Class SecurityUtils
java.lang.Object
net.sourceforge.plantuml.security.SecurityUtils
public class SecurityUtils
extends java.lang.Object
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final java.lang.String
Indicates, that we have no authentication and credentials to access the URL.static final java.lang.String
Whitelist of paths from where scripts can load data.static final java.lang.String
Java class paths to import files from.static final java.lang.String
Paths to include files.static final java.lang.String
Paths to folders with security specific content (not allowed to read via SFile).static final java.lang.String
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic boolean
static java.io.FileOutputStream
createFileOutputStream
(java.lang.String path) static java.io.FileReader
createFileReader
(java.lang.String path) static java.io.PrintStream
createPrintStream
(java.io.OutputStream os) static java.io.PrintStream
createPrintStream
(java.io.OutputStream os, boolean autoFlush, java.lang.String charset) static java.io.PrintStream
createPrintStream
(java.io.OutputStream os, boolean autoFlush, java.nio.charset.Charset charset) static java.io.PrintWriter
createPrintWriter
(java.io.OutputStream os) static java.io.PrintWriter
createPrintWriter
(java.io.OutputStream os, boolean append) static java.io.PrintWriter
createPrintWriter
(java.lang.String path) static boolean
existsSecurityCredentials
(java.lang.String userToken) Checks if user credentials existing.static SecurityAccessInterceptor
getAccessInterceptor
(SecurityAuthentication authentication) Returns the authentication interceptor for aSecurityAuthentication
.static SecurityAuthorizeManager
getAuthenticationManager
(SecurityCredentials credentialConfiguration) Returns the authorize-manager for a security credentials configuration.static java.lang.String
getenv
(java.lang.String name) static java.util.List<SFile>
getPath
(java.lang.String prop) static SFile
Loads the path to the configured security folder, if existing.static SecurityProfile
static boolean
ignoreThisLink
(java.lang.String url) static boolean
Configuration for Non-SSL authentication methods.static boolean
isSecurityEnv
(java.lang.String name) Checks the environment variable and returns true if the variable is used in security context.static SecurityCredentials
loadSecurityCredentials
(java.lang.String userToken) Loads the user credentials from the file system.static java.awt.image.BufferedImage
readRasterImage
(javax.swing.ImageIcon imageIcon) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Field Details
-
NO_CREDENTIALS
public static final java.lang.String NO_CREDENTIALSIndicates, that we have no authentication and credentials to access the URL.- See Also:
-
PATHS_CLASSES
public static final java.lang.String PATHS_CLASSESJava class paths to import files from.- See Also:
-
PATHS_INCLUDES
public static final java.lang.String PATHS_INCLUDESPaths to include files.- See Also:
-
PATHS_ALLOWED
public static final java.lang.String PATHS_ALLOWEDWhitelist of paths from where scripts can load data.- See Also:
-
PATHS_SECURITY
public static final java.lang.String PATHS_SECURITYPaths to folders with security specific content (not allowed to read via SFile).- See Also:
-
SECURITY_ALLOW_NONSSL_AUTH
public static final java.lang.String SECURITY_ALLOW_NONSSL_AUTH- See Also:
-
-
Constructor Details
-
SecurityUtils
public SecurityUtils()
-
-
Method Details
-
getSecurityProfile
-
ignoreThisLink
public static boolean ignoreThisLink(java.lang.String url) -
getenv
public static java.lang.String getenv(java.lang.String name) -
isSecurityEnv
public static boolean isSecurityEnv(java.lang.String name) Checks the environment variable and returns true if the variable is used in security context. In this case, the value should not be displayed in scripts.- Parameters:
name
- Environment variable to check- Returns:
- true, if this is a secret variable
-
isNonSSLAuthenticationAllowed
public static boolean isNonSSLAuthenticationAllowed()Configuration for Non-SSL authentication methods.- Returns:
- true, if plantUML should allow authentication in plain connections (without encryption).
- See Also:
-
getPath
-
allowSvgText
public static boolean allowSvgText() -
createPrintWriter
public static java.io.PrintWriter createPrintWriter(java.io.OutputStream os) -
createPrintWriter
public static java.io.PrintWriter createPrintWriter(java.io.OutputStream os, boolean append) -
createPrintStream
public static java.io.PrintStream createPrintStream(java.io.OutputStream os) -
createPrintStream
public static java.io.PrintStream createPrintStream(java.io.OutputStream os, boolean autoFlush, java.lang.String charset) throws java.io.UnsupportedEncodingException - Throws:
java.io.UnsupportedEncodingException
-
createPrintStream
public static java.io.PrintStream createPrintStream(java.io.OutputStream os, boolean autoFlush, java.nio.charset.Charset charset) throws java.io.UnsupportedEncodingException - Throws:
java.io.UnsupportedEncodingException
-
readRasterImage
public static java.awt.image.BufferedImage readRasterImage(javax.swing.ImageIcon imageIcon) -
createFileReader
public static java.io.FileReader createFileReader(java.lang.String path) throws java.io.FileNotFoundException - Throws:
java.io.FileNotFoundException
-
createPrintWriter
public static java.io.PrintWriter createPrintWriter(java.lang.String path) throws java.io.FileNotFoundException - Throws:
java.io.FileNotFoundException
-
createFileOutputStream
public static java.io.FileOutputStream createFileOutputStream(java.lang.String path) throws java.io.FileNotFoundException - Throws:
java.io.FileNotFoundException
-
getAuthenticationManager
public static SecurityAuthorizeManager getAuthenticationManager(SecurityCredentials credentialConfiguration) Returns the authorize-manager for a security credentials configuration.- Parameters:
credentialConfiguration
- the credentials- Returns:
- the manager.
-
getAccessInterceptor
Returns the authentication interceptor for aSecurityAuthentication
.- Parameters:
authentication
- the authentication data- Returns:
- the interceptor.
-
existsSecurityCredentials
public static boolean existsSecurityCredentials(java.lang.String userToken) Checks if user credentials existing.- Parameters:
userToken
- name of the credential file- Returns:
- boolean, if exists
-
loadSecurityCredentials
Loads the user credentials from the file system.- Parameters:
userToken
- name of the credential file- Returns:
- the credentials or NONE
-
getSecurityPath
Loads the path to the configured security folder, if existing.Please note: A SFile referenced to a security folder cannot access the files. The content of the files in the security path should never have passed to DSL scripts.
- Returns:
- SFile folder or null
-