Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.http;
019
020import org.apache.yetus.audience.InterfaceAudience;
021
022import org.apache.hbase.thirdparty.org.eclipse.jetty.security.ConstraintMapping;
023import org.apache.hbase.thirdparty.org.eclipse.jetty.security.ConstraintSecurityHandler;
024import org.apache.hbase.thirdparty.org.eclipse.jetty.servlet.ServletContextHandler;
025import org.apache.hbase.thirdparty.org.eclipse.jetty.util.security.Constraint;
026
027/**
028 * HttpServer utility.
029 */
030@InterfaceAudience.Private
031public final class HttpServerUtil {
032  /**
033   * Add constraints to a Jetty Context to disallow undesirable Http methods.
034   * @param ctxHandler         The context to modify
035   * @param allowOptionsMethod if true then OPTIONS method will not be set in constraint mapping
036   */
037  public static void constrainHttpMethods(ServletContextHandler ctxHandler,
038    boolean allowOptionsMethod) {
039    Constraint c = new Constraint();
040    c.setAuthenticate(true);
041
042    ConstraintMapping cmt = new ConstraintMapping();
043    cmt.setConstraint(c);
044    cmt.setMethod("TRACE");
045    cmt.setPathSpec("/*");
046
047    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
048
049    if (!allowOptionsMethod) {
050      ConstraintMapping cmo = new ConstraintMapping();
051      cmo.setConstraint(c);
052      cmo.setMethod("OPTIONS");
053      cmo.setPathSpec("/*");
054      securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt, cmo });
055    } else {
056      securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt });
057    }
058
059    ctxHandler.setSecurityHandler(securityHandler);
060  }
061
062  private HttpServerUtil() {
063  }
064}