|
Oracle Fusion Middleware Java API for Oracle WebLogic Portal 10g Release 3 (10.3.2) E14255-01 |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object
com.bea.wsrp.consumer.resource.DefaultSecurityCheckResourceServletInterceptor
com.bea.wsrp.consumer.resource.WsrpResourceServletInterceptor
public class WsrpResourceServletInterceptor
Field Summary | |
---|---|
protected static javax.mail.internet.ContentType |
APPLICATION_X_WWW_FORM_URLENCODED application/x-www-form-urlencoded |
protected static String |
MIME_TYPE_WILD suffix for wild-card mime types e.g: text/* |
static HashSet<String> |
RESPONSE_HEADERS_TO_SKIP By default, the following response headers will not be sent to the client (Must be lower-case) content-length proxy-authenticate www-authenticate transfer-encoding |
Constructor Summary | |
---|---|
WsrpResourceServletInterceptor() |
Method Summary | |
---|---|
protected void |
addSkipParameterNames(IResourceServletRequestContext requestContext) Parameters not to send to the producer |
protected List<String> |
cookieCheck(List<String> cookieList) parse the cookies and block the consumer's JSESSION cookie |
protected void |
filterResponseHeaders(Map<String,List<String>> headers) Remove any unwanted headers from the response |
protected PortletParameters |
getAdditionalSecurityParameters() Get the security token parameter(s) |
protected int |
getConnectionEstablishmentTimeoutMSecs(IResourceServletRequestContext requestContext) Get the time-out for a connection to be established |
protected int |
getConnectionTimeoutMSecs(IResourceServletRequestContext requestContext) Get the time-out for a connection to be read |
protected List<String> |
getResponseCookies() Get the Set-Cookie values to add the response |
protected String |
getWindowLabel() Get the portlet's window label |
protected boolean |
isRewriteResource() Should the resource be rewritten |
protected boolean |
isTargetUrlNotMatchedByListsAllowed(IResourceServletRequestContext requestContext) Is the target URL allowed, it did not match any white or black list |
void |
onServletInit(javax.servlet.ServletConfig config) Setup the resource connection and header filter and the URL param from init-params |
Status.PostInvoke |
postInvoke(IResourceServletRequestContext requestContext, IResourceServletResponseContext responseContext) Rewrite the response (if needed) and add any Set-Cookie headers |
protected Status.PreInvoke |
preInvokeSetupRequestContext(IResourceServletRequestContext requestContext) Set the target URL or forward path along with other connection info |
protected byte[] |
readInputStream(IResourceServletRequestContext requestContext) Pre-read the intput stream so that reading POST parameters doesn't foul it up |
protected void |
sendPortletCookies(IResourceServletRequestContext requestContext) Add the producer's cookies to the url connection |
protected void |
sendPortletCookies(IResourceServletRequestContext requestContext, com.bea.wsrp.consumer.registry.ProducerRegistry producerRegistry) Sends portlet scoped cookies (init cookies + portlet app cookies). |
protected void |
sendRequestHeaders(ResourceHeaders headers, HttpURLConnection connection) Sends request headers. |
protected void |
setAdditionalSecurityParameters(PortletParameters additionalSecurityParameters) Set the security token parameters |
protected void |
setConnectionTimeouts(IResourceServletRequestContext requestContext) Set the timeouts on the URL connection |
protected void |
setResponseCookies(List<String> responseCookies) Set the list of cookies to add to the response |
protected void |
setRewriteResource(boolean rewriteResource) Should the resource be rewritten |
protected void |
setWindowLabel(String windowLabel) Set the portlet's window label |
Methods inherited from class com.bea.wsrp.consumer.resource.DefaultSecurityCheckResourceServletInterceptor |
---|
createPattern, getErrorMessage, getForwardBlackList, getForwardWhiteList, getStatusCode, getTargetUrlBlackList, getTargetUrlWhiteList, isForwardPathAllowed, isSecurityTokenValid, isTargetUrlAllowed, matchesPatterns, onIOFailure, onServletDestroy, preInvoke, preInvokeSecurityCheck, setErrorMessage, setStatusCode |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static HashSet<String> RESPONSE_HEADERS_TO_SKIP
protected static final String MIME_TYPE_WILD
protected static final javax.mail.internet.ContentType APPLICATION_X_WWW_FORM_URLENCODED
Constructor Detail |
---|
public WsrpResourceServletInterceptor()
Method Detail |
---|
public void onServletInit(javax.servlet.ServletConfig config) throws javax.servlet.ServletException
onServletInit
in interface IResourceServletInterceptor
onServletInit
in class DefaultSecurityCheckResourceServletInterceptor
config
- The servlet configjavax.servlet.ServletException
- If the interceptor throws an ServletException it will be handled by the servlet container.protected boolean isTargetUrlNotMatchedByListsAllowed(IResourceServletRequestContext requestContext)
isTargetUrlNotMatchedByListsAllowed
in class DefaultSecurityCheckResourceServletInterceptor
The
- request contextDefaultSecurityCheckResourceServletInterceptor.preInvoke(IResourceServletRequestContext)
, IResourceServletRequestContext.getTargetURL()
protected Status.PreInvoke preInvokeSetupRequestContext(IResourceServletRequestContext requestContext) throws IOException
preInvokeSetupRequestContext
in class DefaultSecurityCheckResourceServletInterceptor
requestContext
- the request contextif
- there's a problem setting up the connectionIOException
- If there's a problem setting up the request contextprotected final byte[] readInputStream(IResourceServletRequestContext requestContext) throws IOException
requestContext
- the request contextIOException
- If there's a problem reading the input streamprotected void sendRequestHeaders(ResourceHeaders headers, HttpURLConnection connection)
Sends request headers.
headers
-connection
-protected void sendPortletCookies(IResourceServletRequestContext requestContext, com.bea.wsrp.consumer.registry.ProducerRegistry producerRegistry) throws IOException
Sends portlet scoped cookies (init cookies + portlet app cookies).
targetURL
-request
-connection
-windowLabel
-IOException
protected void sendPortletCookies(IResourceServletRequestContext requestContext) throws IOException
requestContext
- The request contextIOException
- If there's a problem setting the cookie headersprotected int getConnectionEstablishmentTimeoutMSecs(IResourceServletRequestContext requestContext)
requestContext
- the request contextprotected int getConnectionTimeoutMSecs(IResourceServletRequestContext requestContext)
requestContext
- the request contextprotected void setConnectionTimeouts(IResourceServletRequestContext requestContext) throws IOException
requestContext
- the requyest contextIOException
- If there's a problem setting the timeoutsprotected void addSkipParameterNames(IResourceServletRequestContext requestContext)
requestContext
- the request contextpublic Status.PostInvoke postInvoke(IResourceServletRequestContext requestContext, IResourceServletResponseContext responseContext) throws IOException
postInvoke
in interface IResourceServletInterceptor
postInvoke
in class DefaultSecurityCheckResourceServletInterceptor
requestContext
- the request contextresponseContext
- the response contextIOException
- If there's a problem reading from the URL connectionDefaultSecurityCheckResourceServletInterceptor.filterResponseHeaders(Map)
protected boolean isRewriteResource()
protected void setRewriteResource(boolean rewriteResource)
rewriteResource
- the valueprotected String getWindowLabel()
protected void setWindowLabel(String windowLabel)
windowLabel
- the lableprotected PortletParameters getAdditionalSecurityParameters()
getAdditionalSecurityParameters
in class DefaultSecurityCheckResourceServletInterceptor
protected void setAdditionalSecurityParameters(PortletParameters additionalSecurityParameters)
additionalSecurityParameters
- the parametersprotected List<String> getResponseCookies()
protected void setResponseCookies(List<String> responseCookies)
responseCookies
- The cookies in Set-Cookie header value format.protected void filterResponseHeaders(Map<String,List<String>> headers)
filterResponseHeaders
in class DefaultSecurityCheckResourceServletInterceptor
the
- headers to filterRESPONSE_HEADERS_TO_SKIP
protected List<String> cookieCheck(List<String> cookieList)
the
- original cookies
|
Oracle Fusion Middleware Java API for Oracle WebLogic Portal 10g Release 3 (10.3.2) E14255-01 |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright © 2010, Oracle. All rights reserved.