svn commit: r1732149 - /tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/SecurityConstraint.java

Wed, 24 Feb 2016 05:20:40 -0800 

Author: markt
Date: Wed Feb 24 13:20:17 2016
New Revision: 1732149

URL: http://svn.apache.org/viewvc?rev=1732149&view=rev
Log:
De-duplication

Modified:
    
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/SecurityConstraint.java

Modified: 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/SecurityConstraint.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/SecurityConstraint.java?rev=1732149&r1=1732148&r2=1732149&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/SecurityConstraint.java 
(original)
+++ 
tomcat/trunk/java/org/apache/tomcat/util/descriptor/web/SecurityConstraint.java 
Wed Feb 24 13:20:17 2016
@@ -724,32 +724,7 @@ public class SecurityConstraint implemen
             // pattern is fully covered.
             omittedMethods.removeAll(methods);
 
-            if (omittedMethods.size() > 0) {
-                StringBuilder msg = new StringBuilder();
-                for (String method : omittedMethods) {
-                    msg.append(method);
-                    msg.append(' ');
-                }
-                if (denyUncoveredHttpMethods) {
-                    log.info(sm.getString(
-                            "securityConstraint.uncoveredHttpOmittedMethodFix",
-                            pattern, msg.toString().trim()));
-                    SecurityCollection collection = new SecurityCollection();
-                    for (String method : omittedMethods) {
-                        collection.addMethod(method);
-                    }
-                    collection.addPattern(pattern);
-                    collection.setName("deny-uncovered-http-methods");
-                    SecurityConstraint constraint = new SecurityConstraint();
-                    constraint.setAuthConstraint(true);
-                    constraint.addCollection(collection);
-                    newConstraints.add(constraint);
-                } else {
-                    log.error(sm.getString(
-                            "securityConstraint.uncoveredHttpOmittedMethod",
-                            pattern, msg.toString().trim()));
-                }
-            }
+            handleOmittedMethods(omittedMethods, pattern, 
denyUncoveredHttpMethods, newConstraints, log);
         }
         for (Map.Entry<String, Set<String>> entry :
                 urlOmittedMethodMap.entrySet()) {
@@ -759,37 +734,41 @@ public class SecurityConstraint implemen
                 continue;
             }
 
-            Set<String> omittedMethods = entry.getValue();
+            handleOmittedMethods(entry.getValue(), pattern, 
denyUncoveredHttpMethods,
+                    newConstraints, log);
+        }
 
-            if (omittedMethods.size() > 0) {
-                StringBuilder msg = new StringBuilder();
+        return newConstraints.toArray(new 
SecurityConstraint[newConstraints.size()]);
+    }
+
+
+    private static void handleOmittedMethods(Set<String> omittedMethods, 
String pattern,
+            boolean denyUncoveredHttpMethods, List<SecurityConstraint> 
newConstraints, Log log) {
+        if (omittedMethods.size() > 0) {
+            StringBuilder msg = new StringBuilder();
+            for (String method : omittedMethods) {
+                msg.append(method);
+                msg.append(' ');
+            }
+            if (denyUncoveredHttpMethods) {
+                log.info(sm.getString(
+                        "securityConstraint.uncoveredHttpOmittedMethodFix",
+                        pattern, msg.toString().trim()));
+                SecurityCollection collection = new SecurityCollection();
                 for (String method : omittedMethods) {
-                    msg.append(method);
-                    msg.append(' ');
-                }
-                if (denyUncoveredHttpMethods) {
-                    log.info(sm.getString(
-                            "securityConstraint.uncoveredHttpOmittedMethodFix",
-                            pattern, msg.toString().trim()));
-                    SecurityCollection collection = new SecurityCollection();
-                    for (String method : omittedMethods) {
-                        collection.addMethod(method);
-                    }
-                    collection.addPattern(pattern);
-                    collection.setName("deny-uncovered-http-methods");
-                    SecurityConstraint constraint = new SecurityConstraint();
-                    constraint.setAuthConstraint(true);
-                    constraint.addCollection(collection);
-                    newConstraints.add(constraint);
-                } else {
-                    log.error(sm.getString(
-                            "securityConstraint.uncoveredHttpOmittedMethod",
-                            pattern, msg.toString().trim()));
+                    collection.addMethod(method);
                 }
+                collection.addPattern(pattern);
+                collection.setName("deny-uncovered-http-methods");
+                SecurityConstraint constraint = new SecurityConstraint();
+                constraint.setAuthConstraint(true);
+                constraint.addCollection(collection);
+                newConstraints.add(constraint);
+            } else {
+                log.error(sm.getString(
+                        "securityConstraint.uncoveredHttpOmittedMethod",
+                        pattern, msg.toString().trim()));
             }
         }
-
-        return newConstraints.toArray(
-                new SecurityConstraint[newConstraints.size()]);
     }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to