001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: *
017: * $Header:$
018: */
019: package org.apache.beehive.netui.pageflow;
020:
021: import org.apache.beehive.netui.core.factory.Factory;
022: import org.apache.beehive.netui.core.factory.FactoryConfig;
023: import org.apache.beehive.netui.pageflow.adapter.Adapter;
024:
025: import javax.servlet.http.HttpServletRequest;
026: import javax.servlet.http.HttpServletResponse;
027: import javax.security.auth.login.LoginException;
028:
029: /**
030: * Adapter interface for plugging into various Servlet containers. An implementor of this interface is "discovered" at
031: * runtime. The discovery process is as follows:
032: * <ul>
033: * <li>
034: * A list of META-INF/services/org.apache.beehive.netui.pageflow.ServletContainerAdapter resources is obtained
035: * from classpath. This means, for example, that a file called
036: * "org.apache.beehive.netui.pageflow.ServletContainerAdapter" under directory META-INF/services would be
037: * found inside any JAR file on classpath.
038: * </li>
039: * <li>
040: * Inside each of these resources is the name of a class that implements ServletContainerAdapter. This class
041: * is loaded, and its {@link #accept accept} method is called.
042: * </li>
043: * <li>
044: * If {@link #accept accept} returns <code>true</code>, then that implementation class is chosen as the current
045: * adapter; otherwise, the next one in the list is tried.
046: * </li>
047: * <li>If no adapters are discovered, an instance of {@link DefaultServletContainerAdapter} is used.
048: * </ul>
049: */
050: public interface ServletContainerAdapter extends Adapter {
051: /**
052: * Tell whether the server is running in production mode.
053: * @return <code>true</code> if the server is running in production mode.
054: */
055: public boolean isInProductionMode();
056:
057: /**
058: * Tell whether a web application resource requires a secure transport protocol. This is
059: * determined from web.xml; for example, the following block specifies that all resources under
060: * /login require a secure transport protocol.
061: * <pre>
062: * <security-constraint>
063: * <web-resource-collection>
064: * <web-resource-name>Secure PageFlow - begin</web-resource-name>
065: * <url-pattern>/login/*</url-pattern>
066: * </web-resource-collection>
067: * <user-data-constraint>
068: * <transport-guarantee>CONFIDENTIAL</transport-guarantee>
069: * </user-data-constraint>
070: * </security-constraint>
071: * </pre>
072: *
073: * @param path a webapp-relative path for a resource.
074: * @param request the current HttpServletRequest.
075: * @return <code>Boolean.TRUE</code> if a transport-guarantee of <code>CONFIDENTIAL</code> or
076: * <code>INTEGRAL</code> is associated with the given resource; <code>Boolean.FALSE</code>
077: * a transport-guarantee of <code>NONE</code> is associated with the given resource; or
078: * <code>null</code> if there is no transport-guarantee associated with the given resource.
079: */
080: public SecurityProtocol getSecurityProtocol(String path,
081: HttpServletRequest request);
082:
083: /**
084: * Cause the server to do a security check for the given path. If required, it does a redirect to
085: * change the scheme (http/https).
086: *
087: * @param path the webapp-relative path on which to run security checks.
088: * @param request the current HttpServletRequest.
089: * @param response the current HttpServletResponse.
090: * @return <code>true</code> if a redirect occurred.
091: */
092: boolean doSecurityRedirect(String path, HttpServletRequest request,
093: HttpServletResponse response);
094:
095: /**
096: * Get the port on which the server is listening for unsecure connections.
097: *
098: * @param request the current HttpServletRequest.
099: * @return the port on which the server is listening for unsecure connections.
100: */
101: public int getListenPort(HttpServletRequest request);
102:
103: /**
104: * Get the port on which the server is listening for secure connections.
105: *
106: * @param request the current HttpServletRequest.
107: * @return the port on which the server is listening for secure connections.
108: */
109: public int getSecureListenPort(HttpServletRequest request);
110:
111: /**
112: * Log in the user, using "weak" username/password authentication.
113: *
114: * @param username the user's login name.
115: * @param password the user's password.
116: * @param request the current HttpServletRequest.
117: * @param response the current HttpServletResponse.
118: *
119: * @exception LoginException if the authentication failed
120: */
121: public void login(String username, String password,
122: HttpServletRequest request, HttpServletResponse response)
123: throws LoginException;
124:
125: /**
126: * Log out the current user.
127: *
128: * @param invalidateSessions if <code>true</code>, the session is invalidated (on all single-signon webapps);
129: * otherwise the session and its data are left intact. To invalidate the session in only the
130: * current webapp, set this parameter to <code>false</code> and call invalidate() on the HttpSession.
131: * @param request the current HttpServletRequest.
132: * @param response the current HttpServletResponse.
133: */
134: public void logout(boolean invalidateSessions,
135: HttpServletRequest request, HttpServletResponse response);
136:
137: /**
138: * Return the webapp context path for the given request. This differs from HttpServletRequest.getContextPath()
139: * only in that it will return a valid value even if the request is for the default webapp.
140: *
141: * @param request the current HttpServletRequest.
142: */
143: public String getFullContextPath(HttpServletRequest request);
144:
145: /**
146: * Ensure that the given session attribute is replicated in a cluster for session failover.
147: * This method does not need to be implemented for servers that do not support clustering and
148: * session failover.
149: *
150: * @param attrName the name of the session attribute for which failover should be ensured.
151: * @param attrVal the value of the given session attribute.
152: * @param request the current HttpServletRequest.
153: */
154: public void ensureFailover(String attrName, Object attrVal,
155: HttpServletRequest request);
156:
157: /**
158: * Called at the beginning of each processed request.
159: *
160: * @param request the current HttpServletRequest.
161: * @param response the current HttpServletResponse.
162: */
163: public void beginRequest(HttpServletRequest request,
164: HttpServletResponse response);
165:
166: /**
167: * Called at the end of each processed request.
168: *
169: * @param request the current HttpServletRequest.
170: * @param response the current HttpServletResponse.
171: */
172: public void endRequest(HttpServletRequest request,
173: HttpServletResponse response);
174:
175: /**
176: * Get a context object to support Beehive Controls.
177: *
178: * @param request the current HttpServletRequest.
179: * @param response the current HttpServletResponse.
180: * @return a new ControlBeanContext.
181: */
182: public Object createControlBeanContext(HttpServletRequest request,
183: HttpServletResponse response);
184:
185: /**
186: * Get the name of the platform, which may be used to find platform-specific configuration files.
187: *
188: * @return the name of the platform
189: */
190: public String getPlatformName();
191:
192: /**
193: * Get an event reporter, which will be notified of events like "page flow created", "action raised", etc.
194: */
195: public PageFlowEventReporter getEventReporter();
196:
197: /**
198: * Generic method to get a Factory class that may be container dependent.
199: *
200: * <p>
201: * This method is called to get the following Factory implementations:
202: * </p>
203: * <ul>
204: * <li>{@link org.apache.beehive.netui.core.urltemplates.URLTemplatesFactory}</li>
205: * </ul>
206: *
207: * @param classType the class type that the factory should extend or implement.
208: * @param id can be used for the case where there is more than one possible Factory
209: * that extends or implaments the class type.
210: * @param config a configuration object passed to a {@link Factory}
211: * @return a Factory class that extends or implemtents the given class type.
212: */
213: public Factory getFactory(Class classType, String id,
214: FactoryConfig config);
215: }
|