Package org.opensaml.messaging.handler.impl

Class HTTPRequestValidationHandler

  • All Implemented Interfaces:
    net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, org.opensaml.messaging.handler.MessageHandler
    public class HTTPRequestValidationHandler
extends org.opensaml.messaging.handler.AbstractMessageHandler
    A message handler that checks basic HTTP request properties.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected void doInitialize()
      protected void doInvoke​(org.opensaml.messaging.context.MessageContext messageContext)
      Evaluates whether the specified HTTP servlet request meets all requirements.
      protected void evaluateContentType​(javax.servlet.http.HttpServletRequest request)
      Checks if the request is of the correct content type.
      protected void evaluateRequestMethod​(javax.servlet.http.HttpServletRequest request)
      Checks if the request contains the correct request method.
      protected void evaluateSecured​(javax.servlet.http.HttpServletRequest request)
      Checks if the request is secured.
      javax.servlet.http.HttpServletRequest getHttpServletRequest()
      Get the HTTP servlet request instance being evaluated.
      String getRequiredContentType()
      Get the required content type.
      String getRequiredRequestMethod()
      Get the required request method.
      boolean isRequireSecured()
      Get whether request is required to be secure.
      void setHttpServletRequest​(javax.servlet.http.HttpServletRequest request)
      Set the HTTP servlet request instance being evaluated.
      void setRequiredContentType​(String contentType)
      Set the required content type.
      void setRequiredRequestMethod​(String requestMethod)
      Set the required request method.
      void setRequireSecured​(boolean secured)
      Set whether request is required to be secure.

      • Methods inherited from class org.opensaml.messaging.handler.AbstractMessageHandler

        doPostInvoke, doPostInvoke, doPreInvoke, getActivationCondition, getLogPrefix, invoke, setActivationCondition

      • Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

        destroy, doDestroy, initialize, isDestroyed, isInitialized

      • Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

        initialize, isInitialized

    • Field Detail

      • log

        @Nonnull
private final org.slf4j.Logger log
        Class logger.

      • requiredContentType

        @Nullable
private String requiredContentType
        Expected content type of the request.

      • requiredRequestMethod

        @Nullable
private String requiredRequestMethod
        Expected method of the request.

      • requireSecured

        private boolean requireSecured
        Whether the request must be secure.

      • httpServletRequest

        @NonnullAfterInit
private javax.servlet.http.HttpServletRequest httpServletRequest
        The HTTP servlet request being evaluated.

    • Constructor Detail

      • HTTPRequestValidationHandler

        public HTTPRequestValidationHandler()

    • Method Detail

      • getRequiredContentType

        public String getRequiredContentType()
        Get the required content type.
        Returns:
        the required content type

      • setRequiredContentType

        public void setRequiredContentType​(String contentType)
        Set the required content type.
        Parameters:
        contentType - the content type

      • getRequiredRequestMethod

        public String getRequiredRequestMethod()
        Get the required request method.
        Returns:
        the required request method

      • setRequiredRequestMethod

        public void setRequiredRequestMethod​(String requestMethod)
        Set the required request method.
        Parameters:
        requestMethod - the required request method

      • isRequireSecured

        public boolean isRequireSecured()
        Get whether request is required to be secure.
        Returns:
        true if required to be secure, false otherwise

      • setRequireSecured

        public void setRequireSecured​(boolean secured)
        Set whether request is required to be secure.
        Parameters:
        secured - true if required to be secure, false otherwise

      • getHttpServletRequest

        public javax.servlet.http.HttpServletRequest getHttpServletRequest()
        Get the HTTP servlet request instance being evaluated.
        Returns:
        returns the request instance

      • setHttpServletRequest

        public void setHttpServletRequest​(javax.servlet.http.HttpServletRequest request)
        Set the HTTP servlet request instance being evaluated.
        Parameters:
        request - the request instance

      • doInitialize

        protected void doInitialize()
                     throws net.shibboleth.utilities.java.support.component.ComponentInitializationException
        Overrides:
        doInitialize in class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
        Throws:
        net.shibboleth.utilities.java.support.component.ComponentInitializationException

      • doInvoke

        protected void doInvoke​(org.opensaml.messaging.context.MessageContext messageContext)
                 throws org.opensaml.messaging.handler.MessageHandlerException
        Evaluates whether the specified HTTP servlet request meets all requirements.
        Specified by:
        doInvoke in class org.opensaml.messaging.handler.AbstractMessageHandler
        Parameters:
        messageContext - message context being evaluated
        Throws:
        org.opensaml.messaging.handler.MessageHandlerException - thrown if the request does not meet the requirements of the handler

      • evaluateContentType

        protected void evaluateContentType​(javax.servlet.http.HttpServletRequest request)
                            throws org.opensaml.messaging.handler.MessageHandlerException
        Checks if the request is of the correct content type.
        Parameters:
        request - the request being evaluated
        Throws:
        org.opensaml.messaging.handler.MessageHandlerException - thrown if the content type was an unexpected value

      • evaluateRequestMethod

        protected void evaluateRequestMethod​(javax.servlet.http.HttpServletRequest request)
                              throws org.opensaml.messaging.handler.MessageHandlerException
        Checks if the request contains the correct request method.
        Parameters:
        request - the request being evaluated
        Throws:
        org.opensaml.messaging.handler.MessageHandlerException - thrown if the request method was an unexpected value

      • evaluateSecured

        protected void evaluateSecured​(javax.servlet.http.HttpServletRequest request)
                        throws org.opensaml.messaging.handler.MessageHandlerException
        Checks if the request is secured.
        Parameters:
        request - the request being evaluated
        Throws:
        org.opensaml.messaging.handler.MessageHandlerException - thrown if the request is not secure and was required to be