001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.web.servlet;
020
021import javax.servlet.http.HttpServletRequest;
022import javax.servlet.http.HttpServletResponse;
023
024/**
025 * Interface representing HTTP cookie operations, supporting pojo-style getters and setters for all
026 * attributes which includes <a href="http://www.owasp.org/index.php/HttpOnly">HttpOnly</a> support.
027 * This allows Shiro to set <a href="http://www.owasp.org/index.php/HttpOnly">HttpOnly</a> cookies even on
028 * Servlet containers based on the {@code 2.4} and {@code 2.5} API (Servlet API 'native' support was only introduced in
029 * the {@code 2.6} specification).
030 *
031 * @since 1.0
032 */
033public interface Cookie {
034    /**
035     * The value of deleted cookie (with the maxAge 0).
036     */
037    public static final String DELETED_COOKIE_VALUE = "deleteMe";
038    
039
040    /**
041     * The number of seconds in one year (= 60 * 60 * 24 * 365).
042     */
043    public static final int ONE_YEAR = 60 * 60 * 24 * 365;
044
045    /**
046     * Root path to use when the path hasn't been set and request context root is empty or null.
047     */
048    public static final String ROOT_PATH = "/";
049
050    String getName();
051
052    void setName(String name);
053
054    String getValue();
055
056    void setValue(String value);
057
058    String getComment();
059
060    void setComment(String comment);
061
062    String getDomain();
063
064    void setDomain(String domain);
065
066    int getMaxAge();
067
068    void setMaxAge(int maxAge);
069
070    String getPath();
071
072    void setPath(String path);
073
074    boolean isSecure();
075
076    void setSecure(boolean secure);
077
078    int getVersion();
079
080    void setVersion(int version);
081
082    void setHttpOnly(boolean httpOnly);
083
084    boolean isHttpOnly();
085
086    void saveTo(HttpServletRequest request, HttpServletResponse response);
087
088    void removeFrom(HttpServletRequest request, HttpServletResponse response);
089
090    String readValue(HttpServletRequest request, HttpServletResponse response);
091}