Package io.undertow.security.handlers
Class AbstractConfidentialityHandler
java.lang.Object
io.undertow.security.handlers.AbstractConfidentialityHandler
- All Implemented Interfaces:
HttpHandler
- Direct Known Subclasses:
SinglePortConfidentialityHandler
Handler responsible for checking of confidentiality is required for the requested resource and if so rejecting the request
and redirecting to a secure address.
- Author:
- Darran Lofthouse
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
confidentialityRequired
(HttpServerExchange exchange) Use the HttpServerExchange to identify if confidentiality is required.protected abstract URI
getRedirectURI
(HttpServerExchange exchange) All sub-classes are required to provide an implementation of this method, using the HttpServerExchange for the current request return the address to use for a redirect should confidentiality be required and the request not be confidential.void
handleRequest
(HttpServerExchange exchange) Handle the request.protected boolean
isConfidential
(HttpServerExchange exchange) Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential.
-
Constructor Details
-
AbstractConfidentialityHandler
-
-
Method Details
-
handleRequest
Description copied from interface:HttpHandler
Handle the request.- Specified by:
handleRequest
in interfaceHttpHandler
- Parameters:
exchange
- the HTTP request/response exchange- Throws:
Exception
-
isConfidential
Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential. Here we say 'sufficiently' as sub-classes can override this and maybe even go so far as querying the actual SSLSession.- Parameters:
exchange
- - TheHttpServerExchange
for the request being processed.- Returns:
- true if the request is 'sufficiently' confidential, false otherwise.
-
confidentialityRequired
Use the HttpServerExchange to identify if confidentiality is required. This method currently returns true for all requests, sub-classes can override this to provide a custom check. TODO: we should deprecate this and just use a predicate to decide to execute the handler instead- Parameters:
exchange
- - TheHttpServerExchange
for the request being processed.- Returns:
- true if the request requires confidentiality, false otherwise.
-
getRedirectURI
All sub-classes are required to provide an implementation of this method, using the HttpServerExchange for the current request return the address to use for a redirect should confidentiality be required and the request not be confidential.- Parameters:
exchange
- - TheHttpServerExchange
for the request being processed.- Returns:
- The
URI
to redirect to. - Throws:
URISyntaxException
-