io.undertow.servlet.handlers

Class DefaultServlet

java.lang.Object

javax.servlet.GenericServlet

javax.servlet.http.HttpServlet

io.undertow.servlet.handlers.DefaultServlet

All Implemented Interfaces:

Serializable, Servlet, ServletConfig

public class DefaultServlet
extends HttpServlet

Default servlet responsible for serving up resources. This is both a handler and a servlet. If no filters match the current path then the resources will be served up asynchronously using the HttpHandler.handleRequest(io.undertow.server.HttpServerExchange) method, otherwise the request is handled as a normal servlet request.

By default we only allow a restricted set of extensions.

todo: this thing needs a lot more work. In particular: - caching for blocking requests - correct mime type - range/last-modified and other headers to be handled properly - head requests - and probably heaps of other things

Author:

Stuart Douglas

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static String	ALLOWED_EXTENSIONS
static String	DEFAULT_ALLOWED
static String	DIRECTORY_LISTING
static String	DISALLOWED_EXTENSIONS
static String	RESOLVE_AGAINST_CONTEXT_ROOT

Constructor Summary

Constructors

Constructor and Description
DefaultServlet()

Method Summary

Modifier and Type	Method and Description
protected void	doDelete(HttpServletRequest req, HttpServletResponse resp) Called by the server (via the service method) to allow a servlet to handle a DELETE request.
protected void	doGet(HttpServletRequest req, HttpServletResponse resp) Called by the server (via the service method) to allow a servlet to handle a GET request.
protected void	doOptions(HttpServletRequest req, HttpServletResponse resp) Called by the server (via the service method) to allow a servlet to handle a OPTIONS request.
protected void	doPost(HttpServletRequest req, HttpServletResponse resp) Called by the server (via the service method) to allow a servlet to handle a POST request.
protected void	doPut(HttpServletRequest req, HttpServletResponse resp) Called by the server (via the service method) to allow a servlet to handle a PUT request.
protected void	doTrace(HttpServletRequest req, HttpServletResponse resp) Called by the server (via the service method) to allow a servlet to handle a TRACE request.
void	init(ServletConfig config) Called by the servlet container to indicate to a servlet that the servlet is being placed into service.

Methods inherited from class javax.servlet.http.HttpServlet

doHead, getLastModified, service, service

Methods inherited from class javax.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DIRECTORY_LISTING

public static final String DIRECTORY_LISTING

See Also:

Constant Field Values

DEFAULT_ALLOWED

public static final String DEFAULT_ALLOWED

See Also:

Constant Field Values

ALLOWED_EXTENSIONS

public static final String ALLOWED_EXTENSIONS

See Also:

Constant Field Values

DISALLOWED_EXTENSIONS

public static final String DISALLOWED_EXTENSIONS

See Also:

Constant Field Values

RESOLVE_AGAINST_CONTEXT_ROOT

public static final String RESOLVE_AGAINST_CONTEXT_ROOT

See Also:

Constant Field Values

Constructor Detail

DefaultServlet

public DefaultServlet()

Method Detail

init

public void init(ServletConfig config)
          throws ServletException

Description copied from class: GenericServlet

Called by the servlet container to indicate to a servlet that the servlet is being placed into service. See Servlet.init(javax.servlet.ServletConfig).

This implementation stores the ServletConfig object it receives from the servlet container for later use. When overriding this form of the method, call super.init(config).

Specified by:

init in interface Servlet

Overrides:

init in class GenericServlet

Parameters:

config - the ServletConfig object that contains configutation information for this servlet

Throws:

ServletException - if an exception occurs that interrupts the servlet's normal operation

See Also:

UnavailableException

doGet

protected void doGet(HttpServletRequest req,
                     HttpServletResponse resp)
              throws ServletException,
                     IOException

Description copied from class: HttpServlet

Called by the server (via the service method) to allow a servlet to handle a GET request.

Overriding this method to support a GET request also automatically supports an HTTP HEAD request. A HEAD request is a GET request that returns no body in the response, only the request header fields.

When overriding this method, read the request data, write the response headers, get the response's writer or output stream object, and finally, write the response data. It's best to include content type and encoding. When using a PrintWriter object to return the response, set the content type before accessing the PrintWriter object.

The servlet container must write the headers before committing the response, because in HTTP the headers must be sent before the response body.

Where possible, set the Content-Length header (with the ServletResponse.setContentLength(int) method), to allow the servlet container to use a persistent connection to return its response to the client, improving performance. The content length is automatically set if the entire response fits inside the response buffer.

When using HTTP 1.1 chunked encoding (which means that the response has a Transfer-Encoding header), do not set the Content-Length header.

The GET method should be safe, that is, without any side effects for which users are held responsible. For example, most form queries have no side effects. If a client request is intended to change stored data, the request should use some other HTTP method.

The GET method should also be idempotent, meaning that it can be safely repeated. Sometimes making a method safe also makes it idempotent. For example, repeating queries is both safe and idempotent, but buying a product online or modifying data is neither safe nor idempotent.

If the request is incorrectly formatted, doGet returns an HTTP "Bad Request" message.

Overrides:

doGet in class HttpServlet

Parameters:

req - an HttpServletRequest object that contains the request the client has made of the servlet

resp - an HttpServletResponse object that contains the response the servlet sends to the client

Throws:

ServletException - if the request for the GET could not be handled

IOException - if an input or output error is detected when the servlet handles the GET request

See Also:

ServletResponse.setContentType(java.lang.String)

doPost

protected void doPost(HttpServletRequest req,
                      HttpServletResponse resp)
               throws ServletException,
                      IOException

Description copied from class: HttpServlet

Called by the server (via the service method) to allow a servlet to handle a POST request. The HTTP POST method allows the client to send data of unlimited length to the Web server a single time and is useful when posting information such as credit card numbers.

When overriding this method, read the request data, write the response headers, get the response's writer or output stream object, and finally, write the response data. It's best to include content type and encoding. When using a PrintWriter object to return the response, set the content type before accessing the PrintWriter object.

The servlet container must write the headers before committing the response, because in HTTP the headers must be sent before the response body.

Where possible, set the Content-Length header (with the ServletResponse.setContentLength(int) method), to allow the servlet container to use a persistent connection to return its response to the client, improving performance. The content length is automatically set if the entire response fits inside the response buffer.

When using HTTP 1.1 chunked encoding (which means that the response has a Transfer-Encoding header), do not set the Content-Length header.

This method does not need to be either safe or idempotent. Operations requested through POST can have side effects for which the user can be held accountable, for example, updating stored data or buying items online.

If the HTTP POST request is incorrectly formatted, doPost returns an HTTP "Bad Request" message.

Overrides:

doPost in class HttpServlet

Parameters:

req - an HttpServletRequest object that contains the request the client has made of the servlet

resp - an HttpServletResponse object that contains the response the servlet sends to the client

Throws:

ServletException - if the request for the POST could not be handled

IOException - if an input or output error is detected when the servlet handles the request

See Also:

ServletOutputStream, ServletResponse.setContentType(java.lang.String)

doPut

protected void doPut(HttpServletRequest req,
                     HttpServletResponse resp)
              throws ServletException,
                     IOException

Description copied from class: HttpServlet

Called by the server (via the service method) to allow a servlet to handle a PUT request. The PUT operation allows a client to place a file on the server and is similar to sending a file by FTP.

When overriding this method, leave intact any content headers sent with the request (including Content-Length, Content-Type, Content-Transfer-Encoding, Content-Encoding, Content-Base, Content-Language, Content-Location, Content-MD5, and Content-Range). If your method cannot handle a content header, it must issue an error message (HTTP 501 - Not Implemented) and discard the request. For more information on HTTP 1.1, see RFC 2616 .

This method does not need to be either safe or idempotent. Operations that doPut performs can have side effects for which the user can be held accountable. When using this method, it may be useful to save a copy of the affected URL in temporary storage.

If the HTTP PUT request is incorrectly formatted, doPut returns an HTTP "Bad Request" message.

Overrides:

doPut in class HttpServlet

Parameters:

req - the HttpServletRequest object that contains the request the client made of the servlet

resp - the HttpServletResponse object that contains the response the servlet returns to the client

Throws:

ServletException - if the request for the PUT cannot be handled

IOException - if an input or output error occurs while the servlet is handling the PUT request

doDelete

protected void doDelete(HttpServletRequest req,
                        HttpServletResponse resp)
                 throws ServletException,
                        IOException

Description copied from class: HttpServlet

Called by the server (via the service method) to allow a servlet to handle a DELETE request. The DELETE operation allows a client to remove a document or Web page from the server.

This method does not need to be either safe or idempotent. Operations requested through DELETE can have side effects for which users can be held accountable. When using this method, it may be useful to save a copy of the affected URL in temporary storage.

If the HTTP DELETE request is incorrectly formatted, doDelete returns an HTTP "Bad Request" message.

Overrides:

doDelete in class HttpServlet

Parameters:

req - the HttpServletRequest object that contains the request the client made of the servlet

resp - the HttpServletResponse object that contains the response the servlet returns to the client

Throws:

ServletException - if the request for the DELETE cannot be handled

IOException - if an input or output error occurs while the servlet is handling the DELETE request

doOptions

protected void doOptions(HttpServletRequest req,
                         HttpServletResponse resp)
                  throws ServletException,
                         IOException

Description copied from class: HttpServlet

Called by the server (via the service method) to allow a servlet to handle a OPTIONS request. The OPTIONS request determines which HTTP methods the server supports and returns an appropriate header. For example, if a servlet overrides doGet, this method returns the following header:

Allow: GET, HEAD, TRACE, OPTIONS

There's no need to override this method unless the servlet implements new HTTP methods, beyond those implemented by HTTP 1.1.

Overrides:

doOptions in class HttpServlet

Parameters:

req - the HttpServletRequest object that contains the request the client made of the servlet

resp - the HttpServletResponse object that contains the response the servlet returns to the client

Throws:

ServletException - if the request for the OPTIONS cannot be handled

IOException - if an input or output error occurs while the servlet is handling the OPTIONS request

doTrace

protected void doTrace(HttpServletRequest req,
                       HttpServletResponse resp)
                throws ServletException,
                       IOException

Description copied from class: HttpServlet

Called by the server (via the service method) to allow a servlet to handle a TRACE request. A TRACE returns the headers sent with the TRACE request to the client, so that they can be used in debugging. There's no need to override this method.

Overrides:

doTrace in class HttpServlet

Parameters:

req - the HttpServletRequest object that contains the request the client made of the servlet

resp - the HttpServletResponse object that contains the response the servlet returns to the client

Throws:

ServletException - if the request for the TRACE cannot be handled

IOException - if an input or output error occurs while the servlet is handling the TRACE request