|
GWT 2.7.0 | |||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object javax.servlet.GenericServlet javax.servlet.http.HttpServlet com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet com.google.gwt.user.server.rpc.RemoteServiceServlet
public class RemoteServiceServlet
The servlet base class for your RPC service implementations that automatically deserializes incoming requests from the client and serializes outgoing responses for client/server RPCs.
Field Summary |
---|
Fields inherited from class com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet |
---|
perThreadRequest, perThreadResponse |
Constructor Summary | |
---|---|
RemoteServiceServlet()
The default constructor used by service implementations that extend this class. |
|
RemoteServiceServlet(java.lang.Object delegate)
The wrapping constructor used by service implementations that are separate from this class. |
Method Summary | |
---|---|
protected void |
checkPermutationStrongName()
This method is called by processCall(String) and will throw a
SecurityException if AbstractRemoteServiceServlet.getPermutationStrongName() returns
null . |
protected SerializationPolicy |
doGetSerializationPolicy(javax.servlet.http.HttpServletRequest request,
java.lang.String moduleBaseURL,
java.lang.String strongName)
Loads the SerializationPolicy for given module base URL and strong name. |
protected java.lang.String |
getCodeServerPolicyUrl(java.lang.String strongName)
Returns a URL for fetching a serialization policy from a Super Dev Mode code server. |
protected java.lang.String |
getRequestModuleBasePath()
Extract the module's base path from the current request. |
SerializationPolicy |
getSerializationPolicy(java.lang.String moduleBaseURL,
java.lang.String strongName)
Returns a SerializationPolicy for a given module base URL and
serialization policy strong name. |
void |
init(javax.servlet.ServletConfig config)
Overridden to load the gwt.codeserver.port system property. |
protected SerializationPolicy |
loadPolicyFromCodeServer(java.lang.String url)
Loads a serialization policy from a Super Dev Mode code server. |
(package private) static SerializationPolicy |
loadSerializationPolicy(javax.servlet.http.HttpServlet servlet,
javax.servlet.http.HttpServletRequest request,
java.lang.String moduleBaseURL,
java.lang.String strongName)
Loads a serialization policy stored as a servlet resource in the same ServletContext as this servlet. |
protected void |
onAfterResponseSerialized(java.lang.String serializedResponse)
Override this method to examine the serialized response that will be returned to the client. |
protected void |
onBeforeRequestDeserialized(java.lang.String serializedRequest)
Override this method to examine the serialized version of the request payload before it is deserialized into objects. |
java.lang.String |
processCall(RPCRequest rpcRequest)
Process an already decoded RPC request. |
java.lang.String |
processCall(java.lang.String payload)
Process a call originating from the given request. |
void |
processPost(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Standard HttpServlet method: handle the POST. |
protected boolean |
shouldCompressResponse(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
java.lang.String responsePayload)
Determines whether the response to a given servlet request should or should not be GZIP compressed. |
Methods inherited from class com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet |
---|
doPost, doUnexpectedFailure, getPermutationStrongName, getThreadLocalRequest, getThreadLocalResponse, onAfterRequestDeserialized, readContent |
Methods inherited from class javax.servlet.http.HttpServlet |
---|
doDelete, doGet, doHead, doOptions, doPut, doTrace, getLastModified, service, service |
Methods inherited from class javax.servlet.GenericServlet |
---|
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public RemoteServiceServlet()
public RemoteServiceServlet(java.lang.Object delegate)
Method Detail |
---|
static SerializationPolicy loadSerializationPolicy(javax.servlet.http.HttpServlet servlet, javax.servlet.http.HttpServletRequest request, java.lang.String moduleBaseURL, java.lang.String strongName)
public void init(javax.servlet.ServletConfig config) throws javax.servlet.ServletException
init
in interface javax.servlet.Servlet
init
in class javax.servlet.GenericServlet
javax.servlet.ServletException
protected java.lang.String getRequestModuleBasePath()
GWT.getModuleBaseURL()
or
null
if the request did not contain the
"X-GWT-Module-Base" headerpublic final SerializationPolicy getSerializationPolicy(java.lang.String moduleBaseURL, java.lang.String strongName)
SerializationPolicyProvider
SerializationPolicy
for a given module base URL and
serialization policy strong name.
getSerializationPolicy
in interface SerializationPolicyProvider
moduleBaseURL
- the URL for the modulestrongName
- strong name of the serialization
policy for the specified module URL
SerializationPolicy
for a given module base URL and RPC
strong name; must not return null
public java.lang.String processCall(java.lang.String payload) throws SerializationException
checkPermutationStrongName()
to prevent
possible XSRF attacks and then decodes the payload
using
RPC.decodeRequest(String, Class, SerializationPolicyProvider)
to do the actual work.
Once the request is decoded processCall(RPCRequest)
will be called.
Subclasses may optionally override this method to handle the payload in any
way they desire (by routing the request to a framework component, for
instance). The HttpServletRequest
and HttpServletResponse
can be accessed via the AbstractRemoteServiceServlet.getThreadLocalRequest()
and
AbstractRemoteServiceServlet.getThreadLocalResponse()
methods.
payload
- the UTF-8 request payload
IncompatibleRemoteServiceException
SerializationException
- if we cannot serialize the response
UnexpectedException
- if the invocation throws a checked exception
that is not declared in the service method's signature
java.lang.RuntimeException
- if the service method throws an unchecked
exception (the exception will be the one thrown by the service)public java.lang.String processCall(RPCRequest rpcRequest) throws SerializationException
RPC.invokeAndEncodeResponse(Object, java.lang.reflect.Method, Object[])
method to do the actual work.
Subclasses may optionally override this method to handle the decoded rpc
request in any way they desire (by routing the request to a framework
component, for instance).
The HttpServletRequest
and HttpServletResponse
can be accessed via the AbstractRemoteServiceServlet.getThreadLocalRequest()
and
AbstractRemoteServiceServlet.getThreadLocalResponse()
methods.
rpcRequest
- the already decoded RPC request
IncompatibleRemoteServiceException
SerializationException
- if we cannot serialize the response
UnexpectedException
- if the invocation throws a checked exception
that is not declared in the service method's signature
java.lang.RuntimeException
- if the service method throws an unchecked
exception (the exception will be the one thrown by the service)public final void processPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException, SerializationException
processPost
in class AbstractRemoteServiceServlet
javax.servlet.ServletException
SerializationException
java.io.IOException
protected void checkPermutationStrongName() throws java.lang.SecurityException
processCall(String)
and will throw a
SecurityException if AbstractRemoteServiceServlet.getPermutationStrongName()
returns
null
. This method can be overridden to be a no-op if there are
clients that are not expected to provide the
"X-GWT-Permutation"
header.
java.lang.SecurityException
- if AbstractRemoteServiceServlet.getPermutationStrongName()
returns
null
protected SerializationPolicy doGetSerializationPolicy(javax.servlet.http.HttpServletRequest request, java.lang.String moduleBaseURL, java.lang.String strongName)
SerializationPolicy
for given module base URL and strong name.
Returns the policy if successful or null if not found. Due to caching, this method
will only be called once for each combination of moduleBaseURL and strongName.
The default implementation loads serialization policies stored as servlet resources in the same ServletContext as this servlet.
Override this method to load the SerializationPolicy
using an
alternative approach.
request
- the HTTP request being servicedmoduleBaseURL
- as specified in the incoming payloadstrongName
- a strong name that uniquely identifies a serialization
policy fileprotected java.lang.String getCodeServerPolicyUrl(java.lang.String strongName)
By default, returns null. If the gwt.codeserver.port
system property is set,
returns a URL under http://localhost:{port}
.
To use a server not on localhost, you must override this method. If you do so, consider the security implications: the policy server and network transport must be trusted or this could be used as a way to disable security checks for some GWT-RPC requests, allowing access to arbitrary Java classes.
strongName
- the strong name from the GWT-RPC request (already validated).
null
if no request should be made.protected SerializationPolicy loadPolicyFromCodeServer(java.lang.String url)
getCodeServerPolicyUrl(java.lang.String)
returns a URL.)
The default version is a simple implementation built on java.net.URL that does no authentication. It should only be used during development.
protected void onAfterResponseSerialized(java.lang.String serializedResponse)
serializedResponse
- protected void onBeforeRequestDeserialized(java.lang.String serializedRequest)
serializedRequest
- protected boolean shouldCompressResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String responsePayload)
This implementation currently returns true
if the response
string's estimated byte length is longer than 256 bytes. Subclasses can
override this logic.
request
- the request being servedresponse
- the response that will be written intoresponsePayload
- the payload that is about to be sent to the client
true
if responsePayload should be GZIP compressed,
otherwise false
.
|
GWT 2.7.0 | |||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |