Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.shiro.web.servlet
Class ShiroHttpServletResponse

java.lang.Object
  extended by javax.servlet.ServletResponseWrapper
      extended by javax.servlet.http.HttpServletResponseWrapper
          extended by org.apache.shiro.web.servlet.ShiroHttpServletResponse
All Implemented Interfaces:
HttpServletResponse, ServletResponse
public class ShiroHttpServletResponse
extends HttpServletResponseWrapper

HttpServletResponse implementation to support URL Encoding of Shiro Session IDs.

It is only used when using Shiro's native Session Management configuration (and not when using the Servlet Container session configuration, which is Shiro's default in a web environment). Because the servlet container already performs url encoding of its own session ids, instances of this class are only needed when using Shiro native sessions.

Note that this implementation relies in part on source code from the Tomcat 6.x distribution for encoding URLs for session ID URL Rewriting (we didn't want to re-invent the wheel). Since Shiro is also Apache 2.0 license, all regular licenses and conditions have remained in tact.

Since:
0.2

Field Summary
 
Fields inherited from interface javax.servlet.http.HttpServletResponse
SC_ACCEPTED, SC_BAD_GATEWAY, SC_BAD_REQUEST, SC_CONFLICT, SC_CONTINUE, SC_CREATED, SC_EXPECTATION_FAILED, SC_FORBIDDEN, SC_FOUND, SC_GATEWAY_TIMEOUT, SC_GONE, SC_HTTP_VERSION_NOT_SUPPORTED, SC_INTERNAL_SERVER_ERROR, SC_LENGTH_REQUIRED, SC_METHOD_NOT_ALLOWED, SC_MOVED_PERMANENTLY, SC_MOVED_TEMPORARILY, SC_MULTIPLE_CHOICES, SC_NO_CONTENT, SC_NON_AUTHORITATIVE_INFORMATION, SC_NOT_ACCEPTABLE, SC_NOT_FOUND, SC_NOT_IMPLEMENTED, SC_NOT_MODIFIED, SC_OK, SC_PARTIAL_CONTENT, SC_PAYMENT_REQUIRED, SC_PRECONDITION_FAILED, SC_PROXY_AUTHENTICATION_REQUIRED, SC_REQUEST_ENTITY_TOO_LARGE, SC_REQUEST_TIMEOUT, SC_REQUEST_URI_TOO_LONG, SC_REQUESTED_RANGE_NOT_SATISFIABLE, SC_RESET_CONTENT, SC_SEE_OTHER, SC_SERVICE_UNAVAILABLE, SC_SWITCHING_PROTOCOLS, SC_TEMPORARY_REDIRECT, SC_UNAUTHORIZED, SC_UNSUPPORTED_MEDIA_TYPE, SC_USE_PROXY
 
Constructor Summary
ShiroHttpServletResponse(HttpServletResponse wrapped, ServletContext context, ShiroHttpServletRequest request)
           
 
Method Summary
 String encodeRedirectUrl(String s)
           
 String encodeRedirectURL(String url)
          Encode the session identifier associated with this response into the specified redirect URL, if necessary.
 String encodeUrl(String s)
           
 String encodeURL(String url)
          Encode the session identifier associated with this response into the specified URL, if necessary.
 ServletContext getContext()
           
 ShiroHttpServletRequest getRequest()
           
protected  boolean isEncodeable(String location)
          Return true if the specified URL should be encoded with a session identifier.
static boolean isSchemeChar(char c)
          Determine if the character is allowed in the scheme of a URI.
 void setContext(ServletContext context)
           
 void setRequest(ShiroHttpServletRequest request)
           
protected  String toEncoded(String url, String sessionId)
          Return the specified URL with the specified session identifier suitably encoded.
 
Methods inherited from class javax.servlet.http.HttpServletResponseWrapper
addCookie, addDateHeader, addHeader, addIntHeader, containsHeader, sendError, sendError, sendRedirect, setDateHeader, setHeader, setIntHeader, setStatus, setStatus
 
Methods inherited from class javax.servlet.ServletResponseWrapper
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getResponse, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentType, setLocale, setResponse
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface javax.servlet.ServletResponse
flushBuffer, getBufferSize, getCharacterEncoding, getContentType, getLocale, getOutputStream, getWriter, isCommitted, reset, resetBuffer, setBufferSize, setCharacterEncoding, setContentLength, setContentType, setLocale
 

Constructor Detail

ShiroHttpServletResponse

public ShiroHttpServletResponse(HttpServletResponse wrapped,
                                ServletContext context,
                                ShiroHttpServletRequest request)
Method Detail

getContext

public ServletContext getContext()

setContext

public void setContext(ServletContext context)

getRequest

public ShiroHttpServletRequest getRequest()

setRequest

public void setRequest(ShiroHttpServletRequest request)

encodeRedirectURL

public String encodeRedirectURL(String url)
Encode the session identifier associated with this response into the specified redirect URL, if necessary.

Specified by:
encodeRedirectURL in interface HttpServletResponse
Overrides:
encodeRedirectURL in class HttpServletResponseWrapper
Parameters:
url - URL to be encoded

encodeRedirectUrl

public String encodeRedirectUrl(String s)
Specified by:
encodeRedirectUrl in interface HttpServletResponse
Overrides:
encodeRedirectUrl in class HttpServletResponseWrapper

encodeURL

public String encodeURL(String url)
Encode the session identifier associated with this response into the specified URL, if necessary.

Specified by:
encodeURL in interface HttpServletResponse
Overrides:
encodeURL in class HttpServletResponseWrapper
Parameters:
url - URL to be encoded

encodeUrl

public String encodeUrl(String s)
Specified by:
encodeUrl in interface HttpServletResponse
Overrides:
encodeUrl in class HttpServletResponseWrapper

isEncodeable

protected boolean isEncodeable(String location)
Return true if the specified URL should be encoded with a session identifier. This will be true if all of the following conditions are met:

Parameters:
location - Absolute URL to be validated
Returns:
true if the specified URL should be encoded with a session identifier, false otherwise.

isSchemeChar

public static boolean isSchemeChar(char c)
Determine if the character is allowed in the scheme of a URI. See RFC 2396, Section 3.1

Parameters:
c - the character to check
Returns:
true if the character is allowed in a URI scheme, false otherwise.

toEncoded

protected String toEncoded(String url,
                           String sessionId)
Return the specified URL with the specified session identifier suitably encoded.

Parameters:
url - URL to be encoded with the session id
sessionId - Session id to be included in the encoded URL
Returns:
the url with the session identifer properly encoded.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2014 The Apache Software Foundation. All Rights Reserved.