Package org.apache.cxf.transport.http

Class MessageTrustDecider

java.lang.Object
org.apache.cxf.transport.http.MessageTrustDecider
public abstract class MessageTrustDecider extends Object
The HTTPConduit calls upon this object to establish trust just before a message within the HTTP Conduit is sent out. This object is based on the implementation of HTTP Conduit using java.net.URL and java.net.URLConnection implementations. The HttpURLConnection will be set up and connected, but no data yet sent (at least according to the JDK 1.5 default implementation), and in the case of an HttpsURLConnection (again with caveat on particular java.net.HttpsURLConnection implementation), the TLS handshake will be completed and certain TLS artifacts will be available.

Each MessageTrustDecider has a "logical" name that may be used in logging to help ensure the proper trust decision is being made for particular conduits.

  • Field Details

    • logicalName

      protected String logicalName
      This field contains the "logical" name of this Message Trust Decider. This field is not assigned to be final, since an extension may be Spring initialized as a bean, have an appropriate setLogicalName method, and set this field.

  • Constructor Details

    • MessageTrustDecider

      protected MessageTrustDecider()
      This default constructor sets the "logical" name of the trust decider to be its class name.

    • MessageTrustDecider

      protected MessageTrustDecider(String name)
      This constructor is used to set the logical name of the trust decider.

  • Method Details

    • getLogicalName

      public String getLogicalName()
      This method returns the logical name of this trust decider. The name of the trust decider may be used in logging or auditing to make sure that the proper trust decision is being implemented.

    • establishTrust

      public abstract void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException
      This method is called when a Message is about to be sent out over an HTTPConduit. Its implementation must throw the specified exception if the URL connection cannot be trusted for the message.

      It is important to note that the Message structure at this point may not have any content, so any analysis of message content may be impossible.

      This method gets invoked after URL.setRequestProperties() is called on the URL for the selected protocol.

      The HTTPConduit calls this message on every redirect, however, it is impossible to tell where it has been redirected from. TODO: What are the existing Message Properties at the point of this call?

      Parameters:
      conduitName - This parameter contains the logical name for the conduit that this trust decider is being called from.
      connectionInfo - This parameter contains information about the URL Connection. It may be subclassed depending on the protocol used for the URL. For "https", this argument will be a HttpsURLConnectionInfo. For "http", this argument will be HttpURLConnectionInfo.
      message - This parameter contains the Message structure that governs where the message may be going.
      Throws:
      UntrustedURLConnectionIOException - The trust decider throws this exception if trust in the URLConnection cannot be established for the particular Message.
      See Also: