Class ServletConfidentialityConstraintHandler

java.lang.Object
io.undertow.security.handlers.AbstractConfidentialityHandler
io.undertow.security.handlers.SinglePortConfidentialityHandler
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler
All Implemented Interfaces:
io.undertow.server.HttpHandler

public class ServletConfidentialityConstraintHandler extends io.undertow.security.handlers.SinglePortConfidentialityHandler
Servlet specific extension to SinglePortConfidentialityHandler
Author:
Darran Lofthouse
  • Constructor Details

    • ServletConfidentialityConstraintHandler

      public ServletConfidentialityConstraintHandler(ConfidentialPortManager portManager, io.undertow.server.HttpHandler next)
  • Method Details

    • handleRequest

      public void handleRequest(io.undertow.server.HttpServerExchange exchange) throws Exception
      Specified by:
      handleRequest in interface io.undertow.server.HttpHandler
      Overrides:
      handleRequest in class io.undertow.security.handlers.AbstractConfidentialityHandler
      Throws:
      Exception
    • confidentialityRequired

      protected boolean confidentialityRequired(io.undertow.server.HttpServerExchange exchange)
      Overrides:
      confidentialityRequired in class io.undertow.security.handlers.AbstractConfidentialityHandler
    • getRedirectURI

      protected URI getRedirectURI(io.undertow.server.HttpServerExchange exchange) throws URISyntaxException
      Overrides:
      getRedirectURI in class io.undertow.security.handlers.SinglePortConfidentialityHandler
      Throws:
      URISyntaxException
    • isConfidential

      protected boolean isConfidential(io.undertow.server.HttpServerExchange exchange)
      Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential. Here we say 'sufficiently' as sub-classes can override this and maybe even go so far as querying the actual SSLSession.
      Overrides:
      isConfidential in class io.undertow.security.handlers.AbstractConfidentialityHandler
      Parameters:
      exchange - - The HttpServerExchange for the request being processed.
      Returns:
      true if the request is 'sufficiently' confidential, false otherwise.