Class SecurityUtils
- java.lang.Object
-
- net.sourceforge.plantuml.security.SecurityUtils
-
public class SecurityUtils extends java.lang.Object
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringALLOWLIST_LOCAL_PATHSWhitelist of paths from where scripts can load data.static java.lang.StringALLOWLIST_URLWhitelist of urlsstatic java.lang.StringNO_CREDENTIALSIndicates, that we have no authentication and credentials to access the URL.static java.lang.StringPATHS_CLASSESJava class paths to import files from.static java.lang.StringPATHS_INCLUDESPaths to include files.static java.lang.StringPATHS_SECURITYPaths to folders with security specific content (not allowed to read via SFile).static java.lang.StringSECURITY_ALLOW_NONSSL_AUTH
-
Constructor Summary
Constructors Constructor Description SecurityUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static booleanallowSvgText()static java.io.FileOutputStreamcreateFileOutputStream(java.lang.String path)static java.io.FileReadercreateFileReader(java.lang.String path)static java.io.PrintStreamcreatePrintStream(java.io.OutputStream os)static java.io.PrintStreamcreatePrintStream(java.io.OutputStream os, boolean autoFlush, java.lang.String charset)static java.io.PrintStreamcreatePrintStream(java.io.OutputStream os, boolean autoFlush, java.nio.charset.Charset charset)static java.io.PrintWritercreatePrintWriter(java.io.OutputStream os)static java.io.PrintWritercreatePrintWriter(java.io.OutputStream os, boolean append)static java.io.PrintWritercreatePrintWriter(java.lang.String path)static booleanexistsSecurityCredentials(java.lang.String userToken)Checks if user credentials existing.static SecurityAccessInterceptorgetAccessInterceptor(SecurityAuthentication authentication)Returns the authentication interceptor for aSecurityAuthentication.static SecurityAuthorizeManagergetAuthenticationManager(SecurityCredentials credentialConfiguration)Returns the authorize-manager for a security credentials configuration.static java.lang.Stringgetenv(java.lang.String name)static java.util.List<SFile>getPath(java.lang.String prop)static SFilegetSecurityPath()Loads the path to the configured security folder, if existing.static SecurityProfilegetSecurityProfile()static booleanignoreThisLink(java.lang.String url)static booleanisNonSSLAuthenticationAllowed()Configuration for Non-SSL authentication methods.static SecurityCredentialsloadSecurityCredentials(java.lang.String userToken)Loads the user credentials from the file system.static java.awt.image.BufferedImagereadRasterImage(javax.swing.ImageIcon imageIcon)
-
-
-
Field Detail
-
NO_CREDENTIALS
public static final java.lang.String NO_CREDENTIALS
Indicates, that we have no authentication and credentials to access the URL.- See Also:
- Constant Field Values
-
PATHS_CLASSES
public static final java.lang.String PATHS_CLASSES
Java class paths to import files from.- See Also:
- Constant Field Values
-
PATHS_INCLUDES
public static final java.lang.String PATHS_INCLUDES
Paths to include files.- See Also:
- Constant Field Values
-
ALLOWLIST_LOCAL_PATHS
public static final java.lang.String ALLOWLIST_LOCAL_PATHS
Whitelist of paths from where scripts can load data.- See Also:
- Constant Field Values
-
ALLOWLIST_URL
public static final java.lang.String ALLOWLIST_URL
Whitelist of urls- See Also:
- Constant Field Values
-
PATHS_SECURITY
public static final java.lang.String PATHS_SECURITY
Paths to folders with security specific content (not allowed to read via SFile).- See Also:
- Constant Field Values
-
SECURITY_ALLOW_NONSSL_AUTH
public static final java.lang.String SECURITY_ALLOW_NONSSL_AUTH
- See Also:
- Constant Field Values
-
-
Method Detail
-
ignoreThisLink
public static boolean ignoreThisLink(java.lang.String url)
-
readRasterImage
public static java.awt.image.BufferedImage readRasterImage(javax.swing.ImageIcon imageIcon)
-
getSecurityProfile
public static SecurityProfile getSecurityProfile()
-
getenv
public static java.lang.String getenv(java.lang.String name)
-
isNonSSLAuthenticationAllowed
public static boolean isNonSSLAuthenticationAllowed()
Configuration for Non-SSL authentication methods.- Returns:
- true, if plantUML should allow authentication in plain connections (without encryption).
- See Also:
SECURITY_ALLOW_NONSSL_AUTH
-
getPath
public static java.util.List<SFile> getPath(java.lang.String prop)
-
allowSvgText
public static boolean allowSvgText()
-
createPrintWriter
public static java.io.PrintWriter createPrintWriter(java.io.OutputStream os)
-
createPrintWriter
public static java.io.PrintWriter createPrintWriter(java.io.OutputStream os, boolean append)
-
createPrintStream
public static java.io.PrintStream createPrintStream(java.io.OutputStream os)
-
createPrintStream
public static java.io.PrintStream createPrintStream(java.io.OutputStream os, boolean autoFlush, java.lang.String charset) throws java.io.UnsupportedEncodingException- Throws:
java.io.UnsupportedEncodingException
-
createPrintStream
public static java.io.PrintStream createPrintStream(java.io.OutputStream os, boolean autoFlush, java.nio.charset.Charset charset) throws java.io.UnsupportedEncodingException- Throws:
java.io.UnsupportedEncodingException
-
createFileReader
public static java.io.FileReader createFileReader(java.lang.String path) throws java.io.FileNotFoundException- Throws:
java.io.FileNotFoundException
-
createPrintWriter
public static java.io.PrintWriter createPrintWriter(java.lang.String path) throws java.io.FileNotFoundException- Throws:
java.io.FileNotFoundException
-
createFileOutputStream
public static java.io.FileOutputStream createFileOutputStream(java.lang.String path) throws java.io.FileNotFoundException- Throws:
java.io.FileNotFoundException
-
getAuthenticationManager
public static SecurityAuthorizeManager getAuthenticationManager(SecurityCredentials credentialConfiguration)
Returns the authorize-manager for a security credentials configuration.- Parameters:
credentialConfiguration- the credentials- Returns:
- the manager.
-
getAccessInterceptor
public static SecurityAccessInterceptor getAccessInterceptor(SecurityAuthentication authentication)
Returns the authentication interceptor for aSecurityAuthentication.- Parameters:
authentication- the authentication data- Returns:
- the interceptor.
-
existsSecurityCredentials
public static boolean existsSecurityCredentials(java.lang.String userToken)
Checks if user credentials existing.- Parameters:
userToken- name of the credential file- Returns:
- boolean, if exists
-
loadSecurityCredentials
public static SecurityCredentials loadSecurityCredentials(java.lang.String userToken)
Loads the user credentials from the file system.- Parameters:
userToken- name of the credential file- Returns:
- the credentials or NONE
-
getSecurityPath
public static SFile getSecurityPath()
Loads the path to the configured security folder, if existing.Please note: A SFile referenced to a security folder cannot access the files. The content of the files in the security path should never have passed to DSL scripts.
- Returns:
- SFile folder or null
-
-