public class SecureRequestCustomizer extends Object implements HttpConfiguration.Customizer
Customizer that extracts the attribute from an SSLContext
and sets them on the request with ServletRequest.setAttribute(String, Object)
according to Servlet Specification Requirements.
Modifier and Type | Field and Description |
---|---|
static String |
CACHED_INFO_ATTR
The name of the SSLSession attribute that will contain any cached information.
|
Constructor and Description |
---|
SecureRequestCustomizer() |
SecureRequestCustomizer(boolean sniHostCheck) |
SecureRequestCustomizer(boolean sniHostCheck,
long stsMaxAgeSeconds,
boolean stsIncludeSubdomains) |
Modifier and Type | Method and Description |
---|---|
void |
customize(Connector connector,
HttpConfiguration channelConfig,
Request request) |
protected void |
customize(SSLEngine sslEngine,
Request request)
Customizes the request attributes to be set for SSL requests.
|
protected void |
customizeSecure(Request request)
Customizes the request attributes for general secure settings.
|
String |
getSslSessionAttribute() |
long |
getStsMaxAge() |
boolean |
isSniHostCheck() |
boolean |
isStsIncludeSubDomains() |
void |
setSniHostCheck(boolean sniHostCheck) |
void |
setSslSessionAttribute(String attribute) |
void |
setStsIncludeSubDomains(boolean stsIncludeSubDomains) |
void |
setStsMaxAge(long stsMaxAgeSeconds)
Set the Strict-Transport-Security max age.
|
void |
setStsMaxAge(long period,
TimeUnit units)
Convenience method to call
setStsMaxAge(long) |
String |
toString() |
public static final String CACHED_INFO_ATTR
public SecureRequestCustomizer()
public SecureRequestCustomizer(@Name(value="sniHostCheck") boolean sniHostCheck)
public SecureRequestCustomizer(@Name(value="sniHostCheck") boolean sniHostCheck, @Name(value="stsMaxAgeSeconds") long stsMaxAgeSeconds, @Name(value="stsIncludeSubdomains") boolean stsIncludeSubdomains)
sniHostCheck
- True if the SNI Host name must match.stsMaxAgeSeconds
- The max age in seconds for a Strict-Transport-Security response header. If set less than zero then no header is sent.stsIncludeSubdomains
- If true, a include subdomain property is sent with any Strict-Transport-Security headerpublic boolean isSniHostCheck()
public void setSniHostCheck(boolean sniHostCheck)
sniHostCheck
- True if the SNI Host name must match.public long getStsMaxAge()
public void setStsMaxAge(long stsMaxAgeSeconds)
stsMaxAgeSeconds
- The max age in seconds for a Strict-Transport-Security response header. If set less than zero then no header is sent.public void setStsMaxAge(long period, TimeUnit units)
setStsMaxAge(long)
period
- The period in unitsunits
- The TimeUnit
of the periodpublic boolean isStsIncludeSubDomains()
public void setStsIncludeSubDomains(boolean stsIncludeSubDomains)
stsIncludeSubDomains
- If true, a include subdomain property is sent with any Strict-Transport-Security headerpublic void customize(Connector connector, HttpConfiguration channelConfig, Request request)
customize
in interface HttpConfiguration.Customizer
protected void customizeSecure(Request request)
Request.setSecure(boolean)
with true
and sets a response header if the Strict-Transport-Security options
are set.request
- the request being customizedprotected void customize(SSLEngine sslEngine, Request request)
Customizes the request attributes to be set for SSL requests.
The requirements of the Servlet specs are:
sslEngine
- the sslEngine to be customized.request
- HttpRequest to be customized.public void setSslSessionAttribute(String attribute)
public String getSslSessionAttribute()
Copyright © 1995-2016 Webtide. All Rights Reserved.