|
OSGi™ Service Platform Release 2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
This interface defines methods that the Http Service may call to get information about a registration.
Servlets and resources may be registered with an HttpContext object; if no HttpContext object is specified, a default HttpContext object is used. Servlets that are registered using the same HttpContext object will share the same ServletContext object.
This interface is implemented by users of the HttpService.
Field Summary | |
static java.lang.String |
AUTHENTICATION_TYPE
HttpServletRequest attribute specifying the scheme used in authentication. |
static java.lang.String |
AUTHORIZATION
HttpServletRequest attribute specifying the Authorization object obtained from the org.osgi.service.useradmin.UserAdmin service. |
static java.lang.String |
REMOTE_USER
HttpServletRequest attribute specifying the name of the authenticated user. |
Method Summary | |
java.lang.String |
getMimeType(java.lang.String name)
Maps a name to a MIME type. |
java.net.URL |
getResource(java.lang.String name)
Maps a resource name to a URL. |
boolean |
handleSecurity(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Handles security for the specified request. |
Field Detail |
public static final java.lang.String REMOTE_USER
public static final java.lang.String AUTHENTICATION_TYPE
public static final java.lang.String AUTHORIZATION
Method Detail |
public boolean handleSecurity(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException
The Http Service calls this method prior to servicing the specified request. This method controls whether the request is processed in the normal manner or an error is returned.
If the request requires authentication and the Authorization header in the request is missing or not acceptable, then this method should set the WWW-Authenticate header in the response object, set the status in the response object to Unauthorized(401) and return false. See also RFC 2617: HTTP Authentication: Basic and Digest Access Authentication (available at http://www.ietf.org/rfc/rfc2617.txt).
If the request requires a secure connection and the getScheme method in the request does not return 'https' or some other acceptable secure protocol, then this method should set the status in the response object to Forbidden(403) and return false.
When this method returns false, the Http Service will send the response back to the client, thereby completing the request. When this method returns true, the Http Service will proceed with servicing the request.
If the specified request has been authenticated, this method must
set the AUTHENTICATION_TYPE
request attribute
to the type of authentication used, and the
REMOTE_USER
request attribute to the
remote user (request attributes are set using the
setAttribute method on the request). If this method does not
perform any authentication, it must not set these attributes.
If the authenticated user is also authorized to access
certain resources, this method must set the
AUTHORIZATION
request attribute to the
Authorization object obtained from the
org.osgi.service.useradmin.UserAdmin service.
The servlet responsible for servicing the specified request determines the authentication type and remote user by calling the getAuthType and getRemoteUser methods, respectively, on the request.
request
- the HTTP requestresponse
- the HTTP response
java.io.IOException
- may be thrown by this method.
If this occurs, the Http Service will terminate the request and close
the socket.public java.net.URL getResource(java.lang.String name)
Called by the Http Service to map a resource name to a URL. For servlet registrations, Http Service will call this method to support the ServletContext methods getResource and getResourceAsStream. For resource registrations, Http Service will call this method to locate the named resource. The context can control from where resources come. For example, the resource can be mapped to a file in the bundle's persistent storage area via bundleContext.getDataFile(name).toURL() or to a resource in the context's bundle via getClass().getResource(name)
name
- the name of the requested resource
public java.lang.String getMimeType(java.lang.String name)
name
- determine the MIME type for this name.
|
OSGi™ Service Platform Release 2 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |