Class SecurityUtils

java.lang.Object
net.sourceforge.plantuml.security.SecurityUtils

public class SecurityUtils extends java.lang.Object
  • Field Details

    • NO_CREDENTIALS

      public static final java.lang.String NO_CREDENTIALS
      Indicates, that we have no authentication and credentials to access the URL.
      See Also:
    • PATHS_CLASSES

      public static final java.lang.String PATHS_CLASSES
      Java class paths to import files from.
      See Also:
    • PATHS_INCLUDES

      public static final java.lang.String PATHS_INCLUDES
      Paths to include files.
      See Also:
    • PATHS_ALLOWED

      public static final java.lang.String PATHS_ALLOWED
      Whitelist of paths from where scripts can load data.
      See Also:
    • PATHS_SECURITY

      public static final java.lang.String PATHS_SECURITY
      Paths to folders with security specific content (not allowed to read via SFile).
      See Also:
    • SECURITY_ALLOW_NONSSL_AUTH

      public static final java.lang.String SECURITY_ALLOW_NONSSL_AUTH
      See Also:
  • Constructor Details

    • SecurityUtils

      public SecurityUtils()
  • Method Details

    • getSecurityProfile

      public static SecurityProfile getSecurityProfile()
    • ignoreThisLink

      public static boolean ignoreThisLink(java.lang.String url)
    • getenv

      public static java.lang.String getenv(java.lang.String name)
    • isSecurityEnv

      public static boolean isSecurityEnv(java.lang.String name)
      Checks the environment variable and returns true if the variable is used in security context. In this case, the value should not be displayed in scripts.
      Parameters:
      name - Environment variable to check
      Returns:
      true, if this is a secret variable
    • isNonSSLAuthenticationAllowed

      public static boolean isNonSSLAuthenticationAllowed()
      Configuration for Non-SSL authentication methods.
      Returns:
      true, if plantUML should allow authentication in plain connections (without encryption).
      See Also:
    • getPath

      public static java.util.List<SFile> getPath(java.lang.String prop)
    • allowSvgText

      public static boolean allowSvgText()
    • createPrintWriter

      public static java.io.PrintWriter createPrintWriter(java.io.OutputStream os)
    • createPrintWriter

      public static java.io.PrintWriter createPrintWriter(java.io.OutputStream os, boolean append)
    • createPrintStream

      public static java.io.PrintStream createPrintStream(java.io.OutputStream os)
    • createPrintStream

      public static java.io.PrintStream createPrintStream(java.io.OutputStream os, boolean autoFlush, java.lang.String charset) throws java.io.UnsupportedEncodingException
      Throws:
      java.io.UnsupportedEncodingException
    • createPrintStream

      public static java.io.PrintStream createPrintStream(java.io.OutputStream os, boolean autoFlush, java.nio.charset.Charset charset) throws java.io.UnsupportedEncodingException
      Throws:
      java.io.UnsupportedEncodingException
    • readRasterImage

      public static java.awt.image.BufferedImage readRasterImage(javax.swing.ImageIcon imageIcon)
    • createFileReader

      public static java.io.FileReader createFileReader(java.lang.String path) throws java.io.FileNotFoundException
      Throws:
      java.io.FileNotFoundException
    • createPrintWriter

      public static java.io.PrintWriter createPrintWriter(java.lang.String path) throws java.io.FileNotFoundException
      Throws:
      java.io.FileNotFoundException
    • createFileOutputStream

      public static java.io.FileOutputStream createFileOutputStream(java.lang.String path) throws java.io.FileNotFoundException
      Throws:
      java.io.FileNotFoundException
    • getAuthenticationManager

      public static SecurityAuthorizeManager getAuthenticationManager(SecurityCredentials credentialConfiguration)
      Returns the authorize-manager for a security credentials configuration.
      Parameters:
      credentialConfiguration - the credentials
      Returns:
      the manager.
    • getAccessInterceptor

      public static SecurityAccessInterceptor getAccessInterceptor(SecurityAuthentication authentication)
      Returns the authentication interceptor for a SecurityAuthentication.
      Parameters:
      authentication - the authentication data
      Returns:
      the interceptor.
    • existsSecurityCredentials

      public static boolean existsSecurityCredentials(java.lang.String userToken)
      Checks if user credentials existing.
      Parameters:
      userToken - name of the credential file
      Returns:
      boolean, if exists
    • loadSecurityCredentials

      public static SecurityCredentials loadSecurityCredentials(java.lang.String userToken)
      Loads the user credentials from the file system.
      Parameters:
      userToken - name of the credential file
      Returns:
      the credentials or NONE
    • getSecurityPath

      public static SFile getSecurityPath()
      Loads the path to the configured security folder, if existing.

      Please note: A SFile referenced to a security folder cannot access the files. The content of the files in the security path should never have passed to DSL scripts.

      Returns:
      SFile folder or null