eclipse.jetty.security.ConstraintSecurityHandler;
023import org.eclipse.jetty.servlet.ServletContextHandler;
024import org.eclipse.jetty.util.security.Constraint;
025
026/**
027 * HttpServer utility.
028 */
029@InterfaceAudience.Private
030public final class HttpServerUtil {
031  /**
032   * Add constraints to a Jetty Context to disallow undesirable Http methods.
033   * @param ctxHandler The context to modify
034   * @param allowOptionsMethod if true then OPTIONS method will not be set in constraint mapping
035   */
036  public static void constrainHttpMethods(ServletContextHandler ctxHandler,
037      boolean allowOptionsMethod) {
038    Constraint c = new Constraint();
039    c.setAuthenticate(true);
040
041    ConstraintMapping cmt = new ConstraintMapping();
042    cmt.setConstraint(c);
043    cmt.setMethod("TRACE");
044    cmt.setPathSpec("/*");
045
046    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
047
048    if (!allowOptionsMethod) {
049      ConstraintMapping cmo = new ConstraintMapping();
050      cmo.setConstraint(c);
051      cmo.setMethod("OPTIONS");
052      cmo.setPathSpec("/*");
053      securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt, cmo });
054    } else {
055      securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt });
056    }
057
058    ctxHandler.setSecurityHandler(securityHandler);
059  }
060
061  private HttpServerUtil() {}
062}