1. /*

  2.  * The Apache Software License, Version 1.1

  3.  *

  4.  * Copyright (c) 1999 The Apache Software Foundation.  All rights 

  5.  * reserved.

  6.  *

  7.  * Redistribution and use in source and binary forms, with or without

  8.  * modification, are permitted provided that the following conditions

  9.  * are met:

  10.  *

  11.  * 1. Redistributions of source code must retain the above copyright

  12.  *    notice, this list of conditions and the following disclaimer. 

  13.  *

  14.  * 2. Redistributions in binary form must reproduce the above copyright

  15.  *    notice, this list of conditions and the following disclaimer in

  16.  *    the documentation and/or other materials provided with the

  17.  *    distribution.

  18.  *

  19.  * 3. The end-user documentation included with the redistribution, if

  20.  *    any, must include the following acknowlegement:  

  21.  *       "This product includes software developed by the 

  22.  *        Apache Software Foundation (http://www.apache.org/)."

  23.  *    Alternately, this acknowlegement may appear in the software itself,

  24.  *    if and wherever such third-party acknowlegements normally appear.

  25.  *

  26.  * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software

  27.  *    Foundation" must not be used to endorse or promote products derived

  28.  *    from this software without prior written permission. For written 

  29.  *    permission, please contact apache@apache.org.

  30.  *

  31.  * 5. Products derived from this software may not be called "Apache"

  32.  *    nor may "Apache" appear in their names without prior written

  33.  *    permission of the Apache Group.

  34.  *

  35.  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED

  36.  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

  37.  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

  38.  * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR

  39.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  40.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT

  41.  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF

  42.  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND

  43.  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,

  44.  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT

  45.  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  46.  * SUCH DAMAGE.

  47.  * ====================================================================

  48.  *

  49.  * This software consists of voluntary contributions made by many

  50.  * individuals on behalf of the Apache Software Foundation.  For more

  51.  * information on the Apache Software Foundation, please see

  52.  * <http://www.apache.org/>.

  53.  *

  54.  * ====================================================================

  55.  *

  56.  * This source code implements specifications defined by the Java

  57.  * Community Process. In order to remain compliant with the specification

  58.  * DO NOT add / change / or delete method signatures!

  59.  */ 

  60. 

  61. 

  62. package javax.servlet.http;

  63. 

  64. import javax.servlet.ServletRequest;

  65. import java.util.Enumeration;

  66. 

  67. /**

  68.  *

  69.  * Extends the {@link javax.servlet.ServletRequest} interface

  70.  * to provide request information for HTTP servlets. 

  71.  *

  72.  * <p>The servlet container creates an <code>HttpServletRequest</code> 

  73.  * object and passes it as an argument to the servlet's service

  74.  * methods (<code>doGet</code>, <code>doPost</code>, etc).

  75.  *

  76.  *

  77.  * @author 	Various

  78.  * @version	$Version$

  79.  *

  80.  *

  81.  */

  82. 

  83. public interface HttpServletRequest extends ServletRequest {

  84. 

  85.     /**

  86.     * String identifier for Basic authentication. Value "BASIC"

  87.     */

  88.     public static final String BASIC_AUTH = "BASIC";

  89.     /**

  90.     * String identifier for Basic authentication. Value "FORM"

  91.     */

  92.     public static final String FORM_AUTH = "FORM";

  93.     /**

  94.     * String identifier for Basic authentication. Value "CLIENT_CERT"

  95.     */

  96.     public static final String CLIENT_CERT_AUTH = "CLIENT_CERT";

  97.     /**

  98.     * String identifier for Basic authentication. Value "DIGEST"

  99.     */

  100.     public static final String DIGEST_AUTH = "DIGEST";

  101. 

  102.     /**

  103.      * Returns the name of the authentication scheme used to protect

  104.      * the servlet. All servlet containers support basic, form and client 

  105.      * certificate authentication, and may additionally support digest 

  106.      * authentication.

  107.      * If the servlet is not authenticated <code>null</code> is returned. 

  108.      *

  109.      * <p>Same as the value of the CGI variable AUTH_TYPE.

  110.      *

  111.      *

  112.      * @return		one of the static members BASIC_AUTH, 

  113.      *			FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH

  114.      *			(suitable for == comparison) 

  115.      *			indicating the authentication scheme, or 

  116.      *			<code>null</code> if the request was 

  117.      *			not authenticated.     

  118.      *

  119.      */

  120.    

  121.     public String getAuthType();

  122.     

  123.    

  124.     

  125. 

  126.     /**

  127.      *

  128.      * Returns an array containing all of the <code>Cookie</code>

  129.      * objects the client sent with this request.

  130.      * This method returns <code>null</code> if no cookies were sent.

  131.      *

  132.      * @return		an array of all the <code>Cookies</code>

  133.      *			included with this request, or <code>null</code>

  134.      *			if the request has no cookies

  135.      *

  136.      *

  137.      */

  138. 

  139.     public Cookie[] getCookies();

  140.     

  141.     

  142.     

  143. 

  144.     /**

  145.      *

  146.      * Returns the value of the specified request header

  147.      * as a <code>long</code> value that represents a 

  148.      * <code>Date</code> object. Use this method with

  149.      * headers that contain dates, such as

  150.      * <code>If-Modified-Since</code>. 

  151.      *

  152.      * <p>The date is returned as

  153.      * the number of milliseconds since January 1, 1970 GMT.

  154.      * The header name is case insensitive.

  155.      *

  156.      * <p>If the request did not have a header of the

  157.      * specified name, this method returns -1. If the header

  158.      * can't be converted to a date, the method throws

  159.      * an <code>IllegalArgumentException</code>.

  160.      *

  161.      * @param name		a <code>String</code> specifying the

  162.      *				name of the header

  163.      *

  164.      * @return			a <code>long</code> value

  165.      *				representing the date specified

  166.      *				in the header expressed as

  167.      *				the number of milliseconds

  168.      *				since January 1, 1970 GMT,

  169.      *				or -1 if the named header

  170.      *				was not included with the

  171.      *				reqest

  172.      *

  173.      * @exception	IllegalArgumentException	If the header value

  174.      *							can't be converted

  175.      *							to a date

  176.      *

  177.      */

  178. 

  179.     public long getDateHeader(String name);

  180.     

  181.     

  182.     

  183. 

  184.     /**

  185.      *

  186.      * Returns the value of the specified request header

  187.      * as a <code>String</code>. If the request did not include a header

  188.      * of the specified name, this method returns <code>null</code>.

  189.      * The header name is case insensitive. You can use

  190.      * this method with any request header.

  191.      *

  192.      * @param name		a <code>String</code> specifying the

  193.      *				header name

  194.      *

  195.      * @return			a <code>String</code> containing the

  196.      *				value of the requested

  197.      *				header, or <code>null</code>

  198.      *				if the request does not

  199.      *				have a header of that name

  200.      *

  201.      */			

  202. 

  203.     public String getHeader(String name); 

  204. 

  205. 

  206. 

  207. 

  208.     /**

  209.      *

  210.      * Returns all the values of the specified request header

  211.      * as an <code>Enumeration</code> of <code>String</code> objects.

  212.      *

  213.      * <p>Some headers, such as <code>Accept-Language</code> can be sent

  214.      * by clients as several headers each with a different value rather than

  215.      * sending the header as a comma separated list.

  216.      *

  217.      * <p>If the request did not include any headers

  218.      * of the specified name, this method returns an empty

  219.      * <code>Enumeration</code>.

  220.      * The header name is case insensitive. You can use

  221.      * this method with any request header.

  222.      *

  223.      * @param name		a <code>String</code> specifying the

  224.      *				header name

  225.      *

  226.      * @return			an <code>Enumeration</code> containing

  227.      *                  	the values of the requested header. If

  228.      *                  	the request does not have any headers of

  229.      *                  	that name return an empty

  230.      *                  	enumeration. If 

  231.      *                  	the container does not allow access to

  232.      *                  	header information, return null

  233.      *

  234.      */			

  235. 

  236.     public Enumeration getHeaders(String name); 

  237.     

  238.     

  239.     

  240.     

  241. 

  242.     /**

  243.      *

  244.      * Returns an enumeration of all the header names

  245.      * this request contains. If the request has no

  246.      * headers, this method returns an empty enumeration.

  247.      *

  248.      * <p>Some servlet containers do not allow do not allow

  249.      * servlets to access headers using this method, in

  250.      * which case this method returns <code>null</code>

  251.      *

  252.      * @return			an enumeration of all the

  253.      *				header names sent with this

  254.      *				request; if the request has

  255.      *				no headers, an empty enumeration;

  256.      *				if the servlet container does not

  257.      *				allow servlets to use this method,

  258.      *				<code>null</code>

  259.      *				

  260.      *

  261.      */

  262. 

  263.     public Enumeration getHeaderNames();

  264.     

  265.     

  266.     

  267. 

  268.     /**

  269.      *

  270.      * Returns the value of the specified request header

  271.      * as an <code>int</code>. If the request does not have a header

  272.      * of the specified name, this method returns -1. If the

  273.      * header cannot be converted to an integer, this method

  274.      * throws a <code>NumberFormatException</code>.

  275.      *

  276.      * <p>The header name is case insensitive.

  277.      *

  278.      * @param name		a <code>String</code> specifying the name

  279.      *				of a request header

  280.      *

  281.      * @return			an integer expressing the value 

  282.      * 				of the request header or -1

  283.      *				if the request doesn't have a

  284.      *				header of this name

  285.      *

  286.      * @exception	NumberFormatException		If the header value

  287.      *							can't be converted

  288.      *							to an <code>int</code>

  289.      */

  290. 

  291.     public int getIntHeader(String name);

  292.     

  293.     

  294.     

  295. 

  296.     /**

  297.      *

  298.      * Returns the name of the HTTP method with which this 

  299.      * request was made, for example, GET, POST, or PUT.

  300.      * Same as the value of the CGI variable REQUEST_METHOD.

  301.      *

  302.      * @return			a <code>String</code> 

  303.      *				specifying the name

  304.      *				of the method with which

  305.      *				this request was made

  306.      *

  307.      */

  308.  

  309.     public String getMethod();

  310.     

  311.     

  312.     

  313. 

  314.     /**

  315.      *

  316.      * Returns any extra path information associated with

  317.      * the URL the client sent when it made this request.

  318.      * The extra path information follows the servlet path

  319.      * but precedes the query string.

  320.      * This method returns <code>null</code> if there

  321.      * was no extra path information.

  322.      *

  323.      * <p>Same as the value of the CGI variable PATH_INFO.

  324.      *

  325.      *

  326.      * @return		a <code>String</code>, decoded by the

  327.      *			web container, specifying 

  328.      *			extra path information that comes

  329.      *			after the servlet path but before

  330.      *			the query string in the request URL;

  331.      *			or <code>null</code> if the URL does not have

  332.      *			any extra path information

  333.      *

  334.      */

  335.      

  336.     public String getPathInfo();

  337.     

  338. 

  339.  

  340. 

  341.     /**

  342.      *

  343.      * Returns any extra path information after the servlet name

  344.      * but before the query string, and translates it to a real

  345.      * path. Same as the value of the CGI variable PATH_TRANSLATED.

  346.      *

  347.      * <p>If the URL does not have any extra path information,

  348.      * this method returns <code>null</code>.

  349.      *

  350.      * The web container does not decode thins string.

  351.      *

  352.      *

  353.      * @return		a <code>String</code> specifying the

  354.      *			real path, or <code>null</code> if

  355.      *			the URL does not have any extra path

  356.      *			information

  357.      *

  358.      *

  359.      */

  360. 

  361.     public String getPathTranslated();

  362.     

  363. 

  364.  

  365. 

  366.     /**

  367.      *

  368.      * Returns the portion of the request URI that indicates the context

  369.      * of the request.  The context path always comes first in a request

  370.      * URI.  The path starts with a "/" character but does not end with a "/"

  371.      * character.  For servlets in the default (root) context, this method

  372.      * returns "". The container does not decode this string.

  373.      *

  374.      *

  375.      * @return		a <code>String</code> specifying the

  376.      *			portion of the request URI that indicates the context

  377.      *			of the request

  378.      *

  379.      *

  380.      */

  381. 

  382.     public String getContextPath();

  383.     

  384.     

  385.     

  386. 

  387.     /**

  388.      *

  389.      * Returns the query string that is contained in the request

  390.      * URL after the path. This method returns <code>null</code>

  391.      * if the URL does not have a query string. Same as the value

  392.      * of the CGI variable QUERY_STRING. 

  393.      *

  394.      * @return		a <code>String</code> containing the query

  395.      *			string or <code>null</code> if the URL 

  396.      *			contains no query string. The value is not

  397.      *			decoded by the container.

  398.      *

  399.      */

  400. 

  401.     public String getQueryString();

  402.     

  403.     

  404.     

  405. 

  406.     /**

  407.      *

  408.      * Returns the login of the user making this request, if the

  409.      * user has been authenticated, or <code>null</code> if the user 

  410.      * has not been authenticated.

  411.      * Whether the user name is sent with each subsequent request

  412.      * depends on the browser and type of authentication. Same as the 

  413.      * value of the CGI variable REMOTE_USER.

  414.      *

  415.      * @return		a <code>String</code> specifying the login

  416.      *			of the user making this request, or <code>null</code

  417.      *			if the user login is not known

  418.      *

  419.      */

  420. 

  421.     public String getRemoteUser();

  422.     

  423.     

  424.     

  425. 

  426.     /**

  427.      *

  428.      * Returns a boolean indicating whether the authenticated user is included

  429.      * in the specified logical "role".  Roles and role membership can be

  430.      * defined using deployment descriptors.  If the user has not been

  431.      * authenticated, the method returns <code>false</code>.

  432.      *

  433.      * @param role		a <code>String</code> specifying the name

  434.      *				of the role

  435.      *

  436.      * @return		a <code>boolean</code> indicating whether

  437.      *			the user making this request belongs to a given role;

  438.      *			<code>false</code> if the user has not been 

  439.      *			authenticated

  440.      *

  441.      */

  442. 

  443.     public boolean isUserInRole(String role);

  444.     

  445.     

  446.     

  447. 

  448.     /**

  449.      *

  450.      * Returns a <code>java.security.Principal</code> object containing

  451.      * the name of the current authenticated user. If the user has not been

  452.      * authenticated, the method returns <code>null</code>.

  453.      *

  454.      * @return		a <code>java.security.Principal</code> containing

  455.      *			the name of the user making this request;

  456.      *			<code>null</code> if the user has not been 

  457.      *			authenticated

  458.      *

  459.      */

  460. 

  461.     public java.security.Principal getUserPrincipal();

  462.     

  463.     

  464.     

  465. 

  466.     /**

  467.      *

  468.      * Returns the session ID specified by the client. This may

  469.      * not be the same as the ID of the actual session in use.

  470.      * For example, if the request specified an old (expired)

  471.      * session ID and the server has started a new session, this

  472.      * method gets a new session with a new ID. If the request

  473.      * did not specify a session ID, this method returns

  474.      * <code>null</code>.

  475.      *

  476.      *

  477.      * @return		a <code>String</code> specifying the session

  478.      *			ID, or <code>null</code> if the request did

  479.      *			not specify a session ID

  480.      *

  481.      * @see		#isRequestedSessionIdValid

  482.      *

  483.      */

  484. 

  485.     public String getRequestedSessionId();

  486.     

  487.     

  488.     

  489.     

  490.     /**

  491.      *

  492.      * Returns the part of this request's URL from the protocol

  493.      * name up to the query string in the first line of the HTTP request.

  494.      * The web container does not decode this String.

  495.      * For example:

  496.      *

  497.      * 

  498. 

  499.      * <table>

  500.      * <tr align=left><th>First line of HTTP request      </th>

  501.      * <th>     Returned Value</th>

  502.      * <tr><td>POST /some/path.html HTTP/1.1<td><td>/some/path.html

  503.      * <tr><td>GET http://foo.bar/a.html HTTP/1.0

  504.      * <td><td>/a.html

  505.      * <tr><td>HEAD /xyz?a=b HTTP/1.1<td><td>/xyz

  506.      * </table>

  507.      *      

  508.      * <p>To reconstruct an URL with a scheme and host, use

  509.      * {@link HttpUtils#getRequestURL}.

  510.      *

  511.      * @return		a <code>String</code> containing

  512.      *			the part of the URL from the 

  513.      *			protocol name up to the query string

  514.      *

  515.      * @see		HttpUtils#getRequestURL

  516.      *

  517.      */

  518. 

  519.     public String getRequestURI();

  520.     

  521.     /**

  522.      *

  523.      * Reconstructs the URL the client used to make the request.

  524.      * The returned URL contains a protocol, server name, port

  525.      * number, and server path, but it does not include query

  526.      * string parameters.

  527.      * 

  528.      * <p>Because this method returns a <code>StringBuffer</code>,

  529.      * not a string, you can modify the URL easily, for example,

  530.      * to append query parameters.

  531.      *

  532.      * <p>This method is useful for creating redirect messages

  533.      * and for reporting errors.

  534.      *

  535.      * @return		a <code>StringBuffer</code> object containing

  536.      *			the reconstructed URL

  537.      *

  538.      */

  539.     public StringBuffer getRequestURL();

  540.     

  541. 

  542.     /**

  543.      *

  544.      * Returns the part of this request's URL that calls

  545.      * the servlet. This includes either the servlet name or

  546.      * a path to the servlet, but does not include any extra

  547.      * path information or a query string. Same as the value 

  548.      * of the CGI variable SCRIPT_NAME.

  549.      *

  550.      *

  551.      * @return		a <code>String</code> containing

  552.      *			the name or path of the servlet being

  553.      *			called, as specified in the request URL,

  554.      *			decoded.

  555.      *

  556.      *

  557.      */

  558. 

  559.     public String getServletPath();

  560.     

  561.     

  562.     

  563. 

  564.     /**

  565.      *

  566.      * Returns the current <code>HttpSession</code>

  567.      * associated with this request or, if if there is no

  568.      * current session and <code>create</code> is true, returns 

  569.      * a new session.

  570.      *

  571.      * <p>If <code>create</code> is <code>false</code>

  572.      * and the request has no valid <code>HttpSession</code>,

  573.      * this method returns <code>null</code>.

  574.      *

  575.      * <p>To make sure the session is properly maintained,

  576.      * you must call this method before 

  577.      * the response is committed. If the container is using cookies

  578.      * to maintain session integrity and is asked to create a new session

  579.      * when the response is committed, an IllegalStateException is thrown.

  580.      *

  581.      *

  582.      *

  583.      *

  584.      * @param		<code>true</code> to create

  585.      *			a new session for this request if necessary; 

  586.      *			<code>false</code> to return <code>null</code>

  587.      *			if there's no current session

  588.      *			

  589.      *

  590.      * @return 		the <code>HttpSession</code> associated 

  591.      *			with this request or <code>null</code> if

  592.      * 			<code>create</code> is <code>false</code>

  593.      *			and the request has no valid session

  594.      *

  595.      * @see	#getSession()

  596.      *

  597.      *

  598.      */

  599. 

  600.     public HttpSession getSession(boolean create);

  601.     

  602.     

  603.     

  604.    

  605. 

  606.     /**

  607.      *

  608.      * Returns the current session associated with this request,

  609.      * or if the request does not have a session, creates one.

  610.      * 

  611.      * @return		the <code>HttpSession</code> associated

  612.      *			with this request

  613.      *

  614.      * @see	#getSession(boolean)

  615.      *

  616.      */

  617. 

  618.     public HttpSession getSession();

  619.     

  620.     

  621.     

  622.     

  623.     

  624. 

  625.     /**

  626.      *

  627.      * Checks whether the requested session ID is still valid.

  628.      *

  629.      * @return			<code>true</code> if this

  630.      *				request has an id for a valid session

  631.      *				in the current session context;

  632.      *				<code>false</code> otherwise

  633.      *

  634.      * @see			#getRequestedSessionId

  635.      * @see			#getSession

  636.      * @see			HttpSessionContext

  637.      *

  638.      */

  639. 

  640.     public boolean isRequestedSessionIdValid();

  641.     

  642.     

  643.     

  644. 

  645.     /**

  646.      *

  647.      * Checks whether the requested session ID came in as a cookie.

  648.      *

  649.      * @return			<code>true</code> if the session ID

  650.      *				came in as a

  651.      *				cookie; otherwise, <code>false</code>

  652.      *

  653.      *

  654.      * @see			#getSession

  655.      *

  656.      */ 

  657. 

  658.     public boolean isRequestedSessionIdFromCookie();

  659.     

  660.     

  661.     

  662. 

  663.     /**

  664.      *

  665.      * Checks whether the requested session ID came in as part of the 

  666.      * request URL.

  667.      *

  668.      * @return			<code>true</code> if the session ID

  669.      *				came in as part of a URL; otherwise,

  670.      *				<code>false</code>

  671.      *

  672.      *

  673.      * @see			#getSession

  674.      *

  675.      */

  676.     

  677.     public boolean isRequestedSessionIdFromURL();

  678.     

  679.     

  680.     

  681.     

  682.     

  683.     /**

  684.      *

  685.      * @deprecated		As of Version 2.1 of the Java Servlet

  686.      *				API, use {@link #isRequestedSessionIdFromURL}

  687.      *				instead.

  688.      *

  689.      */

  690. 

  691.     public boolean isRequestedSessionIdFromUrl();

  692. 

  693. 

  694.     

  695. }