All Downloads are FREE. Search and download functionalities are using the official Maven repository.

jakarta.servlet.http.HttpServletRequest Maven / Gradle / Ivy

There is a newer version: 11.0.1
Show newest version
/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package jakarta.servlet.http;

import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Map;

import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;

/**
 * Extends the {@link jakarta.servlet.ServletRequest} interface to provide request information for HTTP servlets.
 * 

* The servlet container creates an HttpServletRequest object and passes it as an argument to the servlet's * service methods (doGet, doPost, etc). */ public interface HttpServletRequest extends ServletRequest { /** * String identifier for Basic authentication. Value "BASIC" */ String BASIC_AUTH = "BASIC"; /** * String identifier for Form authentication. Value "FORM" */ String FORM_AUTH = "FORM"; /** * String identifier for Client Certificate authentication. Value "CLIENT_CERT" */ String CLIENT_CERT_AUTH = "CLIENT_CERT"; /** * String identifier for Digest authentication. Value "DIGEST" */ String DIGEST_AUTH = "DIGEST"; /** * Returns the name of the authentication scheme used to protect the servlet. All servlet containers support basic, * form and client certificate authentication, and may additionally support digest authentication. If the servlet is * not authenticated null is returned. *

* Same as the value of the CGI variable AUTH_TYPE. * * @return one of the static members BASIC_AUTH, FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH (suitable for == * comparison) or the container-specific string indicating the authentication scheme, or * null if the request was not authenticated. */ String getAuthType(); /** * Returns an array containing all of the Cookie objects the client sent with this request. This method * returns null if no cookies were sent. * * @return an array of all the Cookies included with this request, or null if the request * has no cookies */ Cookie[] getCookies(); /** * Returns the value of the specified request header as a long value that represents a * Date object. Use this method with headers that contain dates, such as * If-Modified-Since. *

* The date is returned as the number of milliseconds since January 1, 1970 GMT. The header name is case * insensitive. *

* If the request did not have a header of the specified name, this method returns -1. If the header can't be * converted to a date, the method throws an IllegalArgumentException. * * @param name a String specifying the name of the header * * @return a long value representing the date specified in the header expressed as the number of * milliseconds since January 1, 1970 GMT, or -1 if the named header was not included with the request * * @exception IllegalArgumentException If the header value can't be converted to a date */ long getDateHeader(String name); /** * Returns the value of the specified request header as a String. If the request did not include a * header of the specified name, this method returns null. If there are multiple headers with the same * name, this method returns the first head in the request. The header name is case insensitive. You can use this * method with any request header. * * @param name a String specifying the header name * * @return a String containing the value of the requested header, or null if the request * does not have a header of that name */ String getHeader(String name); /** * Returns all the values of the specified request header as an Enumeration of String * objects. *

* Some headers, such as Accept-Language can be sent by clients as several headers each with a * different value rather than sending the header as a comma separated list. *

* If the request did not include any headers of the specified name, this method returns an empty * Enumeration. The header name is case insensitive. You can use this method with any request header. * * @param name a String specifying the header name * * @return an Enumeration containing the values of the requested header. If the request does not have * any headers of that name return an empty enumeration. If the container does not allow access to * header information, return null */ Enumeration getHeaders(String name); /** * Returns an enumeration of all the header names this request contains. If the request has no headers, this method * returns an empty enumeration. *

* Some servlet containers do not allow servlets to access headers using this method, in which case this method * returns null * * @return an enumeration of all the header names sent with this request; if the request has no headers, an empty * enumeration; if the servlet container does not allow servlets to use this method, null */ Enumeration getHeaderNames(); /** * Returns the value of the specified request header as an int. If the request does not have a header * of the specified name, this method returns -1. If the header cannot be converted to an integer, this method * throws a NumberFormatException. *

* The header name is case insensitive. * * @param name a String specifying the name of a request header * * @return an integer expressing the value of the request header or -1 if the request doesn't have a header of this * name * * @exception NumberFormatException If the header value can't be converted to an int */ int getIntHeader(String name); /** * Obtain the mapping information for this request. * * @return the mapping information for this request */ default HttpServletMapping getHttpServletMapping() { return new HttpServletMapping() { @Override public String getMatchValue() { return ""; } @Override public String getPattern() { return ""; } @Override public String getServletName() { return ""; } @Override public MappingMatch getMappingMatch() { return null; } }; } /** * Returns the name of the HTTP method with which this request was made, for example, GET, POST, or PUT. Same as the * value of the CGI variable REQUEST_METHOD. * * @return a String specifying the name of the method with which this request was made */ String getMethod(); /** * Returns any extra path information associated with the URL the client sent when it made this request. The extra * path information follows the servlet path but precedes the query string and will start with a "/" character. *

* This method returns null if there was no extra path information. *

* The URL will be canonicalized as per section 3.5 of the specification before the path information, if any, is * extracted. * * @return a String, canonicalized by the web container, specifying extra path information that comes * after the servlet path but before the query string in the request URL; or {@code null} if the URL * does not have any extra path information */ String getPathInfo(); /** * Returns any extra path information after the servlet name but before the query string, and translates it to a * real path. Same as the value of the CGI variable PATH_TRANSLATED. *

* If the URL does not have any extra path information, this method returns null or the servlet * container cannot translate the virtual path to a real path for any reason (such as when the web application is * executed from an archive). The web container does not decode this string. * * @return a String specifying the real path, or null if the URL does not have any extra * path information */ String getPathTranslated(); /** * Obtain a builder for generating push requests. {@link PushBuilder} documents how this request will be used as the * basis for a push request. Each call to this method will return a new instance, independent of any previous * instance obtained. * * @return A builder that can be used to generate push requests based on this request or {@code null} if push is not * supported. Some implementations may opt not to support server push and will therefore always return * {@code null}. If a PushBuilder instance is returned, by the time that {@link PushBuilder#push()} is * called, it may no longer be valid to push a request and the push request will be ignored. * * @since Servlet 4.0 * * @deprecated In favor of 103 early hints */ @Deprecated default PushBuilder newPushBuilder() { return null; } /** * Returns the portion of the request URI that indicates the context of the request. The context path always comes * first in a request URI. The path starts with a "/" character but does not end with a "/" character. For servlets * in the default (root) context, this method returns "". The container does not decode this string. * * @return a String specifying the portion of the request URI that indicates the context of the request */ String getContextPath(); /** * Returns the query string that is contained in the request URL after the path. This method returns * null if the URL does not have a query string. Same as the value of the CGI variable QUERY_STRING. * * @return a String containing the query string or null if the URL contains no query * string. The value is not decoded by the container. */ String getQueryString(); /** * Returns the login of the user making this request, if the user has been authenticated, or null if * the user has not been authenticated. Whether the user name is sent with each subsequent request depends on the * browser and type of authentication. Same as the value of the CGI variable REMOTE_USER. * * @return a String specifying the login of the user making this request, or null if the * user login is not known */ String getRemoteUser(); /** * Returns a boolean indicating whether the authenticated user is included in the specified logical "role". Roles * and role membership can be defined using deployment descriptors. If the user has not been authenticated, the * method returns false. * * @param role a String specifying the name of the role * * @return a boolean indicating whether the user making this request belongs to a given role; * false if the user has not been authenticated */ boolean isUserInRole(String role); /** * Returns a java.security.Principal object containing the name of the current authenticated user. If * the user has not been authenticated, the method returns null. * * @return a java.security.Principal containing the name of the user making this request; * null if the user has not been authenticated */ java.security.Principal getUserPrincipal(); /** * Returns the session ID specified by the client. This may not be the same as the ID of the current valid session * for this request. If the client did not specify a session ID, this method returns null. * * @return a String specifying the session ID, or null if the request did not specify a * session ID * * @see #isRequestedSessionIdValid */ String getRequestedSessionId(); /** * Returns the part of this request's URL from the protocol name up to the query string in the first line of the * HTTP request. The web container does not decode this String. For example: *

* * * * * * * *
Examples of Returned Values
First line of HTTP requestReturned Value
POST /some/path.html HTTP/1.1 * * /some/path.html *
GET http://foo.bar/a.html HTTP/1.0 * * /a.html *
HEAD /xyz?a=b HTTP/1.1 * * /xyz *
*

* To reconstruct a URL with a scheme and host, use {@link #getRequestURL}. * * @return a String containing the part of the URL from the protocol name up to the query string * * @see #getRequestURL */ String getRequestURI(); /** * Reconstructs the URL the client used to make the request. The returned URL contains a protocol, server name, port * number, and server path, but it does not include query string parameters. *

* Because this method returns a StringBuffer, not a string, you can modify the URL easily, for * example, to append query parameters. *

* This method is useful for creating redirect messages and for reporting errors. * * @return a StringBuffer object containing the reconstructed URL */ StringBuffer getRequestURL(); /** * Returns the part of this request's URL that calls the servlet. This path starts with a "/" character and includes * either the servlet name or a path to the servlet, but does not include any extra path information or a query * string. Same as the value of the CGI variable SCRIPT_NAME. *

* The URL will be canonicalized as per section 3.5 of the specification before the path information, if any, is * extracted. *

* This method will return an empty string ("") if the servlet used to process this request was matched using the * "/*" pattern. * * @return a String, canonicalized by the web container, containing the name or path of the servlet * being called, as specified in the request URL, or an empty string if the servlet used to process the * request is matched using the "/*" pattern. */ String getServletPath(); /** * Returns the current HttpSession associated with this request or, if there is no current session and * create is true, returns a new session. *

* If create is false and the request has no valid HttpSession, this method * returns null. *

* To make sure the session is properly maintained, you must call this method before the response is committed. If * the container is using cookies to maintain session integrity and is asked to create a new session when the * response is committed, an IllegalStateException is thrown. * * @param create true to create a new session for this request if necessary; false to * return null if there's no current session * * @return the HttpSession associated with this request or null if create is * false and the request has no valid session * * @see #getSession() */ HttpSession getSession(boolean create); /** * Returns the current session associated with this request, or if the request does not have a session, creates one. * * @return the HttpSession associated with this request * * @see #getSession(boolean) */ HttpSession getSession(); /** * Changes the session ID of the session associated with this request. This method does not create a new session * object it only changes the ID of the current session. * * @return the new session ID allocated to the session * * @see HttpSessionIdListener * * @since Servlet 3.1 */ String changeSessionId(); /** * Checks whether the requested session ID is still valid. * * @return true if this request has an id for a valid session in the current session context; * false otherwise * * @see #getRequestedSessionId * @see #getSession */ boolean isRequestedSessionIdValid(); /** * Checks whether the requested session ID came in as a cookie. * * @return true if the session ID came in as a cookie; otherwise, false * * @see #getSession */ boolean isRequestedSessionIdFromCookie(); /** * Checks whether the requested session ID came in as part of the request URL. * * @return true if the session ID came in as part of a URL; otherwise, false * * @see #getSession */ boolean isRequestedSessionIdFromURL(); /** * Triggers the same authentication process as would be triggered if the request is for a resource that is protected * by a security constraint. * * @param response The response to use to return any authentication challenge * * @return true if the user is successfully authenticated and false if not * * @throws IOException if the authentication process attempted to read from the request or write to the * response and an I/O error occurred * @throws IllegalStateException if the authentication process attempted to write to the response after it had been * committed * @throws ServletException if the authentication failed and the caller is expected to handle the failure * * @since Servlet 3.0 */ boolean authenticate(HttpServletResponse response) throws IOException, ServletException; /** * Authenticate the provided user name and password and then associated the authenticated user with the request. * * @param username The user name to authenticate * @param password The password to use to authenticate the user * * @throws ServletException If any of {@link #getRemoteUser()}, {@link #getUserPrincipal()} or * {@link #getAuthType()} are non-null, if the configured authenticator does not * support user name and password authentication or if the authentication fails * * @since Servlet 3.0 */ void login(String username, String password) throws ServletException; /** * Removes any authenticated user from the request. * * @throws ServletException If the logout fails * * @since Servlet 3.0 */ void logout() throws ServletException; /** * Return a collection of all uploaded Parts. * * @return A collection of all uploaded Parts. * * @throws IOException if an I/O error occurs * @throws IllegalStateException if size limits are exceeded or no multipart configuration is provided * @throws ServletException if the request is not multipart/form-data * * @since Servlet 3.0 */ Collection getParts() throws IOException, ServletException; /** * Gets the named Part or null if the Part does not exist. Triggers upload of all Parts. * * @param name The name of the Part to obtain * * @return The named Part or null if the Part does not exist * * @throws IOException if an I/O error occurs * @throws IllegalStateException if size limits are exceeded * @throws ServletException if the request is not multipart/form-data * * @since Servlet 3.0 */ Part getPart(String name) throws IOException, ServletException; /** * Start the HTTP upgrade process and create and instance of the provided protocol handler class. The connection * will be passed this instance once the current request/response pair has completed processing. Calling this method * sets the response status to {@link HttpServletResponse#SC_SWITCHING_PROTOCOLS}. * * @param The type of the upgrade handler * @param httpUpgradeHandlerClass The class that implements the upgrade handler * * @return A newly created instance of the specified upgrade handler type * * @throws IOException if an I/O error occurred during the upgrade * @throws ServletException if the given httpUpgradeHandlerClass fails to be instantiated * * @since Servlet 3.1 */ T upgrade(Class httpUpgradeHandlerClass) throws IOException, ServletException; /** * Obtain a Map of the trailer fields that is not backed by the request object. * * @return A Map of the received trailer fields with all keys lower case or an empty Map if no trailers are present * * @since Servlet 4.0 */ default Map getTrailerFields() { return Collections.emptyMap(); } /** * Are trailer fields ready to be read (there may still be no trailers to read). This method always returns * {@code true} if the underlying protocol does not support trailer fields. Otherwise, {@code true} is returned once * all of the following are true: *

    *
  • The application has ready all the request data and an EOF has been received or the content-length is * zero
  • *
  • All trailer fields, if any, have been received
  • *
* * @return {@code true} if trailers are ready to be read * * @since Servlet 4.0 */ default boolean isTrailerFieldsReady() { return true; } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy