Class X509ServletFilterBase

  • All Implemented Interfaces:
    javax.servlet.Filter

    public abstract class X509ServletFilterBase
    extends java.lang.Object
    implements javax.servlet.Filter
    The X509ServletFilterBase enforces X509 Authentication. Optional Init Param: cert-contains : Ensure that the principal subject of the cert contains a specific string. The X509ServletFilter will also ensure that the cert is present in the request, which will only happen if there is a successful SSL handshake which includes client authentication. This handshake is handled by the Application Server. A SSL handshake that does not include client Authentication will receive a 403 error response. The checkInforce method must be implemented to determine if the X509 Authentication is turned on. This allows applications to turn on/off X509 Authentication based on parameters outside of the web.xml.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected boolean enforce  
    • Method Summary

      All Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      protected abstract boolean checkEnforce​(javax.servlet.ServletContext servletContext)  
      void destroy()  
      void doFilter​(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain)  
      void init​(javax.servlet.FilterConfig config)  
      void setHttpsPort​(int port)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • enforce

        protected boolean enforce
    • Constructor Detail

      • X509ServletFilterBase

        public X509ServletFilterBase()
    • Method Detail

      • init

        public void init​(javax.servlet.FilterConfig config)
                  throws javax.servlet.ServletException
        Specified by:
        init in interface javax.servlet.Filter
        Throws:
        javax.servlet.ServletException
      • setHttpsPort

        public void setHttpsPort​(int port)
      • doFilter

        public void doFilter​(javax.servlet.ServletRequest request,
                             javax.servlet.ServletResponse response,
                             javax.servlet.FilterChain chain)
                      throws java.io.IOException,
                             javax.servlet.ServletException
        Specified by:
        doFilter in interface javax.servlet.Filter
        Throws:
        java.io.IOException
        javax.servlet.ServletException
      • checkEnforce

        protected abstract boolean checkEnforce​(javax.servlet.ServletContext servletContext)
                                         throws java.io.IOException
        Parameters:
        servletContext -
        Returns:
        true if enforcing X509 false if not enforcing X509
        Throws:
        java.io.IOException - The checkInforce method is called during the initialization of the Filter. Implement this method to decide if X509 security is being enforced.
      • destroy

        public void destroy()
        Specified by:
        destroy in interface javax.servlet.Filter