Class ServletContextHelper
- java.lang.Object
-
- org.osgi.service.http.context.ServletContextHelper
-
@ConsumerType public abstract class ServletContextHelper extends java.lang.Object
Helper service for a servlet context used by a Http Whiteboard implementation to serve HTTP requests.This service defines methods that the Http Whiteboard implementation may call to get information for a request when dealing with whiteboard services.
Each
ServletContextHelper
is registered with a"osgi.http.whiteboard.context.name"
service property containing a name to reference by servlets, servlet filters, resources, and listeners. If there is more than oneServletContextHelper
registered with the same context name, the one with the highest service ranking is active, the others are inactive.A context is registered with the
"osgi.http.whiteboard.context.path"
service property to define a path under which all services registered with this context are reachable. If there is more than oneServletContextHelper
registered with the same path, each duplicate context path is searched by service ranking order according toServiceReference.compareTo(Object)
until a matching servlet or resource is found.Servlets, servlet filters, resources, and listeners services may be associated with a
ServletContextHelper
service with the"osgi.http.whiteboard.context.select"
service property. If the referencedServletContextHelper
service does not exist or is currently not active, the whiteboard services for thatServletContextHelper
are not active either.If no
ServletContextHelper
service is associated, that is no"osgi.http.whiteboard.context.select"
service property is configured for a whiteboard service, a defaultServletContextHelper
is used.Those whiteboard services that are associated with the same
ServletContextHelper
object will share the sameServletContext
object.The behavior of the methods on the default
ServletContextHelper
is defined as follows:getMimeType
- Always returnsnull
.handleSecurity
- Always returnstrue
.getResource
- Assumes the named resource is in the bundle of the whiteboard service, addressed from the root. This method calls the whiteboard service bundle'sBundle.getEntry
method, and returns the appropriate URL to access the resource. On a Java runtime environment that supports permissions, the Http Whiteboard implementation needs to be grantedorg.osgi.framework.AdminPermission[*,RESOURCE]
.getResourcePaths
- Assumes that the resources are in the bundle of the whiteboard service. This method callsBundle.findEntries
method, and returns the found entries. On a Java runtime environment that supports permissions, the Http Whiteboard implementation needs to be grantedorg.osgi.framework.AdminPermission[*,RESOURCE]
.getRealPath
- Always returnsnull
.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
AUTHENTICATION_TYPE
HttpServletRequest
attribute specifying the scheme used in authentication.static java.lang.String
AUTHORIZATION
HttpServletRequest
attribute specifying theAuthorization
object obtained from theorg.osgi.service.useradmin.UserAdmin
service.static java.lang.String
REMOTE_USER
HttpServletRequest
attribute specifying the name of the authenticated user.
-
Constructor Summary
Constructors Constructor Description ServletContextHelper()
Construct a new context helper.ServletContextHelper(Bundle bundle)
Construct a new context helper associated with the specified bundle.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
finishSecurity(HttpServletRequest request, HttpServletResponse response)
Finishes the security context for the specified request.java.lang.String
getMimeType(java.lang.String name)
Maps a name to a MIME type.java.lang.String
getRealPath(java.lang.String path)
Gets the real path corresponding to the given virtual path.java.net.URL
getResource(java.lang.String name)
Maps a resource name to a URL.java.util.Set<java.lang.String>
getResourcePaths(java.lang.String path)
Returns a directory-like listing of all the paths to resources within the web application whose longest sub-path matches the supplied path argument.boolean
handleSecurity(HttpServletRequest request, HttpServletResponse response)
Handles security for the specified request.
-
-
-
Field Detail
-
REMOTE_USER
public static final java.lang.String REMOTE_USER
HttpServletRequest
attribute specifying the name of the authenticated user. The value of the attribute can be retrieved byHttpServletRequest.getRemoteUser
.- See Also:
- Constant Field Values
-
AUTHENTICATION_TYPE
public static final java.lang.String AUTHENTICATION_TYPE
HttpServletRequest
attribute specifying the scheme used in authentication. The value of the attribute can be retrieved byHttpServletRequest.getAuthType
.- See Also:
- Constant Field Values
-
AUTHORIZATION
public static final java.lang.String AUTHORIZATION
HttpServletRequest
attribute specifying theAuthorization
object obtained from theorg.osgi.service.useradmin.UserAdmin
service. The value of the attribute can be retrieved byHttpServletRequest.getAttribute(ServletContextHelper.AUTHORIZATION)
.- See Also:
- Constant Field Values
-
-
Constructor Detail
-
ServletContextHelper
public ServletContextHelper()
Construct a new context helper.If needed, the subclass will have to handle the association with a specific bundle.
-
ServletContextHelper
public ServletContextHelper(Bundle bundle)
Construct a new context helper associated with the specified bundle.- Parameters:
bundle
- The bundle to be associated with this context helper.
-
-
Method Detail
-
handleSecurity
public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response) throws java.io.IOException
Handles security for the specified request.The Http Whiteboard implementation calls this method prior to servicing the specified request. This method controls whether the request is processed in the normal manner or an error is returned.
If the request requires authentication and the
Authorization
header in the request is missing or not acceptable, then this method should set theWWW-Authenticate
header in the response object, set the status in the response object to Unauthorized(401) and returnfalse
. See also RFC 2617: HTTP Authentication: Basic and Digest Access Authentication.If the request requires a secure connection and the
getScheme
method in the request does not return 'https' or some other acceptable secure protocol, then this method should set the status in the response object to Forbidden(403) and returnfalse
.When this method returns
false
, the Http Whiteboard implementation will send the response back to the client, thereby completing the request. When this method returnstrue
, the Http Whiteboard implementation will proceed with servicing the request.If the specified request has been authenticated, this method must set the
AUTHENTICATION_TYPE
request attribute to the type of authentication used, and theREMOTE_USER
request attribute to the remote user (request attributes are set using thesetAttribute
method on the request). If this method does not perform any authentication, it must not set these attributes.If the authenticated user is also authorized to access certain resources, this method must set the
AUTHORIZATION
request attribute to theAuthorization
object obtained from theorg.osgi.service.useradmin.UserAdmin
service.The servlet responsible for servicing the specified request determines the authentication type and remote user by calling the
getAuthType
andgetRemoteUser
methods, respectively, on the request.If there is the need to clean up resources at the end of the request, the method
finishSecurity(HttpServletRequest, HttpServletResponse)
can be implemented. That method is only called if this method returnstrue
.- Parameters:
request
- The HTTP request.response
- The HTTP response.- Returns:
true
if the request should be serviced,false
if the request should not be serviced and Http Whiteboard implementation will send the response back to the client.- Throws:
java.io.IOException
- May be thrown by this method. If this occurs, the Http Whiteboard implementation will terminate the request and close the socket.- See Also:
finishSecurity(HttpServletRequest, HttpServletResponse)
-
finishSecurity
public void finishSecurity(HttpServletRequest request, HttpServletResponse response)
Finishes the security context for the specified request.Implementations of this service can implement this method to clean up resources which have been setup in
handleSecurity(HttpServletRequest, HttpServletResponse)
.This method is only called if
handleSecurity(HttpServletRequest, HttpServletResponse)
returnedtrue
for the specified request. This method is called once the pipeline finishes processing or if an exception is thrown from within the pipeline execution.The default implementation of this method does nothing.
- Parameters:
request
- The HTTP request.response
- The HTTP response.- Since:
- 1.1
- See Also:
handleSecurity(HttpServletRequest, HttpServletResponse)
-
getResource
public java.net.URL getResource(java.lang.String name)
Maps a resource name to a URL.Called by the Http Whiteboard implementation to map the specified resource name to a URL. For servlets, the Http Whiteboard implementation will call this method to support the
ServletContext
methodsgetResource
andgetResourceAsStream
. For resources, the Http Whiteboard implementation will call this method to locate the named resource.The context can control from where resources come. For example, the resource can be mapped to a file in the bundle's persistent storage area via
BundleContext.getDataFile(name).toURI().toURL()
or to a resource in the context's bundle viagetClass().getResource(name)
- Parameters:
name
- The name of the requested resource.- Returns:
- A URL that a Http Whiteboard implementation can use to read the
resource or
null
if the resource does not exist.
-
getMimeType
public java.lang.String getMimeType(java.lang.String name)
Maps a name to a MIME type.Called by the Http Whiteboard implementation to determine the MIME type for the specified name. For whiteboard services, the Http Whiteboard implementation will call this method to support the
ServletContext
methodgetMimeType
. For resource servlets, the Http Whiteboard implementation will call this method to determine the MIME type for theContent-Type
header in the response.- Parameters:
name
- The name for which to determine the MIME type.- Returns:
- The MIME type (e.g. text/html) of the specified name or
null
to indicate that the Http Whiteboard implementation should determine the MIME type itself.
-
getResourcePaths
public java.util.Set<java.lang.String> getResourcePaths(java.lang.String path)
Returns a directory-like listing of all the paths to resources within the web application whose longest sub-path matches the supplied path argument.Called by the Http Whiteboard implementation to support the
ServletContext
methodgetResourcePaths
for whiteboard services.- Parameters:
path
- The partial path used to match the resources, which must start with a /.- Returns:
- A Set containing the directory listing, or
null
if there are no resources in the web application whose path begins with the supplied path.
-
getRealPath
public java.lang.String getRealPath(java.lang.String path)
Gets the real path corresponding to the given virtual path.Called by the Http Whiteboard implementation to support the
ServletContext
methodgetRealPath
for whiteboard services.- Parameters:
path
- The virtual path to be translated to a real path.- Returns:
- The real path, or
null
if the translation cannot be performed.
-
-