RequestRecognizer

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

impostor
Interface RequestRecognizer

All Known Implementing Classes:: EmptyManager, HotmailYahooMailRHULMailRecognizer

public interface RequestRecognizer

This interface defines the methods that a class must implement in order to provide the functionality of recognizing HTML requests sent from the user's browser to websites. It is the basic functionality that enables the Impostor daemon to provide Single Sign-On. For every incoming HTML request (even those over SSL/TLS connections) the Impostor daemon first acquires a RequestRecognizer instance using a UserManager's getRequestRecognizerInstance method. It then calls the RequestRecognizer's init method in order to initialize the RequestRecognizer. If this request is recognized as a user's login attempt to the website, the isRecognized method should return true. If this is the case, the Impostor daemon calls the getServiceName and getLogEntry methods in order to generate the Impostor login page and a log entry. Assuming successful user authentication (according to the challenge/response mechanism implemented by the ChallengeResponseManager), the Impostor daemon calls the fillInUsernameAndPassword method specifying a specific username and password. The method should return a valid HTTP request that results in the user being logged into the website under the specified username.

Method Summary

java.lang.String fillInUsernameAndPassword(java.lang.String username, java.lang.String password)
          A RequestRecognizer must also implement the functionality to fill a given username and password into the HTTP request with which is was initialized, such that the resulting HTTP request effectively logs the specified username into the site, using the specified password.

java.lang.String getLogEntry()
          The Impostor daemon calls this method in order to store an entry in a log for this RequestRecognizer.

java.lang.String getServiceName()
          The Impostor daemon calls this method only if this RequestRecognizer's isRecognized method returns true.

void init(java.lang.String host, int port, java.lang.String request)
          The Impostor daemon calls this method in order to initialize the RequestRecognizer.

boolean isRecognized()
          The Impostor daemon calls this method in order to determine whether this RequestRecognizer recognized the HTTP request with which it was initialized as a login attempt into a website.

Method Detail

init

public void init(java.lang.String host,
                 int port,
                 java.lang.String request)

The Impostor daemon calls this method in order to initialize the RequestRecognizer. It is called for every HTML request coming from a user. The parameters passed to the method is the host name of the website, the port number of the TCP socket (this is typically 80 for HTTP or 447 for HTTPS) and the HTTP request itself. This includes HTML request headers and, only in the case of a POST request, the POST string that follows immetiately after the headers. An implementing class should analyze the request and determine whether this is a login request for a website or not.

isRecognized

public boolean isRecognized()

The Impostor daemon calls this method in order to determine whether this RequestRecognizer recognized the HTTP request with which it was initialized as a login attempt into a website. The method should return false if the init method of this object has not been called yet, or if the request was not recognized as a login attempt. If this method returns true, the Impostor daemon expects the remaining methods to return non-null values.

getServiceName

public java.lang.String getServiceName()

The Impostor daemon calls this method only if this RequestRecognizer's isRecognized method returns true. This method should return the name of the service or website this recognized request is a login attempt for. The daemon uses this name in order to generate the Impostor login page.

fillInUsernameAndPassword

public java.lang.String fillInUsernameAndPassword(java.lang.String username,
                                                  java.lang.String password)

A RequestRecognizer must also implement the functionality to fill a given username and password into the HTTP request with which is was initialized, such that the resulting HTTP request effectively logs the specified username into the site, using the specified password. The Impostor daemon calls this method only if this RequestRecognizer's isRecognized method returns true. The daemon will call this method only after a valid Impostor user has successfully authenticated him/herself. (as determined by the imlementation of a ChallengeResponseManager). The username and password the Impostor daemon passes as parameters to this method are determined by the implementation of a UserManager.

getLogEntry

public java.lang.String getLogEntry()

The Impostor daemon calls this method in order to store an entry in a log for this RequestRecognizer. An implementation should return the details of an HTTP request if, of course, it has been initialized.