Class DefaultUrlSigner

  • Direct Known Subclasses:
    RenameToUuidUrlSigner

    public class DefaultUrlSigner
    extends UrlSigner
    Default UrlSigner implementation that signs all requests, putting all objects in a specific S3 bucket and limiting the signature time to a configurable time period.

    This implementation also demonstrates how objects may be modified, as it adds a metadata item to each signed object to store the transaction ID in which the object was signed. The transaction id is stored in the metadata name x-amx-gatekeeper-transaction-id

    Author:
    James Murty
    • Constructor Detail

      • DefaultUrlSigner

        public DefaultUrlSigner​(javax.servlet.ServletConfig servletConfig)
                         throws javax.servlet.ServletException
        Constructs the UrlSigner with the required parameters.

        The required parameters that must be available in the servlet configuration are:

        • AwsAccessKey: The AWS Access Key for an S3 account
        • AwsSecretKey: The AWS Secret Key for an S3 account
        • S3BucketName: The bucket all objects are stored in (regardless of what bucket name the client provided).
        • SecondsToSign: How many seconds until the signed URLs will expire
          Note: this setting must allow enough time for the operation to complete before the expiry time is reached. For example, if uploads are expected over slow connections the expiry time must be long enough for the uploads to finish otherwise the uploaded file will be rejected after it has finished uploading.
        Parameters:
        servletConfig -
        Throws:
        javax.servlet.ServletException
    • Method Detail

      • signDelete

        public String signDelete​(GatekeeperMessage requestMessage,
                                 ClientInformation clientInformation,
                                 SignatureRequest signatureRequest)
                          throws S3ServiceException
        Description copied from class: UrlSigner
        Generate a signed DELETE URL for the signature request.
        Specified by:
        signDelete in class UrlSigner
        Parameters:
        requestMessage - the request message received from the client.
        clientInformation - information about the client's end-point, and any Session or Principal associated with the client.
        signatureRequest - a pre-approved signature request.
        Returns:
        a signed URL string that will allow the operation specified in the signature request on the object specified in the signature request.
        Throws:
        S3ServiceException
      • signGet

        public String signGet​(GatekeeperMessage requestMessage,
                              ClientInformation clientInformation,
                              SignatureRequest signatureRequest)
                       throws S3ServiceException
        Description copied from class: UrlSigner
        Generate a signed GET URL for the signature request.
        Specified by:
        signGet in class UrlSigner
        Parameters:
        requestMessage - the request message received from the client.
        clientInformation - information about the client's end-point, and any Session or Principal associated with the client.
        signatureRequest - a pre-approved signature request.
        Returns:
        a signed URL string that will allow the operation specified in the signature request on the object specified in the signature request.
        Throws:
        S3ServiceException
      • signHead

        public String signHead​(GatekeeperMessage requestMessage,
                               ClientInformation clientInformation,
                               SignatureRequest signatureRequest)
                        throws S3ServiceException
        Description copied from class: UrlSigner
        Generate a signed HEAD URL for the signature request.
        Specified by:
        signHead in class UrlSigner
        Parameters:
        requestMessage - the request message received from the client.
        clientInformation - information about the client's end-point, and any Session or Principal associated with the client.
        signatureRequest - a pre-approved signature request.
        Returns:
        a signed URL string that will allow the operation specified in the signature request on the object specified in the signature request.
        Throws:
        S3ServiceException
      • signPut

        public String signPut​(GatekeeperMessage requestMessage,
                              ClientInformation clientInformation,
                              SignatureRequest signatureRequest)
                       throws S3ServiceException
        Description copied from class: UrlSigner
        Generate a signed PUT URL for the signature request.
        Specified by:
        signPut in class UrlSigner
        Parameters:
        requestMessage - the request message received from the client.
        clientInformation - information about the client's end-point, and any Session or Principal associated with the client.
        signatureRequest - a pre-approved signature request.
        Returns:
        a signed URL string that will allow the operation specified in the signature request on the object specified in the signature request.
        Throws:
        S3ServiceException
      • signGetAcl

        public String signGetAcl​(GatekeeperMessage requestMessage,
                                 ClientInformation clientInformation,
                                 SignatureRequest signatureRequest)
                          throws S3ServiceException
        Description copied from class: UrlSigner
        Generate a signed GET URL for an ACL-based signature request.
        Specified by:
        signGetAcl in class UrlSigner
        Parameters:
        requestMessage - the request message received from the client.
        clientInformation - information about the client's end-point, and any Session or Principal associated with the client.
        signatureRequest - a pre-approved signature request.
        Returns:
        a signed URL string that will allow the operation specified in the signature request on the object specified in the signature request.
        Throws:
        S3ServiceException
      • signPutAcl

        public String signPutAcl​(GatekeeperMessage requestMessage,
                                 ClientInformation clientInformation,
                                 SignatureRequest signatureRequest)
                          throws S3ServiceException
        Description copied from class: UrlSigner
        Generate a signed PUT URL for an ACL-based signature request.
        Specified by:
        signPutAcl in class UrlSigner
        Parameters:
        requestMessage - the request message received from the client.
        clientInformation - information about the client's end-point, and any Session or Principal associated with the client.
        signatureRequest - a pre-approved signature request.
        Returns:
        a signed URL string that will allow the operation specified in the signature request on the object specified in the signature request.
        Throws:
        S3ServiceException