/******************************************************************************* * ============LICENSE_START==================================================== * * org.onap.aaf * * =========================================================================== * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. * * =========================================================================== * * Licensed under the Apache License, Version 2.0 (the "License"); * * you may not use this file except in compliance with the License. * * You may obtain a copy of the License at * * * * http://www.apache.org/licenses/LICENSE-2.0 * * * * Unless required by applicable law or agreed to in writing, software * * distributed under the License is distributed on an "AS IS" BASIS, * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * * See the License for the specific language governing permissions and * * limitations under the License. * * ============LICENSE_END==================================================== * * * * ECOMP is a trademark and service mark of AT&T Intellectual Property. * * ******************************************************************************/ /** * RolesAllowed * * * Similar to Java EE's Spec from Annotations 1.1, 2.8 * * That Spec, however, was geared towards being able to route calls to Methods on Objects, and thus needed a more refined * sense of permissions hierarchy. The same mechanism, however, can easily be achieved on single Servlet/Handlers in * POJOs like Jetty by simply adding the Roles Allowed in a similar Annotation * */ package com.att.cadi.filter; import static java.lang.annotation.ElementType.TYPE; import static java.lang.annotation.RetentionPolicy.RUNTIME; import java.lang.annotation.Retention; import java.lang.annotation.Target; /** * JASPI Style Annotation of RolesAllowed when the coding style is desired but actually including all * JEE jars is not. If using actual JASPI, use official @interface classes, not this one... * */ @Target({TYPE}) @Retention(RUNTIME) public @interface RolesAllowed { /** * Security role of the implementation, which doesn't have to be an EJB or CORBA like object. Can be just a * Handler * @return */ String[] value(); }