Package io.undertow.servlet.handlers.security

Class ServletConfidentialityConstraintHandler

java.lang.Object

io.undertow.security.handlers.AbstractConfidentialityHandler

io.undertow.security.handlers.SinglePortConfidentialityHandler

io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler

All Implemented Interfaces:

HttpHandler

public class ServletConfidentialityConstraintHandler
extends SinglePortConfidentialityHandler

Servlet specific extension to SinglePortConfidentialityHandler

Author:

Darran Lofthouse

Constructor Summary

Constructors

Constructor	Description
ServletConfidentialityConstraintHandler(ConfidentialPortManager portManager, HttpHandler next)

Method Summary

Modifier and Type	Method	Description
protected boolean	confidentialityRequired(HttpServerExchange exchange)	Use the HttpServerExchange to identify if confidentiality is required.
protected URI	getRedirectURI(HttpServerExchange exchange)	All sub-classes are required to provide an implementation of this method, using the HttpServerExchange for the current request return the address to use for a redirect should confidentiality be required and the request not be confidential.
void	handleRequest(HttpServerExchange exchange)	Handle the request.
protected boolean	isConfidential(HttpServerExchange exchange)	Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential.

Methods inherited from class io.undertow.security.handlers.SinglePortConfidentialityHandler

getRedirectURI

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ServletConfidentialityConstraintHandler

public ServletConfidentialityConstraintHandler(ConfidentialPortManager portManager,
 HttpHandler next)

Method Details

handleRequest

public void handleRequest(HttpServerExchange exchange)
                   throws Exception

Description copied from interface: HttpHandler

Handle the request.

Specified by:

handleRequest in interface HttpHandler

Overrides:

handleRequest in class AbstractConfidentialityHandler

Parameters:

exchange - the HTTP request/response exchange

Throws:

Exception

confidentialityRequired

protected boolean confidentialityRequired(HttpServerExchange exchange)

Description copied from class: AbstractConfidentialityHandler

Use the HttpServerExchange to identify if confidentiality is required. This method currently returns true for all requests, sub-classes can override this to provide a custom check. TODO: we should deprecate this and just use a predicate to decide to execute the handler instead

Overrides:

confidentialityRequired in class AbstractConfidentialityHandler

Parameters:

exchange - - The HttpServerExchange for the request being processed.

Returns:

true if the request requires confidentiality, false otherwise.

getRedirectURI

protected URI getRedirectURI(HttpServerExchange exchange)
                      throws URISyntaxException

Description copied from class: AbstractConfidentialityHandler

All sub-classes are required to provide an implementation of this method, using the HttpServerExchange for the current request return the address to use for a redirect should confidentiality be required and the request not be confidential.

Overrides:

getRedirectURI in class SinglePortConfidentialityHandler

Parameters:

exchange - - The HttpServerExchange for the request being processed.

Returns:

The URI to redirect to.

Throws:

URISyntaxException

isConfidential

protected boolean isConfidential(HttpServerExchange exchange)

Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential. Here we say 'sufficiently' as sub-classes can override this and maybe even go so far as querying the actual SSLSession.

Overrides:

isConfidential in class AbstractConfidentialityHandler

Parameters:

exchange - - The HttpServerExchange for the request being processed.

Returns:

true if the request is 'sufficiently' confidential, false otherwise.