Show TOC Start of Content Area

Background documentation SAP Specific HTTP Callbacks  Locate the document in its SAP Library structure

The AS Java defines proprietary callbacks as a means of communicating authentication data from and to the Web application. The com.sap.engine.lib.security.http.HttpGetterCallback is used by the HTTP Callback Handler to obtain information from the HTTP request and to pass it to the corresponding login module. The com.sap.engine.lib.security.http.HttpSetterCallback is used to set such information to the response that is generated to the client (irrespective of whether or not it is an error response).

The SAP-specific callbacks are designed in a way that enables developers to use a wide range of data that can be sent as part of the HTTP request. This includes:

      Get/set information contained in a header with a specified name

      Get/set a cookie with a specified name

      Get a specific request parameter

      Get the client certificate (or certificate chain)

      Get the client IP address

      Get the HTTP method performed with the request

      Get/set the type of the transport mechanism (secure or not)

      Set the response code

      Get the request body and set response body

      Get a specific session attribute, or all session attributes

      Set/remove a specific session attribute.

J2EE Web application developers can use these callbacks to retrieve specific data sent with the request, and to use it to provide more robust authentication.

For more information about the fields and methods of the HttpGetterCallback and HttpSetterCallback classes, see Using the HTTP Callback Classes.

 

End of Content Area