org.opensaml.ws.security.provider
Class HTTPRule

java.lang.Object
  extended by org.opensaml.ws.security.provider.HTTPRule
All Implemented Interfaces:
SecurityPolicyRule

public class HTTPRule
extends Object
implements SecurityPolicyRule

A security rule that checks basic HTTP connection properties.


Field Summary
private  org.slf4j.Logger log
          Class logger.
private  String requiredContentType
          Expected content type of the request.
private  String requiredRequestMethod
          Expected method of the request.
private  boolean requireSecured
          Whether the request must be secure.
 
Constructor Summary
HTTPRule(String type, String method, boolean secured)
          Constructor.
 
Method Summary
protected  void doEvaluate(MessageContext messageContext)
          Evaluates if the message context transport, guaranteed to be of type HTTPTransport, meets all requirements.
 void evaluate(MessageContext messageContext)
          Evaluates the message context against the rule.
protected  void evaluateContentType(HTTPTransport transport)
          Checks if the transport is of the correct content type.
protected  void evaluateRequestMethod(HTTPTransport transport)
          Checks if the transport is of the correct request method.
protected  void evaluateSecured(HTTPTransport transport)
          Checks if the transport is secured.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

log

private final org.slf4j.Logger log
Class logger.


requiredContentType

private String requiredContentType
Expected content type of the request.


requiredRequestMethod

private String requiredRequestMethod
Expected method of the request.


requireSecured

private boolean requireSecured
Whether the request must be secure.

Constructor Detail

HTTPRule

public HTTPRule(String type,
                String method,
                boolean secured)
Constructor.

Parameters:
type - expected content type
method - expected request method
secured - whether the request must be secured
Method Detail

evaluate

public void evaluate(MessageContext messageContext)
              throws SecurityPolicyException
Evaluates the message context against the rule.

Specified by:
evaluate in interface SecurityPolicyRule
Parameters:
messageContext - the message context being evaluated
Throws:
SecurityPolicyException - thrown if the message context does not meet the requirements of the rule, or if there is a non-recoverable error during evaluation

doEvaluate

protected void doEvaluate(MessageContext messageContext)
                   throws SecurityPolicyException
Evaluates if the message context transport, guaranteed to be of type HTTPTransport, meets all requirements.

Parameters:
messageContext - message context being evaluated
Throws:
SecurityPolicyException - thrown if the message context does not meet the requirements of an evaluated rule

evaluateContentType

protected void evaluateContentType(HTTPTransport transport)
                            throws SecurityPolicyException
Checks if the transport is of the correct content type.

Parameters:
transport - transport being evalauted
Throws:
SecurityPolicyException - thrown if the content type was an unexpected value

evaluateRequestMethod

protected void evaluateRequestMethod(HTTPTransport transport)
                              throws SecurityPolicyException
Checks if the transport is of the correct request method.

Parameters:
transport - transport being evalauted
Throws:
SecurityPolicyException - thrown if the request method was an unexpected value

evaluateSecured

protected void evaluateSecured(HTTPTransport transport)
                        throws SecurityPolicyException
Checks if the transport is secured.

Parameters:
transport - transport being evalauted
Throws:
SecurityPolicyException - thrown if the transport is not secure and was required to be


Copyright © 1999-2013. All Rights Reserved.