PageflowHelper


1   /*
2    * Copyright 2004 The Apache Software Foundation.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *     http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   * $Header:$
17   */
18  package org.apache.beehive.netui.tomcat;
19  
20  import javax.servlet.http.HttpServletRequest  ;
21  import javax.servlet.http.HttpServletResponse  ;
22  import javax.servlet.ServletContext  ;
23  import javax.security.auth.login.LoginException  ;
24  
25  public interface PageflowHelper
26  {
27      public static final String   PAGEFLOW_HELPER_KEY = "PAGEFLOW_HELPER";
28  
29      public void login( String   username, String   password, HttpServletRequest   request )
30              throws LoginException  ;
31  
32      public void logout( boolean invalidateSessions, HttpServletRequest   request );
33  
34      /**
35       * Causes the server to do a security check for the given URI.  If required, it does a redirect to
36       * change the scheme (http/https).
37       *
38       * @param uri
39       * @param request
40       * @param response
41       * @return <code>true</code> if a redirect occurred.
42       */
43      public boolean doSecurityRedirect( String   uri, HttpServletRequest   request, HttpServletResponse   response,
44                                         ServletContext   servletContext );
45  
46      /**
47       * Tell whether a web application resource requires a secure transport protocol.  This is
48       * determined from web.xml; for example, the following block specifies that all resources under
49       * /login require a secure transport protocol.
50       * <pre>
51       *    &lt;security-constraint&gt;
52       *        &lt;web-resource-collection&gt;
53       *          &lt;web-resource-name&gt;Secure PageFlow - begin&lt;/web-resource-name&gt;
54       *          &lt;url-pattern&gt;/login/*&lt;/url-pattern&gt;
55       *        &lt;/web-resource-collection&gt;
56       *        &lt;user-data-constraint&gt;
57       *           &lt;transport-guarantee&gt;CONFIDENTIAL&lt;/transport-guarantee&gt;
58       *        &lt;/user-data-constraint&gt;
59       *    &lt;/security-constraint&gt;
60       * </pre>
61       *
62       * @param uri a webapp-relative URI for a resource.  There must not be query parameters or a scheme
63       *            on the URI.
64       * @param request the current Request
65       * @return <code>Boolean.TRUE</code> if a transport-guarantee of <code>CONFIDENTIAL</code> or
66       *         <code>INTEGRAL</code> is associated with the given resource; <code>Boolean.FALSE</code>
67       *         a transport-guarantee of <code>NONE</code> is associated with the given resource; or
68       *         <code>null</code> if there is no transport-guarantee associated with the given resource.
69       */
70      public Boolean   isSecureResource( String   uri, HttpServletRequest   request );
71  
72      public int getListenPort( HttpServletRequest   request );
73  
74      public int getSecureListenPort( HttpServletRequest   request );
75  
76  
77  }
78
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags