HttpsCommandValidator.java example

Explorer
cougar-master
/*
 * Copyright 2014, The Sporting Exchange Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.betfair.cougar.transport.impl.protocol.http;

import com.betfair.cougar.core.api.exception.CougarException;
import com.betfair.cougar.core.api.exception.CougarServiceException;
import com.betfair.cougar.core.api.exception.ServerFaultCode;
import com.betfair.cougar.transport.api.CommandValidator;
import com.betfair.cougar.transport.api.protocol.http.HttpCommand;
import org.springframework.jmx.export.annotation.ManagedAttribute;
import org.springframework.jmx.export.annotation.ManagedResource;

/**
 * Command validator to enable requirement for SSL. Has support for allowing termination on a Netscaler or equivalent
 * device.
 */
@ManagedResource
public class HttpsCommandValidator implements CommandValidator<HttpCommand> {

    private boolean enabled = true;
    private boolean allowExternalTermination = true;
    private String externalTerminationHeader = "Front-End-Https";

    @Override
    public void validate(HttpCommand command) throws CougarException {
        if (enabled) {
            // https is obvious SSL
            if (!command.getRequest().getScheme().equals("https")) {
                // if over http, then if we support external termination, then externalTerminationHeader must be present
                // to indicate it was terminated
                if (!allowExternalTermination || command.getRequest().getHeader(externalTerminationHeader) == null) {
                    throw new CougarServiceException(ServerFaultCode.SecurityException, "This service requires a secure communication protocol");
                }
            }
        }
    }

    /**
     * Allows control of whether this validator in enabled at runtime (rather than at build time). Defaults to <code>true</code>.
     */
    @ManagedAttribute
    public void setEnabled(boolean enabled) {
        this.enabled = enabled;
    }

    /**
     * Whether to enable termination of SSL on an external device (such as a Netscaler). Defaults to <code>true</code>.
     * @param allowExternalTermination
     */
    @ManagedAttribute
    public void setAllowExternalTermination(boolean allowExternalTermination) {
        this.allowExternalTermination = allowExternalTermination;
    }

    /**
     * The header that an external device sends through in the case of external termination of SSL. Defaults to <code>Front-End-Https</code>.
     */
    @ManagedAttribute
    public void setExternalTerminationHeader(String externalTerminationHeader) {
        this.externalTerminationHeader = externalTerminationHeader;
    }

    @ManagedAttribute
    public boolean isEnabled() {
        return enabled;
    }

    @ManagedAttribute
    public boolean isAllowExternalTermination() {
        return allowExternalTermination;
    }

    @ManagedAttribute
    public String getExternalTerminationHeader() {
        return externalTerminationHeader;
    }
}