|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.clazzes.util.http.sec.HttpCheckLoginHelper
public abstract class HttpCheckLoginHelper
A static helper for serlvets, which perform access checks on behalf
of a HttpLoginService
.
Field Summary | |
---|---|
static String |
LOGIN_URL_HEADER
|
Constructor Summary | |
---|---|
HttpCheckLoginHelper()
|
Method Summary | |
---|---|
static Principal |
checkLogin(HttpLoginService service,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Call HttpLoginService.checkLogin(HttpServletRequest) and
write a HTTP unauthorized status (401) with the login URL contained in
the response header "X-HTTP-util-login-url" , if no user is logged in. |
static boolean |
checkPermission(HttpLoginService service,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Call HttpLoginService.checkPermission(HttpServletRequest, String)
on a context URL composed from the request URL without server and protocol. |
static Locale |
getLoginLocale(HttpLoginService service,
javax.servlet.http.HttpServletRequest req)
Return the login locale of the given request. |
static TimeZone |
getLoginTimeZone(HttpLoginService service,
javax.servlet.http.HttpServletRequest req)
Return the login time zone of the given request. |
static void |
sendLoginRequired(javax.servlet.http.HttpServletResponse resp,
String loginUrl)
Write a HTTP unauthorized status (401) with the login URL contained in the response header "X-HTTP-util-login-url" as response
to the client. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String LOGIN_URL_HEADER
Constructor Detail |
---|
public HttpCheckLoginHelper()
Method Detail |
---|
public static final Principal checkLogin(HttpLoginService service, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
HttpLoginService.checkLogin(HttpServletRequest)
and
write a HTTP unauthorized status (401) with the login URL contained in
the response header "X-HTTP-util-login-url"
, if no user is logged in.
service
- The login service.req
- The servlet request.resp
- The servlet response.
null
is returned,
a servlet response with status 401 has been written by this method
and the servlet has to return immediately.
IOException
- Upon errors writing a response.sendLoginRequired(HttpServletResponse, String)
public static final Locale getLoginLocale(HttpLoginService service, javax.servlet.http.HttpServletRequest req)
HttpLoginService
compiled against http-util-1.5.0
or earlier , where the method
HttpLoginService.getLocale(HttpServletRequest)
was
not contained in the interface.
service
- The login service of choice.req
- The servlet request.
HttpLoginService.getLocale(HttpServletRequest)
or the locale returned by ServletRequest.getLocale()
,
if HttpLoginService.getLocale(HttpServletRequest)
is not
implemented by the given service instance.public static final TimeZone getLoginTimeZone(HttpLoginService service, javax.servlet.http.HttpServletRequest req)
HttpLoginService
compiled against http-util-1.6.0
or earlier, where the method
HttpLoginService.getTimeZone(HttpServletRequest)
was
not contained in the interface.
service
- The login service of choice.req
- The servlet request.
HttpLoginService.getTimeZone(HttpServletRequest)
or the time zone returned by TimeZone.getDefault()
,
if HttpLoginService.getTimeZone(HttpServletRequest)
is not
implemented by the given service instance.public static final void sendLoginRequired(javax.servlet.http.HttpServletResponse resp, String loginUrl) throws IOException
"X-HTTP-util-login-url"
as response
to the client.
resp
- The servlet response.loginUrl
- A login URL as returned by HttpLoginService.getLoginUrl()
.
IOException
- Upon errors writing to the servlet response.public static final boolean checkPermission(HttpLoginService service, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
HttpLoginService.checkPermission(HttpServletRequest, String)
on a context URL composed from the request URL without server and protocol.
If permission is denied a HTTP forbidden response (403) is written
to the response.
service
- The login service.req
- The servlet request.resp
- The servlet response.
false
is returned,
a servlet response has written and the servlet has
to return immediately.
IOException
- Upon errors writing a response.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |