/* * The Apache Software License, Version 1.1 * * Copyright (c) 1999 The Apache Software Foundation. All rights * reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. The end-user documentation included with the redistribution, if * any, must include the following acknowlegement: * "This product includes software developed by the * Apache Software Foundation (http://www.apache.org/)." * Alternately, this acknowlegement may appear in the software itself, * if and wherever such third-party acknowlegements normally appear. * * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software * Foundation" must not be used to endorse or promote products derived * from this software without prior written permission. For written * permission, please contact apache@apache.org. * * 5. Products derived from this software may not be called "Apache" * nor may "Apache" appear in their names without prior written * permission of the Apache Group. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ==================================================================== * * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see * . * * ==================================================================== * * This source code implements specifications defined by the Java * Community Process. In order to remain compliant with the specification * DO NOT add / change / or delete method signatures! */ package javax.servlet.http; import javax.servlet.ServletRequest; import java.util.Enumeration; /** * * Extends the {@link javax.servlet.ServletRequest} interface * to provide request information for HTTP servlets. * *

The servlet container creates an HttpServletRequest * object and passes it as an argument to the servlet's service * methods (doGet, doPost, etc). * * * @author Various * @version $Version$ * * */ public interface HttpServletRequest extends ServletRequest { /** * String identifier for Basic authentication. Value "BASIC" */ public static final String BASIC_AUTH = "BASIC"; /** * String identifier for Basic authentication. Value "FORM" */ public static final String FORM_AUTH = "FORM"; /** * String identifier for Basic authentication. Value "CLIENT_CERT" */ public static final String CLIENT_CERT_AUTH = "CLIENT_CERT"; /** * String identifier for Basic authentication. Value "DIGEST" */ public static final String DIGEST_AUTH = "DIGEST"; /** * Returns the name of the authentication scheme used to protect * the servlet. All servlet containers support basic, form and client * certificate authentication, and may additionally support digest * authentication. * If the servlet is not authenticated null is returned. * *

Same as the value of the CGI variable AUTH_TYPE. * * * @return one of the static members BASIC_AUTH, * FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH * (suitable for == comparison) * indicating the authentication scheme, or * null if the request was * not authenticated. * */ public String getAuthType(); /** * * Returns an array containing all of the Cookie * objects the client sent with this request. * This method returns null if no cookies were sent. * * @return an array of all the Cookies * included with this request, or null * if the request has no cookies * * */ public Cookie[] getCookies(); /** * * Returns the value of the specified request header * as a long value that represents a * Date object. Use this method with * headers that contain dates, such as * If-Modified-Since. * *

The date is returned as * the number of milliseconds since January 1, 1970 GMT. * The header name is case insensitive. * *

If the request did not have a header of the * specified name, this method returns -1. If the header * can't be converted to a date, the method throws * an IllegalArgumentException. * * @param name a String specifying the * name of the header * * @return a long value * representing the date specified * in the header expressed as * the number of milliseconds * since January 1, 1970 GMT, * or -1 if the named header * was not included with the * reqest * * @exception IllegalArgumentException If the header value * can't be converted * to a date * */ public long getDateHeader(String name); /** * * Returns the value of the specified request header * as a String. If the request did not include a header * of the specified name, this method returns null. * The header name is case insensitive. You can use * this method with any request header. * * @param name a String specifying the * header name * * @return a String containing the * value of the requested * header, or null * if the request does not * have a header of that name * */ public String getHeader(String name); /** * * Returns all the values of the specified request header * as an Enumeration of String objects. * *

Some headers, such as Accept-Language can be sent * by clients as several headers each with a different value rather than * sending the header as a comma separated list. * *

If the request did not include any headers * of the specified name, this method returns an empty * Enumeration. * The header name is case insensitive. You can use * this method with any request header. * * @param name a String specifying the * header name * * @return an Enumeration containing * the values of the requested header. If * the request does not have any headers of * that name return an empty * enumeration. If * the container does not allow access to * header information, return null * */ public Enumeration getHeaders(String name); /** * * Returns an enumeration of all the header names * this request contains. If the request has no * headers, this method returns an empty enumeration. * *

Some servlet containers do not allow do not allow * servlets to access headers using this method, in * which case this method returns null * * @return an enumeration of all the * header names sent with this * request; if the request has * no headers, an empty enumeration; * if the servlet container does not * allow servlets to use this method, * null * * */ public Enumeration getHeaderNames(); /** * * Returns the value of the specified request header * as an int. If the request does not have a header * of the specified name, this method returns -1. If the * header cannot be converted to an integer, this method * throws a NumberFormatException. * *

The header name is case insensitive. * * @param name a String specifying the name * of a request header * * @return an integer expressing the value * of the request header or -1 * if the request doesn't have a * header of this name * * @exception NumberFormatException If the header value * can't be converted * to an int */ public int getIntHeader(String name); /** * * Returns the name of the HTTP method with which this * request was made, for example, GET, POST, or PUT. * Same as the value of the CGI variable REQUEST_METHOD. * * @return a String * specifying the name * of the method with which * this request was made * */ public String getMethod(); /** * * Returns any extra path information associated with * the URL the client sent when it made this request. * The extra path information follows the servlet path * but precedes the query string. * This method returns null if there * was no extra path information. * *

Same as the value of the CGI variable PATH_INFO. * * * @return a String, decoded by the * web container, specifying * extra path information that comes * after the servlet path but before * the query string in the request URL; * or null if the URL does not have * any extra path information * */ public String getPathInfo(); /** * * Returns any extra path information after the servlet name * but before the query string, and translates it to a real * path. Same as the value of the CGI variable PATH_TRANSLATED. * *

If the URL does not have any extra path information, * this method returns null. * * The web container does not decode thins string. * * * @return a String specifying the * real path, or null if * the URL does not have any extra path * information * * */ public String getPathTranslated(); /** * * Returns the portion of the request URI that indicates the context * of the request. The context path always comes first in a request * URI. The path starts with a "/" character but does not end with a "/" * character. For servlets in the default (root) context, this method * returns "". The container does not decode this string. * * * @return a String specifying the * portion of the request URI that indicates the context * of the request * * */ public String getContextPath(); /** * * Returns the query string that is contained in the request * URL after the path. This method returns null * if the URL does not have a query string. Same as the value * of the CGI variable QUERY_STRING. * * @return a String containing the query * string or null if the URL * contains no query string. The value is not * decoded by the container. * */ public String getQueryString(); /** * * Returns the login of the user making this request, if the * user has been authenticated, or null if the user * has not been authenticated. * Whether the user name is sent with each subsequent request * depends on the browser and type of authentication. Same as the * value of the CGI variable REMOTE_USER. * * @return a String specifying the login * of the user making this request, or nullfalse. * * @param role a String specifying the name * of the role * * @return a boolean indicating whether * the user making this request belongs to a given role; * false if the user has not been * authenticated * */ public boolean isUserInRole(String role); /** * * Returns a java.security.Principal object containing * the name of the current authenticated user. If the user has not been * authenticated, the method returns null. * * @return a java.security.Principal containing * the name of the user making this request; * null if the user has not been * authenticated * */ public java.security.Principal getUserPrincipal(); /** * * Returns the session ID specified by the client. This may * not be the same as the ID of the actual session in use. * For example, if the request specified an old (expired) * session ID and the server has started a new session, this * method gets a new session with a new ID. If the request * did not specify a session ID, this method returns * null. * * * @return a String specifying the session * ID, or null if the request did * not specify a session ID * * @see #isRequestedSessionIdValid * */ public String getRequestedSessionId(); /** * * Returns the part of this request's URL from the protocol * name up to the query string in the first line of the HTTP request. * The web container does not decode this String. * For example: * * * * * *
First line of HTTP request Returned Value
POST /some/path.html HTTP/1.1/some/path.html *
GET http://foo.bar/a.html HTTP/1.0 * /a.html *
HEAD /xyz?a=b HTTP/1.1/xyz *
* *

To reconstruct an URL with a scheme and host, use * {@link HttpUtils#getRequestURL}. * * @return a String containing * the part of the URL from the * protocol name up to the query string * * @see HttpUtils#getRequestURL * */ public String getRequestURI(); /** * * Reconstructs the URL the client used to make the request. * The returned URL contains a protocol, server name, port * number, and server path, but it does not include query * string parameters. * *

Because this method returns a StringBuffer, * not a string, you can modify the URL easily, for example, * to append query parameters. * *

This method is useful for creating redirect messages * and for reporting errors. * * @return a StringBuffer object containing * the reconstructed URL * */ public StringBuffer getRequestURL(); /** * * Returns the part of this request's URL that calls * the servlet. This includes either the servlet name or * a path to the servlet, but does not include any extra * path information or a query string. Same as the value * of the CGI variable SCRIPT_NAME. * * * @return a String containing * the name or path of the servlet being * called, as specified in the request URL, * decoded. * * */ public String getServletPath(); /** * * Returns the current HttpSession * associated with this request or, if if there is no * current session and create is true, returns * a new session. * *

If create is false * and the request has no valid HttpSession, * this method returns null. * *

To make sure the session is properly maintained, * you must call this method before * the response is committed. If the container is using cookies * to maintain session integrity and is asked to create a new session * when the response is committed, an IllegalStateException is thrown. * * * * * @param true to create * a new session for this request if necessary; * false to return null * if there's no current session * * * @return the HttpSession associated * with this request or null if * create is false * and the request has no valid session * * @see #getSession() * * */ public HttpSession getSession(boolean create); /** * * Returns the current session associated with this request, * or if the request does not have a session, creates one. * * @return the HttpSession associated * with this request * * @see #getSession(boolean) * */ public HttpSession getSession(); /** * * Checks whether the requested session ID is still valid. * * @return true if this * request has an id for a valid session * in the current session context; * false otherwise * * @see #getRequestedSessionId * @see #getSession * @see HttpSessionContext * */ public boolean isRequestedSessionIdValid(); /** * * Checks whether the requested session ID came in as a cookie. * * @return true if the session ID * came in as a * cookie; otherwise, false * * * @see #getSession * */ public boolean isRequestedSessionIdFromCookie(); /** * * Checks whether the requested session ID came in as part of the * request URL. * * @return true if the session ID * came in as part of a URL; otherwise, * false * * * @see #getSession * */ public boolean isRequestedSessionIdFromURL(); /** * * @deprecated As of Version 2.1 of the Java Servlet * API, use {@link #isRequestedSessionIdFromURL} * instead. * */ public boolean isRequestedSessionIdFromUrl(); }