Constructor Detail

• AbstractConfidentialityHandler

  protected AbstractConfidentialityHandler(HttpHandler next)

Method Detail

• handleRequest

  public void handleRequest(HttpServerExchange exchange)
                     throws Exception

  Description copied from interface: HttpHandler
  Handle the request.

  Specified by:

  handleRequest in interface HttpHandler

  Parameters:

  exchange - the HTTP request/response exchange

  Throws:

  Exception

• isConfidential

  protected boolean isConfidential(HttpServerExchange exchange)

  Use the HttpServerExchange supplied to check if this request is already 'sufficiently' confidential. Here we say 'sufficiently' as sub-classes can override this and maybe even go so far as querying the actual SSLSession.

  Parameters:

  exchange - - The HttpServerExchange for the request being processed.

  Returns:

  true if the request is 'sufficiently' confidential, false otherwise.

• confidentialityRequired

  protected boolean confidentialityRequired(HttpServerExchange exchange)

  Use the HttpServerExchange to identify if confidentiality is required. This method currently returns true for all requests, sub-classes can override this to provide a custom check. TODO: we should deprecate this and just use a predicate to decide to execute the handler instead

  Parameters:

  exchange - - The HttpServerExchange for the request being processed.

  Returns:

  true if the request requires confidentiality, false otherwise.

• getRedirectURI

  protected abstract URI getRedirectURI(HttpServerExchange exchange)
                                 throws URISyntaxException

  All sub-classes are required to provide an implementation of this method, using the HttpServerExchange for the current request return the address to use for a redirect should confidentiality be required and the request not be confidential.

  Parameters:

  exchange - - The HttpServerExchange for the request being processed.

  Returns:

  The URI to redirect to.

  Throws:

  URISyntaxException