001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    package org.apache.shiro.web.servlet;
020    
021    import javax.servlet.http.HttpServletRequest;
022    import javax.servlet.http.HttpServletResponse;
023    
024    /**
025     * Interface representing HTTP cookie operations, supporting pojo-style getters and setters for all
026     * attributes which includes <a href="http://www.owasp.org/index.php/HttpOnly">HttpOnly</a> support.
027     * This allows Shiro to set <a href="http://www.owasp.org/index.php/HttpOnly">HttpOnly</a> cookies even on
028     * Servlet containers based on the {@code 2.4} and {@code 2.5} API (Servlet API 'native' support was only introduced in
029     * the {@code 2.6} specification).
030     *
031     * @since 1.0
032     */
033    public interface Cookie {
034        /**
035         * The value of deleted cookie (with the maxAge 0).
036         */
037        public static final String DELETED_COOKIE_VALUE = "deleteMe";
038        
039    
040        /**
041         * The number of seconds in one year (= 60 * 60 * 24 * 365).
042         */
043        public static final int ONE_YEAR = 60 * 60 * 24 * 365;
044    
045        /**
046         * Root path to use when the path hasn't been set and request context root is empty or null.
047         */
048        public static final String ROOT_PATH = "/";
049    
050        String getName();
051    
052        void setName(String name);
053    
054        String getValue();
055    
056        void setValue(String value);
057    
058        String getComment();
059    
060        void setComment(String comment);
061    
062        String getDomain();
063    
064        void setDomain(String domain);
065    
066        int getMaxAge();
067    
068        void setMaxAge(int maxAge);
069    
070        String getPath();
071    
072        void setPath(String path);
073    
074        boolean isSecure();
075    
076        void setSecure(boolean secure);
077    
078        int getVersion();
079    
080        void setVersion(int version);
081    
082        void setHttpOnly(boolean httpOnly);
083    
084        boolean isHttpOnly();
085    
086        void saveTo(HttpServletRequest request, HttpServletResponse response);
087    
088        void removeFrom(HttpServletRequest request, HttpServletResponse response);
089    
090        String readValue(HttpServletRequest request, HttpServletResponse response);
091    }