Show TOC Start of Content Area

Background documentation SAP Specific HTTP Callbacks  Locate the document in its SAP Library structure

The J2EE Engine defines proprietary callbacks as a means of communicating authentication data from and to the Web application. The com.sap.engine.lib.security.http.HttpGetterCallback is used by the HTTP Callback Handler to obtain information from the HTTP request and to pass it to the corresponding login module. The com.sap.engine.lib.security.http.HttpSetterCallback is used to set such information to the response that is generated to the client (irrespective of whether or not it is an error response).

The SAP-specific callbacks are designed in a way that enables developers to use a wide range of data that can be sent as part of the HTTP request. This includes:

     Get/set information contained in a header with a specified name

     Get/set a cookie with a specified name

     Get a specific request parameter

     Get the client certificate (or certificate chain)

     Get the client IP address

     Get the HTTP method performed with the request

     Get/set the type of the transport mechanism (secure or not)

     Set the response code

     Get the request body and set response body

     Get a specific session attribute, or all session attributes

     Set/remove a specific session attribute.

J2EE Web application developers can use these callbacks to retrieve specific data sent with the request, and to use it to provide more robust authentication.

For more information about the fields and methods of the HttpGetterCallback and HttpSetterCallback classes, see Using the HTTP Callback Classes.

 

End of Content Area