Package io.undertow.servlet.handlers.security

Class ServletConfidentialityConstraintHandler

java.lang.Object

io.undertow.security.handlers.AbstractConfidentialityHandler

io.undertow.security.handlers.SinglePortConfidentialityHandler

io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler

All Implemented Interfaces:

io.undertow.server.HttpHandler

public class ServletConfidentialityConstraintHandler
extends io.undertow.security.handlers.SinglePortConfidentialityHandler

Servlet specific extension to SinglePortConfidentialityHandler

Author:

Darran Lofthouse

Constructor Summary

Constructors

Constructor	Description
ServletConfidentialityConstraintHandler(ConfidentialPortManager portManager, io.undertow.server.HttpHandler next)

Method Summary

Modifier and Type	Method	Description
protected boolean	confidentialityRequired(io.undertow.server.HttpServerExchange exchange)
protected java.net.URI	getRedirectURI(io.undertow.server.HttpServerExchange exchange)
void	handleRequest(io.undertow.server.HttpServerExchange exchange)
protected boolean	isConfidential(io.undertow.server.HttpServerExchange exchange)	Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential.

Methods inherited from class io.undertow.security.handlers.SinglePortConfidentialityHandler

getRedirectURI

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ServletConfidentialityConstraintHandler

public ServletConfidentialityConstraintHandler(ConfidentialPortManager portManager,
                                               io.undertow.server.HttpHandler next)

Method Detail

handleRequest

public void handleRequest(io.undertow.server.HttpServerExchange exchange)
                   throws java.lang.Exception

Specified by:

handleRequest in interface io.undertow.server.HttpHandler

Overrides:

handleRequest in class io.undertow.security.handlers.AbstractConfidentialityHandler

Throws:

java.lang.Exception

confidentialityRequired

protected boolean confidentialityRequired(io.undertow.server.HttpServerExchange exchange)

Overrides:

confidentialityRequired in class io.undertow.security.handlers.AbstractConfidentialityHandler

getRedirectURI

protected java.net.URI getRedirectURI(io.undertow.server.HttpServerExchange exchange)
                               throws java.net.URISyntaxException

Overrides:

getRedirectURI in class io.undertow.security.handlers.SinglePortConfidentialityHandler

Throws:

java.net.URISyntaxException

isConfidential

protected boolean isConfidential(io.undertow.server.HttpServerExchange exchange)

Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential. Here we say 'sufficiently' as sub-classes can override this and maybe even go so far as querying the actual SSLSession.

Overrides:

isConfidential in class io.undertow.security.handlers.AbstractConfidentialityHandler

Parameters:

exchange - - The HttpServerExchange for the request being processed.

Returns:

true if the request is 'sufficiently' confidential, false otherwise.