Package net.sourceforge.plantuml.security

Class SecurityUtils

java.lang.Object

net.sourceforge.plantuml.security.SecurityUtils

public class SecurityUtils
extends Object

Field Summary

Fields

Modifier and Type	Field	Description
static String	ALLOWLIST_LOCAL_PATHS	Whitelist of paths from where scripts can load data.
static String	ALLOWLIST_URL	Whitelist of urls
static String	NO_CREDENTIALS	Indicates, that we have no authentication and credentials to access the URL.
static String	PATHS_CLASSES	Java class paths to import files from.
static String	PATHS_INCLUDES	Paths to include files.
static String	PATHS_SECURITY	Paths to folders with security specific content (not allowed to read via SFile).
static String	SECURITY_ALLOW_NONSSL_AUTH

Constructor Summary

Constructors

Constructor	Description
SecurityUtils()

Method Summary

Modifier and Type	Method	Description
static boolean	allowSvgText()
static FileOutputStream	createFileOutputStream(String path)
static FileReader	createFileReader(String path)
static PrintStream	createPrintStream(OutputStream os)
static PrintStream	createPrintStream(OutputStream os, boolean autoFlush, String charset)
static PrintStream	createPrintStream(OutputStream os, boolean autoFlush, Charset charset)
static PrintWriter	createPrintWriter(OutputStream os)
static PrintWriter	createPrintWriter(OutputStream os, boolean append)
static PrintWriter	createPrintWriter(String path)
static boolean	existsSecurityCredentials(String userToken)	Checks if user credentials existing.
static SecurityAccessInterceptor	getAccessInterceptor(SecurityAuthentication authentication)	Returns the authentication interceptor for a SecurityAuthentication.
static SecurityAuthorizeManager	getAuthenticationManager(SecurityCredentials credentialConfiguration)	Returns the authorize-manager for a security credentials configuration.
static String	getenv(String name)
static List<SFile>	getPath(String prop)
static SFile	getSecurityPath()	Loads the path to the configured security folder, if existing.
static SecurityProfile	getSecurityProfile()
static boolean	ignoreThisLink(String url)
static boolean	isNonSSLAuthenticationAllowed()	Configuration for Non-SSL authentication methods.
static boolean	isSecurityEnv(String name)	Checks the environment variable and returns true if the variable is used in security context.
static SecurityCredentials	loadSecurityCredentials(String userToken)	Loads the user credentials from the file system.
static BufferedImage	readRasterImage(ImageIcon imageIcon)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NO_CREDENTIALS

public static final String NO_CREDENTIALS

Indicates, that we have no authentication and credentials to access the URL.

See Also:

Constant Field Values

PATHS_CLASSES

public static final String PATHS_CLASSES

Java class paths to import files from.

See Also:

Constant Field Values

PATHS_INCLUDES

public static final String PATHS_INCLUDES

Paths to include files.

See Also:

Constant Field Values

ALLOWLIST_LOCAL_PATHS

public static final String ALLOWLIST_LOCAL_PATHS

Whitelist of paths from where scripts can load data.

See Also:

Constant Field Values

ALLOWLIST_URL

public static final String ALLOWLIST_URL

Whitelist of urls

See Also:

Constant Field Values

PATHS_SECURITY

public static final String PATHS_SECURITY

Paths to folders with security specific content (not allowed to read via SFile).

See Also:

Constant Field Values

SECURITY_ALLOW_NONSSL_AUTH

public static final String SECURITY_ALLOW_NONSSL_AUTH

See Also:

Constant Field Values

Constructor Detail

SecurityUtils

public SecurityUtils()

Method Detail

getSecurityProfile

public static SecurityProfile getSecurityProfile()

ignoreThisLink

public static boolean ignoreThisLink(String url)

getenv

public static String getenv(String name)

isSecurityEnv

public static boolean isSecurityEnv(String name)

Checks the environment variable and returns true if the variable is used in security context. In this case, the value should not be displayed in scripts.

Parameters:

name - Environment variable to check

Returns:

true, if this is a secret variable

isNonSSLAuthenticationAllowed

public static boolean isNonSSLAuthenticationAllowed()

Configuration for Non-SSL authentication methods.

Returns:

true, if plantUML should allow authentication in plain connections (without encryption).

See Also:

SECURITY_ALLOW_NONSSL_AUTH

getPath

public static List<SFile> getPath(String prop)

allowSvgText

public static boolean allowSvgText()

createPrintWriter

public static PrintWriter createPrintWriter(OutputStream os)

createPrintWriter

public static PrintWriter createPrintWriter(OutputStream os,
                                            boolean append)

createPrintStream

public static PrintStream createPrintStream(OutputStream os)

createPrintStream

public static PrintStream createPrintStream(OutputStream os,
                                            boolean autoFlush,
                                            String charset)
                                     throws UnsupportedEncodingException

Throws:

UnsupportedEncodingException

createPrintStream

public static PrintStream createPrintStream(OutputStream os,
                                            boolean autoFlush,
                                            Charset charset)
                                     throws UnsupportedEncodingException

Throws:

UnsupportedEncodingException

readRasterImage

public static BufferedImage readRasterImage(ImageIcon imageIcon)

createFileReader

public static FileReader createFileReader(String path)
                                   throws FileNotFoundException

Throws:

FileNotFoundException

createPrintWriter

public static PrintWriter createPrintWriter(String path)
                                     throws FileNotFoundException

Throws:

FileNotFoundException

createFileOutputStream

public static FileOutputStream createFileOutputStream(String path)
                                               throws FileNotFoundException

Throws:

FileNotFoundException

getAuthenticationManager

public static SecurityAuthorizeManager getAuthenticationManager(SecurityCredentials credentialConfiguration)

Returns the authorize-manager for a security credentials configuration.

Parameters:

credentialConfiguration - the credentials

Returns:

the manager.

getAccessInterceptor

public static SecurityAccessInterceptor getAccessInterceptor(SecurityAuthentication authentication)

Returns the authentication interceptor for a SecurityAuthentication.

Parameters:

authentication - the authentication data

Returns:

the interceptor.

existsSecurityCredentials

public static boolean existsSecurityCredentials(String userToken)

Checks if user credentials existing.

Parameters:

userToken - name of the credential file

Returns:

boolean, if exists

loadSecurityCredentials

public static SecurityCredentials loadSecurityCredentials(String userToken)

Loads the user credentials from the file system.

Parameters:

userToken - name of the credential file

Returns:

the credentials or NONE

getSecurityPath

public static SFile getSecurityPath()

Loads the path to the configured security folder, if existing.

Please note: A SFile referenced to a security folder cannot access the files. The content of the files in the security path should never have passed to DSL scripts.

Returns:

SFile folder or null