You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2013/07/13 16:10:21 UTC

svn commit: r1502790 - /manifoldcf/branches/CONNECTORS-737/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IHTTPOutput.java

Author: kwright
Date: Sat Jul 13 14:10:20 2013
New Revision: 1502790

URL: http://svn.apache.org/r1502790
Log:
Add infrastructure for dealing with passwords.

Modified:
    manifoldcf/branches/CONNECTORS-737/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IHTTPOutput.java

Modified: manifoldcf/branches/CONNECTORS-737/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IHTTPOutput.java
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-737/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IHTTPOutput.java?rev=1502790&r1=1502789&r2=1502790&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-737/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IHTTPOutput.java (original)
+++ manifoldcf/branches/CONNECTORS-737/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IHTTPOutput.java Sat Jul 13 14:10:20 2013
@@ -21,12 +21,15 @@ package org.apache.manifoldcf.core.inter
 import java.io.*;
 
 /** This interface abstracts from the output character stream used to construct
-* HTML output for a web interface.
+* HTML output for a web interface.  More broadly, it provides the services that all
+* connectors will need in order to provide UI components.
 */
 public interface IHTTPOutput
 {
   public static final String _rcsid = "@(#)$Id: IHTTPOutput.java 988245 2010-08-23 18:39:35Z kwright $";
 
+  // Output services
+
   /** Flush the stream */
   public void flush()
     throws IOException;
@@ -107,4 +110,29 @@ public interface IHTTPOutput
   public void println(String s)
     throws IOException;
 
+  // Password management services.
+  // Passwords should not appear in any data sent from the crawler UI to the browser.  The
+  // following methods are provided to assist the connector UI components in this task.
+  // A connector coder should use these services as follows:
+  // - When the password would ordinarily be put into a form element as the current password,
+  //   instead use mapPasswordToKey() to create a key and put that in instead.
+  // - When the "password" is posted, and the post is processed, use mapKeyToPassword() to
+  //   restore the correct password.
+  
+  /** Map a password to a unique key.
+  * This method works within a specific given browser session to replace an existing password with
+  * a key which can be used to look up the password at a later time.
+  *@param password is the password.
+  *@return the key.
+  */
+  public String mapPasswordToKey(String password);
+  
+  /** Convert a key, created by mapPasswordToKey, back to the original password, within
+  * the lifetime of the browser session.  If the provided key is not an actual key, instead
+  * the key value is assumed to be a new password value.
+  *@param key is the key.
+  *@return the password.
+  */
+  public String mapKeyToPassword(String key);
+  
 }