org.apache.tapestry5.internal.services
Interface RequestSecurityManager

All Known Implementing Classes:
RequestSecurityManagerImpl

public interface RequestSecurityManager

Used to manage the relationship between the security of a request and the security of a page. By secure, we mean whether a request uses HTTPS and whether a page demands the use of HTTPS.

See Also:
Request.isSecure()

Method Summary
 boolean checkForInsecureComponentEventRequest(ComponentEventRequestParameters parameters)
          Checks the target page of the component event request to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent, preserving the original component event request.
 boolean checkForInsecurePageRenderRequest(PageRenderRequestParameters parameters)
          Checks the page to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent.
 LinkSecurity checkPageSecurity(String pageName)
          Determines if the page security does not match the request's security.
 

Method Detail

checkForInsecurePageRenderRequest

boolean checkForInsecurePageRenderRequest(PageRenderRequestParameters parameters)
                                          throws IOException
Checks the page to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent.

Parameters:
parameters - parameters for the current request
Returns:
true if a redirect was sent, false if normal processing should continue
Throws:
IOException

checkForInsecureComponentEventRequest

boolean checkForInsecureComponentEventRequest(ComponentEventRequestParameters parameters)
                                              throws IOException
Checks the target page of the component event request to see if it is secure; if so, and the request is not secure, then a redirect to the page is generated and sent, preserving the original component event request.

Parameters:
parameters - parameters for the current request
Returns:
true if a redirect was sent, false if normal processing should continue
Throws:
IOException
Since:
5.2.0.0

checkPageSecurity

LinkSecurity checkPageSecurity(String pageName)
Determines if the page security does not match the request's security. Returns LinkSecurity.SECURE or LinkSecurity.INSECURE if the request security matches the pages. Otherwise, returns LinkSecurity.FORCE_SECURE or LinkSecurity.FORCE_INSECURE (which will force fully qualified URLs to be generated when rendering).

Parameters:
pageName - for the security check
Returns:
security for this request, as applied to indicated page


Copyright © 2003-2012 The Apache Software Foundation.