Realm (AliBaba 2.0-beta6 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.openrdf.http.object.traits
Interface Realm

public interface Realm

A common set of services all realms must implement.

Method Summary
`String`	`allowOrigin()` The script's origins that are permitted to send requests to this realm as defined in the HTTP header Access-Control-Allow-Origin.
`Object`	`authenticateRequest(String method, Object resource, Map<String,String[]> request)` Authentucates a request to determine the authenticated credential.
`org.apache.http.HttpMessage`	`authenticationInfo(String method, Object resource, Map<String,String[]> request)` Response headers that should be included in the response.
`boolean`	`authorizeCredential(Object credential, String method, Object resource, Map<String,String[]> request)` Called after a request has been authenticate.
`org.apache.http.HttpResponse`	`forbidden(String method, Object resource, Map<String,String[]> request)` The response that should be returned when the request is authenticated, but could not be authorised or the request originated from an invalid origin.
`String`	`protectionDomain()` The set of URL prefixes that this realm protects.
`org.apache.http.HttpResponse`	`unauthorized(String method, Object resource, Map<String,String[]> request)` The response that should be returned when the request could not be authenticated.
`boolean`	`withAgentCredentials(String origin)` If scripts from the given origin can use their agent's credentials.

Method Detail

protectionDomain

String protectionDomain()

The set of URL prefixes that this realm protects.

Returns:: a space separated list of URL prefixes or path prefixes or null for all request targets.

allowOrigin

String allowOrigin()

The script's origins that are permitted to send requests to this realm as defined in the HTTP header Access-Control-Allow-Origin.

Returns:: a comma separated list of acceptable scheme + '://' + authroity or "*" if any script is allowed or null if no scripts are allowed.

withAgentCredentials

boolean withAgentCredentials(String origin)

If scripts from the given origin can use their agent's credentials.

Parameters:: origin - the scheme and authority the agent script was loaded from
Returns:: true if credentials from the agent are permitted in a request.

authenticateRequest

Object authenticateRequest(String method,
                           Object resource,
                           Map<String,String[]> request)
                           throws RepositoryException

Authentucates a request to determine the authenticated credential.

Parameters:: method - The HTTP request method.; resource - The target resource of a request.; request - A map with "request-target" that was used in the request line, "content-md5" that is the base64 of 128 bit MD5 digest as per RFC1864 if a request body was sent, "authorization" that is the HTTP request header of the same name if present, "origin" that is the scheme and authority the agent script was loaded from (if applicable), and "via" that is a list of hosts or pseudonym and their HTTP version that sent or forwarded this request.
Returns:: The authenticated credentials or a null result if invalid credentials.
Throws:: RepositoryException

unauthorized

org.apache.http.HttpResponse unauthorized(String method,
                                          Object resource,
                                          Map<String,String[]> request)
                                          throws Exception

The response that should be returned when the request could not be authenticated.

Parameters:: method - The HTTP request method.; resource - The target resource of a request.; request - A map with "request-target" that was used in the request line, "authorization" that is the HTTP request header of the same name if present, "origin" that is the scheme and authority the agent script was loaded from (if applicable), and "via" that is a list of hosts or pseudonym and their HTTP version that sent or forwarded this request.
Returns:: An HTTP response
Throws:: Exception

authorizeCredential

boolean authorizeCredential(Object credential,
                            String method,
                            Object resource,
                            Map<String,String[]> request)

Called after a request has been authenticate.

Parameters:: credential - Response from authenticateAgent or authenticateRequest.; method - The HTTP request method.; resource - The target resource of a request.; request - A map with "request-target" that was used in the request line, "authorization" that is the HTTP request header of the same name if present, "origin" that is the scheme and authority the agent script was loaded from (if applicable), and "via" that is a list of hosts or pseudonym and their HTTP version that sent or forwarded this request.
Returns:: true if the credentials are authorized on this resource

forbidden

org.apache.http.HttpResponse forbidden(String method,
                                       Object resource,
                                       Map<String,String[]> request)
                                       throws Exception

The response that should be returned when the request is authenticated, but could not be authorised or the request originated from an invalid origin.

Parameters:: method - The HTTP request method.; resource - The target resource of a request.; request - A map with "request-target" that was used in the request line, "authorization" that is the HTTP request header of the same name if present, "origin" that is the scheme and authority the agent script was loaded from (if applicable), and "via" that is a list of hosts or pseudonym and their HTTP version that sent or forwarded this request.
Returns:: An HTTP response
Throws:: Exception

authenticationInfo

org.apache.http.HttpMessage authenticationInfo(String method,
                                               Object resource,
                                               Map<String,String[]> request)

Response headers that should be included in the response.

Parameters:: method - The HTTP request method.; resource - The target resource of a request.; request - A map with "request-target" that was used in the request line, "authorization" that is the HTTP request header of the same name if present, "origin" that is the scheme and authority the agent script was loaded from (if applicable), and "via" that is a list of hosts or pseudonym and their HTTP version that sent or forwarded this request.
Returns:: Set of HTTP headers