org.opensaml.messaging.handler.impl

Class HTTPRequestValidationHandler

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.messaging.handler.AbstractMessageHandler

org.opensaml.messaging.handler.impl.HTTPRequestValidationHandler

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, MessageHandler

public class HTTPRequestValidationHandler
extends AbstractMessageHandler

A message handler that checks basic HTTP request properties.

Field Summary

Fields

Modifier and Type	Field and Description
private javax.servlet.http.HttpServletRequest	httpServletRequest The HTTP servlet request being evaluated.
private org.slf4j.Logger	log Class logger.
private String	requiredContentType Expected content type of the request.
private String	requiredRequestMethod Expected method of the request.
private boolean	requireSecured Whether the request must be secure.

Constructor Summary

Constructors

Constructor and Description
HTTPRequestValidationHandler()

Method Summary

Methods

Modifier and Type	Method and Description
protected void	doInitialize()
protected void	doInvoke(MessageContext messageContext) Evaluates whether the specified HTTP servlet request meets all requirements.
protected void	evaluateContentType(javax.servlet.http.HttpServletRequest request) Checks if the request is of the correct content type.
protected void	evaluateRequestMethod(javax.servlet.http.HttpServletRequest request) Checks if the request contains the correct request method.
protected void	evaluateSecured(javax.servlet.http.HttpServletRequest request) Checks if the request is secured.
javax.servlet.http.HttpServletRequest	getHttpServletRequest() Get the HTTP servlet request instance being evaluated.
String	getRequiredContentType() Get the required content type.
String	getRequiredRequestMethod() Get the required request method.
boolean	isRequireSecured() Get whether request is required to be secure.
void	setHttpServletRequest(javax.servlet.http.HttpServletRequest request) Set the HTTP servlet request instance being evaluated.
void	setRequiredContentType(String contentType) Set the required content type.
void	setRequiredRequestMethod(String requestMethod) Set the required request method.
void	setRequireSecured(boolean secured) Set whether request is required to be secure.

Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler

doPostInvoke, doPostInvoke, doPreInvoke, getActivationCondition, getLogPrefix, invoke, setActivationCondition

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

requiredContentType

@Nullable
private String requiredContentType

Expected content type of the request.

requiredRequestMethod

@Nullable
private String requiredRequestMethod

Expected method of the request.

requireSecured

private boolean requireSecured

Whether the request must be secure.

httpServletRequest

@NonnullAfterInit
private javax.servlet.http.HttpServletRequest httpServletRequest

The HTTP servlet request being evaluated.

Constructor Detail

HTTPRequestValidationHandler

public HTTPRequestValidationHandler()

Method Detail

getRequiredContentType

public String getRequiredContentType()

Get the required content type.

Returns:

the required content type

setRequiredContentType

public void setRequiredContentType(String contentType)

Set the required content type.

Parameters:

contentType - the content type

getRequiredRequestMethod

public String getRequiredRequestMethod()

Get the required request method.

Returns:

the required request method

setRequiredRequestMethod

public void setRequiredRequestMethod(String requestMethod)

Set the required request method.

Parameters:

requestMethod - the required request method

isRequireSecured

public boolean isRequireSecured()

Get whether request is required to be secure.

Returns:

true if required to be secure, false otherwise

setRequireSecured

public void setRequireSecured(boolean secured)

Set whether request is required to be secure.

Parameters:

secured - true if required to be secure, false otherwise

getHttpServletRequest

public javax.servlet.http.HttpServletRequest getHttpServletRequest()

Get the HTTP servlet request instance being evaluated.

Returns:

returns the request instance

setHttpServletRequest

public void setHttpServletRequest(javax.servlet.http.HttpServletRequest request)

Set the HTTP servlet request instance being evaluated.

Parameters:

request - the request instance

doInitialize

protected void doInitialize()
                     throws ComponentInitializationException

Overrides:

doInitialize in class AbstractInitializableComponent

Throws:

ComponentInitializationException

doInvoke

protected void doInvoke(MessageContext messageContext)
                 throws MessageHandlerException

Evaluates whether the specified HTTP servlet request meets all requirements.

Specified by:

doInvoke in class AbstractMessageHandler

Parameters:

messageContext - message context being evaluated

Throws:

MessageHandlerException - thrown if the request does not meet the requirements of the handler

evaluateContentType

protected void evaluateContentType(javax.servlet.http.HttpServletRequest request)
                            throws MessageHandlerException

Checks if the request is of the correct content type.

Parameters:

request - the request being evaluated

Throws:

MessageHandlerException - thrown if the content type was an unexpected value

evaluateRequestMethod

protected void evaluateRequestMethod(javax.servlet.http.HttpServletRequest request)
                              throws MessageHandlerException

Checks if the request contains the correct request method.

Parameters:

request - the request being evaluated

Throws:

MessageHandlerException - thrown if the request method was an unexpected value

evaluateSecured

protected void evaluateSecured(javax.servlet.http.HttpServletRequest request)
                        throws MessageHandlerException

Checks if the request is secured.

Parameters:

request - the request being evaluated

Throws:

MessageHandlerException - thrown if the request is not secure and was required to be