public abstract class HttpCheckLoginHelper extends Object
HttpLoginService
.Modifier and Type | Field and Description |
---|---|
static String |
LOGIN_URL_HEADER |
static String |
PAGE_TOKEN_HEADER |
static String |
PAGE_TOKEN_VARIABLE |
Constructor and Description |
---|
HttpCheckLoginHelper() |
Modifier and Type | Method and Description |
---|---|
static Principal |
checkLogin(HttpLoginService service,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Call
HttpLoginService.checkLogin(HttpServletRequest) and
write a HTTP unauthorized status (401) with the login URL contained in
the response header "X-HTTP-util-login-url" , if no user is logged in. |
static Principal |
checkLogin(HttpLoginService service,
PageTokenService pageTokenService,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Performs the following steps to authenticate an HTTP request:
Check the request for a "X-HTTP-util-page-token" header.
|
static Principal |
checkLogin(HttpLoginService service,
PageTokenService pageTokenService,
String pageToken,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Performs the following steps to authenticate an HTTP request:
Check the caller-extracted page token using
PageTokenService.checkPageToken(HttpServletRequest, String)
Call HttpLoginService.checkLogin(HttpServletRequest) to check
for a user being logged in. |
static boolean |
checkPermission(HttpLoginService service,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Call
HttpLoginService.checkPermission(HttpServletRequest, String)
on a context URL composed from the request URL without server and protocol. |
static Locale |
getLoginLocale(HttpLoginService service,
javax.servlet.http.HttpServletRequest req)
Return the login locale of the given request.
|
static TimeZone |
getLoginTimeZone(HttpLoginService service,
javax.servlet.http.HttpServletRequest req)
Return the login time zone of the given request.
|
static String |
getPageToken(javax.servlet.http.HttpServletRequest req)
Try to extract a page token from a request by either
the "X-HTTP-util-page-token" HTTP header or the
value of the form parameter "pageToken",
if the content type of the request is
application/x-www-form-urlencoded . |
static void |
sendLoginRequired(javax.servlet.http.HttpServletResponse resp,
String loginUrl)
Write a HTTP unauthorized status (401) with the login URL contained in
the response header
"X-HTTP-util-login-url" as response
to the client. |
public static final String LOGIN_URL_HEADER
public static final String PAGE_TOKEN_HEADER
public static final String PAGE_TOKEN_VARIABLE
public static final Principal checkLogin(HttpLoginService service, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
HttpLoginService.checkLogin(HttpServletRequest)
and
write a HTTP unauthorized status (401) with the login URL contained in
the response header "X-HTTP-util-login-url"
, if no user is logged in.service
- The login service.req
- The servlet request.resp
- The servlet response.null
is returned,
a servlet response with status 401 has been written by this method
and the servlet has to return immediately.IOException
- Upon errors writing a response.sendLoginRequired(HttpServletResponse, String)
public static final String getPageToken(javax.servlet.http.HttpServletRequest req)
application/x-www-form-urlencoded
.req
- The request to check.public static final Principal checkLogin(HttpLoginService service, PageTokenService pageTokenService, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
application/x-www-form-urlencoded
,
check the submitted form data for a parameter with
name "pageToken".PageTokenService.checkPageToken(HttpServletRequest, String)
HttpLoginService.checkLogin(HttpServletRequest)
to check
for a user being logged in.
"X-HTTP-util-login-url"
.service
- The login service.pageTokenService
- The XSRF page token service.req
- The servlet request.resp
- The servlet response.null
is returned,
a servlet response with status 401 has been written by this method
and the servlet has to return immediately.IOException
- Upon errors writing a response.sendLoginRequired(HttpServletResponse, String)
public static final Principal checkLogin(HttpLoginService service, PageTokenService pageTokenService, String pageToken, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
PageTokenService.checkPageToken(HttpServletRequest, String)
HttpLoginService.checkLogin(HttpServletRequest)
to check
for a user being logged in.
"X-HTTP-util-login-url"
.service
- The login service.pageTokenService
- The XSRF page token service.pageToken
- The page token deduced by the caller.req
- The servlet request.resp
- The servlet response.null
is returned,
a servlet response with status 401 has been written by this method
and the servlet has to return immediately.IOException
- Upon errors writing a response.sendLoginRequired(HttpServletResponse, String)
public static final Locale getLoginLocale(HttpLoginService service, javax.servlet.http.HttpServletRequest req)
HttpLoginService
compiled against http-util-1.5.0
or earlier , where the method
HttpLoginService.getLocale(HttpServletRequest)
was
not contained in the interface.service
- The login service of choice.req
- The servlet request.HttpLoginService.getLocale(HttpServletRequest)
or the locale returned by ServletRequest.getLocale()
,
if HttpLoginService.getLocale(HttpServletRequest)
is not
implemented by the given service instance.public static final TimeZone getLoginTimeZone(HttpLoginService service, javax.servlet.http.HttpServletRequest req)
HttpLoginService
compiled against http-util-1.6.0
or earlier, where the method
HttpLoginService.getTimeZone(HttpServletRequest)
was
not contained in the interface.service
- The login service of choice.req
- The servlet request.HttpLoginService.getTimeZone(HttpServletRequest)
or the time zone returned by TimeZone.getDefault()
,
if HttpLoginService.getTimeZone(HttpServletRequest)
is not
implemented by the given service instance.public static final void sendLoginRequired(javax.servlet.http.HttpServletResponse resp, String loginUrl) throws IOException
"X-HTTP-util-login-url"
as response
to the client.resp
- The servlet response.loginUrl
- A login URL as returned by HttpLoginService.getLoginUrl()
.IOException
- Upon errors writing to the servlet response.public static final boolean checkPermission(HttpLoginService service, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws IOException
HttpLoginService.checkPermission(HttpServletRequest, String)
on a context URL composed from the request URL without server and protocol.
If permission is denied a HTTP forbidden response (403) is written
to the response.service
- The login service.req
- The servlet request.resp
- The servlet response.false
is returned,
a servlet response has written and the servlet has
to return immediately.IOException
- Upon errors writing a response.Copyright © 2018 Clazzes.org. All rights reserved.