AbstractService (org.cumulus4j.all 1.0.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Cumulus4j API
(1.0.1)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.cumulus4j.keymanager.front.webapp
Class AbstractService

java.lang.Object
  org.cumulus4j.keymanager.front.webapp.AbstractService

Direct Known Subclasses:: AppServerService, CryptoSessionService, DateDependentKeyStrategyService, UserService

public abstract class AbstractService
extends Object
extends Object

Abstract base class for all REST services of the key-server.

Author:: Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de

Field Summary
`protected KeyStoreManager`	`keyStoreManager`
`protected HttpServletRequest`	`request`

Constructor Summary
`AbstractService()`

Method Summary
`protected Auth`	`authenticate(String keyStoreID)` Get the `Auth` information via `getAuth()` and verify, if they are valid.
`protected Auth`	`getAuth()` Get the authentication information.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

request

@Context
protected HttpServletRequest request

keyStoreManager

@Context
protected KeyStoreManager keyStoreManager

Constructor Detail

AbstractService

public AbstractService()

Method Detail

getAuth

protected Auth getAuth()
                throws WebApplicationException

Get the authentication information. This method does not verify, if the given authentication information is correct! It merely checks, if the client sent a 'Basic' authentication header. If it did not, this method throws a WebApplicationException with Response.Status.UNAUTHORIZED or Response.Status.FORBIDDEN. If it did, it extracts the information and puts it into an Auth instance.

Returns:: the Auth instance extracted from the client's headers. Never null.
Throws:: WebApplicationException - with Response.Status.UNAUTHORIZED, if the client did not send an 'Authorization' header; with Response.Status.FORBIDDEN, if there is an 'Authorization' header, but no 'Basic' authentication header (other authentication modes, like e.g. 'Digest' are not supported).

authenticate

protected Auth authenticate(String keyStoreID)
                     throws WebApplicationException

Get the Auth information via getAuth() and verify, if they are valid. The validity is checked by trying to access the key-store.

Parameters:: keyStoreID - identifier of the key-store to work with.
Returns:: the Auth information via getAuth(); never null.
Throws:: WebApplicationException - with Response.Status.UNAUTHORIZED, if the client did not send an 'Authorization' header or if user-name / password is wrong; with Response.Status.FORBIDDEN, if there is an 'Authorization' header, but no 'Basic' authentication header (other authentication modes, like e.g. 'Digest' are not supported); with Response.Status.INTERNAL_SERVER_ERROR, if there was an IOException.