Cumulus4j API
(1.0.0)

org.cumulus4j.keymanager.front.webapp
Class AbstractService

java.lang.Object
  extended by org.cumulus4j.keymanager.front.webapp.AbstractService
Direct Known Subclasses:
AppServerService, CryptoSessionService, DateDependentKeyStrategyService, UserService

public abstract class AbstractService
extends Object

Abstract base class for all REST services of the key-server.

Author:
Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de

Field Summary
protected  KeyStoreManager keyStoreManager
           
protected  HttpServletRequest request
           
 
Constructor Summary
AbstractService()
           
 
Method Summary
protected  Auth authenticate(String keyStoreID)
          Get the Auth information via getAuth() and verify, if they are valid.
protected  Auth getAuth()
          Get the authentication information.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

request

@Context
protected HttpServletRequest request

keyStoreManager

@Context
protected KeyStoreManager keyStoreManager
Constructor Detail

AbstractService

public AbstractService()
Method Detail

getAuth

protected Auth getAuth()
                throws WebApplicationException
Get the authentication information. This method does not verify, if the given authentication information is correct! It merely checks, if the client sent a 'Basic' authentication header. If it did not, this method throws a WebApplicationException with Response.Status.UNAUTHORIZED or Response.Status.FORBIDDEN. If it did, it extracts the information and puts it into an Auth instance.

Returns:
the Auth instance extracted from the client's headers. Never null.
Throws:
WebApplicationException - with Response.Status.UNAUTHORIZED, if the client did not send an 'Authorization' header; with Response.Status.FORBIDDEN, if there is an 'Authorization' header, but no 'Basic' authentication header (other authentication modes, like e.g. 'Digest' are not supported).

authenticate

protected Auth authenticate(String keyStoreID)
                     throws WebApplicationException
Get the Auth information via getAuth() and verify, if they are valid. The validity is checked by trying to access the key-store.

Parameters:
keyStoreID - identifier of the key-store to work with.
Returns:
the Auth information via getAuth(); never null.
Throws:
WebApplicationException - with Response.Status.UNAUTHORIZED, if the client did not send an 'Authorization' header or if user-name / password is wrong; with Response.Status.FORBIDDEN, if there is an 'Authorization' header, but no 'Basic' authentication header (other authentication modes, like e.g. 'Digest' are not supported); with Response.Status.INTERNAL_SERVER_ERROR, if there was an IOException.

Cumulus4j API
(1.0.0)

Copyright © 2012 NightLabs Consulting GmbH. All Rights Reserved.