public final class WebPBEConfigServlet extends HttpServlet
Servlet for web PBE config processing.
This servlet's URL should be called by the webapp administrator at deploy
time, for setting the passwords of all the PBE encryptors which have
been previously assigned a WebPBEConfig
configuration object.
If web PBE configuration has not been done yet, it will show the user a form containing two inputs for each encryptor: the validation word and the password (retyped).
WebPBEConfig
object with its setValidationWord(...)
method. This will ensure that only an authorized person will set
the encryption passwords.An example web.xml fragment:
<servlet> <servlet-name>webPBEConfigServlet</servlet-name> <servlet-class> org.jasypt.web.pbeconfig.WebPBEConfigServlet </servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>webPBEConfigServlet</servlet-name> <url-pattern>/webPBEConfig.do</url-pattern> </servlet-mapping>
If this servlet's context is set a logger, it will output messages for both successful and failed attempts to set passwords, including date, time and originating IP address.
Constructor and Description |
---|
WebPBEConfigServlet() |
Modifier and Type | Method and Description |
---|---|
protected void |
doGet(HttpServletRequest req,
HttpServletResponse resp)
Called by the server (via the
service method) to
allow a servlet to handle a GET request. |
protected void |
doPost(HttpServletRequest req,
HttpServletResponse resp)
Called by the server (via the
service method)
to allow a servlet to handle a POST request. |
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, init, log, log
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
HttpServlet
service
method) to
allow a servlet to handle a GET request.
Overriding this method to support a GET request also automatically supports an HTTP HEAD request. A HEAD request is a GET request that returns no body in the response, only the request header fields.
When overriding this method, read the request data,
write the response headers, get the response's writer or
output stream object, and finally, write the response data.
It's best to include content type and encoding. When using
a PrintWriter
object to return the response,
set the content type before accessing the
PrintWriter
object.
The servlet container must write the headers before committing the response, because in HTTP the headers must be sent before the response body.
Where possible, set the Content-Length header (with the
ServletResponse.setContentLength(int)
method),
to allow the servlet container to use a persistent connection
to return its response to the client, improving performance.
The content length is automatically set if the entire response fits
inside the response buffer.
When using HTTP 1.1 chunked encoding (which means that the response has a Transfer-Encoding header), do not set the Content-Length header.
The GET method should be safe, that is, without any side effects for which users are held responsible. For example, most form queries have no side effects. If a client request is intended to change stored data, the request should use some other HTTP method.
The GET method should also be idempotent, meaning that it can be safely repeated. Sometimes making a method safe also makes it idempotent. For example, repeating queries is both safe and idempotent, but buying a product online or modifying data is neither safe nor idempotent.
If the request is incorrectly formatted, doGet
returns an HTTP "Bad Request" message.
doGet
in class HttpServlet
req
- an HttpServletRequest
object that
contains the request the client has made
of the servletresp
- an HttpServletResponse
object that
contains the response the servlet sends
to the clientServletException
- if the request for the GET
could not be handledIOException
- if an input or output error is
detected when the servlet handles
the GET requestServletResponse.setContentType(java.lang.String)
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
HttpServlet
service
method)
to allow a servlet to handle a POST request.
The HTTP POST method allows the client to send
data of unlimited length to the Web server a single time
and is useful when posting information such as
credit card numbers.
When overriding this method, read the request data,
write the response headers, get the response's writer or output
stream object, and finally, write the response data. It's best
to include content type and encoding. When using a
PrintWriter
object to return the response, set the
content type before accessing the PrintWriter
object.
The servlet container must write the headers before committing the response, because in HTTP the headers must be sent before the response body.
Where possible, set the Content-Length header (with the
ServletResponse.setContentLength(int)
method),
to allow the servlet container to use a persistent connection
to return its response to the client, improving performance.
The content length is automatically set if the entire response fits
inside the response buffer.
When using HTTP 1.1 chunked encoding (which means that the response has a Transfer-Encoding header), do not set the Content-Length header.
This method does not need to be either safe or idempotent. Operations requested through POST can have side effects for which the user can be held accountable, for example, updating stored data or buying items online.
If the HTTP POST request is incorrectly formatted,
doPost
returns an HTTP "Bad Request" message.
doPost
in class HttpServlet
req
- an HttpServletRequest
object that
contains the request the client has made
of the servletresp
- an HttpServletResponse
object that
contains the response the servlet sends
to the clientServletException
- if the request for the POST
could not be handledIOException
- if an input or output error is
detected when the servlet handles
the requestServletOutputStream
,
ServletResponse.setContentType(java.lang.String)
Copyright © 2019 JBoss by Red Hat. All rights reserved.