java.lang.Object

alpine.server.filters.HpkpFilter

All Implemented Interfaces:: javax.servlet.Filter

public final class HpkpFilter extends Object implements javax.servlet.Filter

Implements HTTP Public Key Pinning (RFC 7469).

This filter is configured via the applications web.xml.

     <init-param>
         <param-name>primaryHash</param-name>
         <param-value>GRAH5Ex+kB4cCQi5gMU82urf+6kEgbVtzfCSkw55AGk=</param-value>
     </init-param>
     <init-param>
         <param-name>backupHash</param-name>
         <param-value>lERGk61FITjzyKHcJ89xpc6aDwtRkOPAU0jdnUqzW2s=</param-value>
     </init-param>
     <init-param>
         <param-name>maxAge</param-name>
         <param-value>31536000</param-value>
     </init-param>
     <init-param>
         <param-name>includeSubdomains</param-name>
         <param-value>true</param-value>
     </init-param>

An example implementation in web.xml:

 <filter>
     <filter-name>HpkpFilter</filter-name>
     <filter-class>alpine.filters.HpkpFilter</filter-class>
     <init-param>
         <param-name>primaryHash</param-name>
         <param-value>GRAH5Ex+kB4cCQi5gMU82urf+6kEgbVtzfCSkw55AGk=</param-value>
     </init-param>
     <init-param>
         <param-name>backupHash</param-name>
         <param-value>lERGk61FITjzyKHcJ89xpc6aDwtRkOPAU0jdnUqzW2s=</param-value>
     </init-param>
     <init-param>
         <param-name>maxAge</param-name>
         <param-value>31536000</param-value>
     </init-param>
     <init-param>
         <param-name>includeSubdomains</param-name>
         <param-value>true</param-value>
     </init-param>
 </filter>
 <filter-mapping>
     <filter-name>HpkpFilter</filter-name>
     <url-pattern>/*</url-pattern>
 </filter-mapping>

Since:: 1.0.0
Author:: Steve Springett

Constructor Summary

Constructors

Constructor

Description

HpkpFilter()
Method Summary

Modifier and Type

Method

Description

void

destroy()

void

doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse resp, javax.servlet.FilterChain chain)

void

init(javax.servlet.FilterConfig filterConfig)

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- HpkpFilter
  
  public HpkpFilter()
Method Details
- init
  
  public void init(javax.servlet.FilterConfig filterConfig) throws javax.servlet.ServletException
  
  Specified by:
  
  init in interface javax.servlet.Filter
  
  Throws:
  
  javax.servlet.ServletException
- doFilter
  
  public void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse resp, javax.servlet.FilterChain chain) throws javax.servlet.ServletException, IOException
  
  Specified by:
  
  doFilter in interface javax.servlet.Filter
  
  Throws:
  
  javax.servlet.ServletException
  
  IOException
- destroy
  
  public void destroy()
  
  Specified by:
  
  destroy in interface javax.servlet.Filter

Class HpkpFilter

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

HpkpFilter

Method Details

init

doFilter

destroy