Google Git
Sign in
apache / shiro-site / 01016f43374d9b054f3ea1e568b015d5d69428f9 / . / src / site / assets / static / 1.7.0 / shiro-web / xref / org / apache / shiro / web / filter / authz / SslFilter.html
blob: 25d63eb5dfbe53ce29def2455d6f6aa30b887592 [file] [log] [blame]
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<title>SslFilter xref</title>
<link type="text/css" rel="stylesheet" href="../../../../../../stylesheet.css" />
</head>
<body>
<div id="overview"><a href="../../../../../../../apidocs/org/apache/shiro/web/filter/authz/SslFilter.html">View Javadoc</a></div><pre>
<a class="jxr_linenumber" name="L1" href="#L1">1</a> <em class="jxr_comment">/*</em>
<a class="jxr_linenumber" name="L2" href="#L2">2</a> <em class="jxr_comment"> * Licensed to the Apache Software Foundation (ASF) under one</em>
<a class="jxr_linenumber" name="L3" href="#L3">3</a> <em class="jxr_comment"> * or more contributor license agreements. See the NOTICE file</em>
<a class="jxr_linenumber" name="L4" href="#L4">4</a> <em class="jxr_comment"> * distributed with this work for additional information</em>
<a class="jxr_linenumber" name="L5" href="#L5">5</a> <em class="jxr_comment"> * regarding copyright ownership. The ASF licenses this file</em>
<a class="jxr_linenumber" name="L6" href="#L6">6</a> <em class="jxr_comment"> * to you under the Apache License, Version 2.0 (the</em>
<a class="jxr_linenumber" name="L7" href="#L7">7</a> <em class="jxr_comment"> * "License"); you may not use this file except in compliance</em>
<a class="jxr_linenumber" name="L8" href="#L8">8</a> <em class="jxr_comment"> * with the License. You may obtain a copy of the License at</em>
<a class="jxr_linenumber" name="L9" href="#L9">9</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L10" href="#L10">10</a> <em class="jxr_comment"> * <a href="http://www.apache.org/licenses/LICENSE-2.0" target="alexandria_uri">http://www.apache.org/licenses/LICENSE-2.0</a></em>
<a class="jxr_linenumber" name="L11" href="#L11">11</a> <em class="jxr_comment"> *</em>
<a class="jxr_linenumber" name="L12" href="#L12">12</a> <em class="jxr_comment"> * Unless required by applicable law or agreed to in writing,</em>
<a class="jxr_linenumber" name="L13" href="#L13">13</a> <em class="jxr_comment"> * software distributed under the License is distributed on an</em>
<a class="jxr_linenumber" name="L14" href="#L14">14</a> <em class="jxr_comment"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</em>
<a class="jxr_linenumber" name="L15" href="#L15">15</a> <em class="jxr_comment"> * KIND, either express or implied. See the License for the</em>
<a class="jxr_linenumber" name="L16" href="#L16">16</a> <em class="jxr_comment"> * specific language governing permissions and limitations</em>
<a class="jxr_linenumber" name="L17" href="#L17">17</a> <em class="jxr_comment"> * under the License.</em>
<a class="jxr_linenumber" name="L18" href="#L18">18</a> <em class="jxr_comment"> */</em>
<a class="jxr_linenumber" name="L19" href="#L19">19</a> <strong class="jxr_keyword">package</strong> org.apache.shiro.web.filter.authz;
<a class="jxr_linenumber" name="L20" href="#L20">20</a>
<a class="jxr_linenumber" name="L21" href="#L21">21</a> <strong class="jxr_keyword">import</strong> javax.servlet.ServletRequest;
<a class="jxr_linenumber" name="L22" href="#L22">22</a> <strong class="jxr_keyword">import</strong> javax.servlet.ServletResponse;
<a class="jxr_linenumber" name="L23" href="#L23">23</a> <strong class="jxr_keyword">import</strong> javax.servlet.http.HttpServletResponse;
<a class="jxr_linenumber" name="L24" href="#L24">24</a>
<a class="jxr_linenumber" name="L25" href="#L25">25</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L26" href="#L26">26</a> <em class="jxr_javadoccomment"> * Filter which requires a request to be over SSL. Access is allowed if the request is received on the configured</em>
<a class="jxr_linenumber" name="L27" href="#L27">27</a> <em class="jxr_javadoccomment"> * server {@link #setPort(int) port} &lt;em&gt;and&lt;/em&gt; the</em>
<a class="jxr_linenumber" name="L28" href="#L28">28</a> <em class="jxr_javadoccomment"> * {@code request.}{@link javax.servlet.ServletRequest#isSecure() isSecure()}. If either condition is {@code false},</em>
<a class="jxr_linenumber" name="L29" href="#L29">29</a> <em class="jxr_javadoccomment"> * the filter chain will not continue.</em>
<a class="jxr_linenumber" name="L30" href="#L30">30</a> <em class="jxr_javadoccomment"> * &lt;p/&gt;</em>
<a class="jxr_linenumber" name="L31" href="#L31">31</a> <em class="jxr_javadoccomment"> * The {@link #getPort() port} property defaults to {@code 443} and also additionally guarantees that the</em>
<a class="jxr_linenumber" name="L32" href="#L32">32</a> <em class="jxr_javadoccomment"> * request scheme is always 'https' (except for port 80, which retains the 'http' scheme).</em>
<a class="jxr_linenumber" name="L33" href="#L33">33</a> <em class="jxr_javadoccomment"> * &lt;p/&gt;</em>
<a class="jxr_linenumber" name="L34" href="#L34">34</a> <em class="jxr_javadoccomment"> * In addition the filter allows enabling HTTP Strict Transport Security (HSTS).</em>
<a class="jxr_linenumber" name="L35" href="#L35">35</a> <em class="jxr_javadoccomment"> * This feature is opt-in and disabled by default. If enabled HSTS</em>
<a class="jxr_linenumber" name="L36" href="#L36">36</a> <em class="jxr_javadoccomment"> * will prevent &lt;b&gt;any&lt;/b&gt; communications from being sent over HTTP to the </em>
<a class="jxr_linenumber" name="L37" href="#L37">37</a> <em class="jxr_javadoccomment"> * specified domain and will instead send all communications over HTTPS.</em>
<a class="jxr_linenumber" name="L38" href="#L38">38</a> <em class="jxr_javadoccomment"> * &lt;/p&gt;</em>
<a class="jxr_linenumber" name="L39" href="#L39">39</a> <em class="jxr_javadoccomment"> * The {@link #getMaxAge() maxAge} property defaults {@code 31536000}, and </em>
<a class="jxr_linenumber" name="L40" href="#L40">40</a> <em class="jxr_javadoccomment"> * {@link #isIncludeSubDomains includeSubDomains} is {@code false}.</em>
<a class="jxr_linenumber" name="L41" href="#L41">41</a> <em class="jxr_javadoccomment"> * &lt;/p&gt;</em>
<a class="jxr_linenumber" name="L42" href="#L42">42</a> <em class="jxr_javadoccomment"> * &lt;b&gt;Warning:&lt;/b&gt; Use this setting with care and only if you plan to enable </em>
<a class="jxr_linenumber" name="L43" href="#L43">43</a> <em class="jxr_javadoccomment"> * SSL on every path.</em>
<a class="jxr_linenumber" name="L44" href="#L44">44</a> <em class="jxr_javadoccomment"> * &lt;/p&gt;</em>
<a class="jxr_linenumber" name="L45" href="#L45">45</a> <em class="jxr_javadoccomment"> * Example configs:</em>
<a class="jxr_linenumber" name="L46" href="#L46">46</a> <em class="jxr_javadoccomment"> * &lt;pre&gt;</em>
<a class="jxr_linenumber" name="L47" href="#L47">47</a> <em class="jxr_javadoccomment"> * [urls]</em>
<a class="jxr_linenumber" name="L48" href="#L48">48</a> <em class="jxr_javadoccomment"> * /secure/path/** = ssl</em>
<a class="jxr_linenumber" name="L49" href="#L49">49</a> <em class="jxr_javadoccomment"> * &lt;/pre&gt;</em>
<a class="jxr_linenumber" name="L50" href="#L50">50</a> <em class="jxr_javadoccomment"> * with HSTS enabled</em>
<a class="jxr_linenumber" name="L51" href="#L51">51</a> <em class="jxr_javadoccomment"> * &lt;pre&gt;</em>
<a class="jxr_linenumber" name="L52" href="#L52">52</a> <em class="jxr_javadoccomment"> * [main]</em>
<a class="jxr_linenumber" name="L53" href="#L53">53</a> <em class="jxr_javadoccomment"> * ssl.hsts.enabled = true</em>
<a class="jxr_linenumber" name="L54" href="#L54">54</a> <em class="jxr_javadoccomment"> * [urls]</em>
<a class="jxr_linenumber" name="L55" href="#L55">55</a> <em class="jxr_javadoccomment"> * /** = ssl</em>
<a class="jxr_linenumber" name="L56" href="#L56">56</a> <em class="jxr_javadoccomment"> * &lt;/pre&gt;</em>
<a class="jxr_linenumber" name="L57" href="#L57">57</a> <em class="jxr_javadoccomment"> * @since 1.0</em>
<a class="jxr_linenumber" name="L58" href="#L58">58</a> <em class="jxr_javadoccomment"> * @see &lt;a href="<a href="https://tools.ietf.org/html/rfc6797" target="alexandria_uri">https://tools.ietf.org/html/rfc6797</a>"&gt;HTTP Strict Transport Security (HSTS)&lt;/a&gt;</em>
<a class="jxr_linenumber" name="L59" href="#L59">59</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L60" href="#L60">60</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> <a name="SslFilter" href="../../../../../../org/apache/shiro/web/filter/authz/SslFilter.html#SslFilter">SslFilter</a> <strong class="jxr_keyword">extends</strong> <a name="PortFilter" href="../../../../../../org/apache/shiro/web/filter/authz/PortFilter.html#PortFilter">PortFilter</a> {
<a class="jxr_linenumber" name="L61" href="#L61">61</a>
<a class="jxr_linenumber" name="L62" href="#L62">62</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> DEFAULT_HTTPS_PORT = 443;
<a class="jxr_linenumber" name="L63" href="#L63">63</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String HTTPS_SCHEME = <span class="jxr_string">"https"</span>;
<a class="jxr_linenumber" name="L64" href="#L64">64</a>
<a class="jxr_linenumber" name="L65" href="#L65">65</a> <strong class="jxr_keyword">private</strong> HSTS hsts;
<a class="jxr_linenumber" name="L66" href="#L66">66</a>
<a class="jxr_linenumber" name="L67" href="#L67">67</a> <strong class="jxr_keyword">public</strong> <a name="SslFilter" href="../../../../../../org/apache/shiro/web/filter/authz/SslFilter.html#SslFilter">SslFilter</a>() {
<a class="jxr_linenumber" name="L68" href="#L68">68</a> setPort(DEFAULT_HTTPS_PORT);
<a class="jxr_linenumber" name="L69" href="#L69">69</a> <strong class="jxr_keyword">this</strong>.hsts = <strong class="jxr_keyword">new</strong> HSTS();
<a class="jxr_linenumber" name="L70" href="#L70">70</a> }
<a class="jxr_linenumber" name="L71" href="#L71">71</a>
<a class="jxr_linenumber" name="L72" href="#L72">72</a> <strong class="jxr_keyword">public</strong> HSTS getHsts() {
<a class="jxr_linenumber" name="L73" href="#L73">73</a> <strong class="jxr_keyword">return</strong> hsts;
<a class="jxr_linenumber" name="L74" href="#L74">74</a> }
<a class="jxr_linenumber" name="L75" href="#L75">75</a>
<a class="jxr_linenumber" name="L76" href="#L76">76</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setHsts(HSTS hsts) {
<a class="jxr_linenumber" name="L77" href="#L77">77</a> <strong class="jxr_keyword">this</strong>.hsts = hsts;
<a class="jxr_linenumber" name="L78" href="#L78">78</a> }
<a class="jxr_linenumber" name="L79" href="#L79">79</a>
<a class="jxr_linenumber" name="L80" href="#L80">80</a> @Override
<a class="jxr_linenumber" name="L81" href="#L81">81</a> <strong class="jxr_keyword">protected</strong> String getScheme(String requestScheme, <strong class="jxr_keyword">int</strong> port) {
<a class="jxr_linenumber" name="L82" href="#L82">82</a> <strong class="jxr_keyword">if</strong> (port == DEFAULT_HTTP_PORT) {
<a class="jxr_linenumber" name="L83" href="#L83">83</a> <strong class="jxr_keyword">return</strong> PortFilter.HTTP_SCHEME;
<a class="jxr_linenumber" name="L84" href="#L84">84</a> } <strong class="jxr_keyword">else</strong> {
<a class="jxr_linenumber" name="L85" href="#L85">85</a> <strong class="jxr_keyword">return</strong> HTTPS_SCHEME;
<a class="jxr_linenumber" name="L86" href="#L86">86</a> }
<a class="jxr_linenumber" name="L87" href="#L87">87</a> }
<a class="jxr_linenumber" name="L88" href="#L88">88</a>
<a class="jxr_linenumber" name="L89" href="#L89">89</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L90" href="#L90">90</a> <em class="jxr_javadoccomment"> * Retains the parent method's port-matching behavior but additionally guarantees that the</em>
<a class="jxr_linenumber" name="L91" href="#L91">91</a> <em class="jxr_javadoccomment"> *{@code ServletRequest.}{@link javax.servlet.ServletRequest#isSecure() isSecure()}. If the port does not match or</em>
<a class="jxr_linenumber" name="L92" href="#L92">92</a> <em class="jxr_javadoccomment"> * the request is not secure, access is denied.</em>
<a class="jxr_linenumber" name="L93" href="#L93">93</a> <em class="jxr_javadoccomment"> *</em>
<a class="jxr_linenumber" name="L94" href="#L94">94</a> <em class="jxr_javadoccomment"> * @param request the incoming {@code ServletRequest}</em>
<a class="jxr_linenumber" name="L95" href="#L95">95</a> <em class="jxr_javadoccomment"> * @param response the outgoing {@code ServletResponse} - ignored in this implementation</em>
<a class="jxr_linenumber" name="L96" href="#L96">96</a> <em class="jxr_javadoccomment"> * @param mappedValue the filter-specific config value mapped to this filter in the URL rules mappings - ignored by this implementation.</em>
<a class="jxr_linenumber" name="L97" href="#L97">97</a> <em class="jxr_javadoccomment"> * @return {@code true} if the request is received on an expected SSL port and the</em>
<a class="jxr_linenumber" name="L98" href="#L98">98</a> <em class="jxr_javadoccomment"> * {@code request.}{@link javax.servlet.ServletRequest#isSecure() isSecure()}, {@code false} otherwise.</em>
<a class="jxr_linenumber" name="L99" href="#L99">99</a> <em class="jxr_javadoccomment"> * @throws Exception if the call to {@code super.isAccessAllowed} throws an exception.</em>
<a class="jxr_linenumber" name="L100" href="#L100">100</a> <em class="jxr_javadoccomment"> * @since 1.2</em>
<a class="jxr_linenumber" name="L101" href="#L101">101</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L102" href="#L102">102</a> @Override
<a class="jxr_linenumber" name="L103" href="#L103">103</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">boolean</strong> isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) <strong class="jxr_keyword">throws</strong> Exception {
<a class="jxr_linenumber" name="L104" href="#L104">104</a> <strong class="jxr_keyword">return</strong> <strong class="jxr_keyword">super</strong>.isAccessAllowed(request, response, mappedValue) &amp;&amp; request.isSecure();
<a class="jxr_linenumber" name="L105" href="#L105">105</a> }
<a class="jxr_linenumber" name="L106" href="#L106">106</a>
<a class="jxr_linenumber" name="L107" href="#L107">107</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L108" href="#L108">108</a> <em class="jxr_javadoccomment"> * If HTTP Strict Transport Security (HSTS) is enabled the HTTP header</em>
<a class="jxr_linenumber" name="L109" href="#L109">109</a> <em class="jxr_javadoccomment"> * will be written, otherwise this method does nothing.</em>
<a class="jxr_linenumber" name="L110" href="#L110">110</a> <em class="jxr_javadoccomment"> * @param request the incoming {@code ServletRequest}</em>
<a class="jxr_linenumber" name="L111" href="#L111">111</a> <em class="jxr_javadoccomment"> * @param response the outgoing {@code ServletResponse}</em>
<a class="jxr_linenumber" name="L112" href="#L112">112</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L113" href="#L113">113</a> @Override
<a class="jxr_linenumber" name="L114" href="#L114">114</a> <strong class="jxr_keyword">protected</strong> <strong class="jxr_keyword">void</strong> postHandle(ServletRequest request, ServletResponse response) {
<a class="jxr_linenumber" name="L115" href="#L115">115</a> <strong class="jxr_keyword">if</strong> (hsts.isEnabled()) {
<a class="jxr_linenumber" name="L116" href="#L116">116</a> StringBuilder directives = <strong class="jxr_keyword">new</strong> StringBuilder(64)
<a class="jxr_linenumber" name="L117" href="#L117">117</a> .append(<span class="jxr_string">"max-age="</span>).append(hsts.getMaxAge());
<a class="jxr_linenumber" name="L118" href="#L118">118</a>
<a class="jxr_linenumber" name="L119" href="#L119">119</a> <strong class="jxr_keyword">if</strong> (hsts.isIncludeSubDomains()) {
<a class="jxr_linenumber" name="L120" href="#L120">120</a> directives.append(<span class="jxr_string">"; includeSubDomains"</span>);
<a class="jxr_linenumber" name="L121" href="#L121">121</a> }
<a class="jxr_linenumber" name="L122" href="#L122">122</a>
<a class="jxr_linenumber" name="L123" href="#L123">123</a> HttpServletResponse resp = (HttpServletResponse) response;
<a class="jxr_linenumber" name="L124" href="#L124">124</a> resp.addHeader(HSTS.HTTP_HEADER, directives.toString());
<a class="jxr_linenumber" name="L125" href="#L125">125</a> }
<a class="jxr_linenumber" name="L126" href="#L126">126</a> }
<a class="jxr_linenumber" name="L127" href="#L127">127</a>
<a class="jxr_linenumber" name="L128" href="#L128">128</a> <em class="jxr_javadoccomment">/**</em>
<a class="jxr_linenumber" name="L129" href="#L129">129</a> <em class="jxr_javadoccomment"> * Helper class for HTTP Strict Transport Security (HSTS)</em>
<a class="jxr_linenumber" name="L130" href="#L130">130</a> <em class="jxr_javadoccomment"> */</em>
<a class="jxr_linenumber" name="L131" href="#L131">131</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">class</strong> HSTS {
<a class="jxr_linenumber" name="L132" href="#L132">132</a>
<a class="jxr_linenumber" name="L133" href="#L133">133</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> String HTTP_HEADER = <span class="jxr_string">"Strict-Transport-Security"</span>;
<a class="jxr_linenumber" name="L134" href="#L134">134</a>
<a class="jxr_linenumber" name="L135" href="#L135">135</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">boolean</strong> DEFAULT_ENABLED = false;
<a class="jxr_linenumber" name="L136" href="#L136">136</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">int</strong> DEFAULT_MAX_AGE = 31536000; <em class="jxr_comment">// approx. one year in seconds</em>
<a class="jxr_linenumber" name="L137" href="#L137">137</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">static</strong> <strong class="jxr_keyword">final</strong> <strong class="jxr_keyword">boolean</strong> DEFAULT_INCLUDE_SUB_DOMAINS = false;
<a class="jxr_linenumber" name="L138" href="#L138">138</a>
<a class="jxr_linenumber" name="L139" href="#L139">139</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> enabled;
<a class="jxr_linenumber" name="L140" href="#L140">140</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">int</strong> maxAge;
<a class="jxr_linenumber" name="L141" href="#L141">141</a> <strong class="jxr_keyword">private</strong> <strong class="jxr_keyword">boolean</strong> includeSubDomains;
<a class="jxr_linenumber" name="L142" href="#L142">142</a>
<a class="jxr_linenumber" name="L143" href="#L143">143</a> <strong class="jxr_keyword">public</strong> HSTS() {
<a class="jxr_linenumber" name="L144" href="#L144">144</a> <strong class="jxr_keyword">this</strong>.enabled = DEFAULT_ENABLED;
<a class="jxr_linenumber" name="L145" href="#L145">145</a> <strong class="jxr_keyword">this</strong>.maxAge = DEFAULT_MAX_AGE;
<a class="jxr_linenumber" name="L146" href="#L146">146</a> <strong class="jxr_keyword">this</strong>.includeSubDomains = DEFAULT_INCLUDE_SUB_DOMAINS;
<a class="jxr_linenumber" name="L147" href="#L147">147</a> }
<a class="jxr_linenumber" name="L148" href="#L148">148</a>
<a class="jxr_linenumber" name="L149" href="#L149">149</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isEnabled() {
<a class="jxr_linenumber" name="L150" href="#L150">150</a> <strong class="jxr_keyword">return</strong> enabled;
<a class="jxr_linenumber" name="L151" href="#L151">151</a> }
<a class="jxr_linenumber" name="L152" href="#L152">152</a>
<a class="jxr_linenumber" name="L153" href="#L153">153</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setEnabled(<strong class="jxr_keyword">boolean</strong> enabled) {
<a class="jxr_linenumber" name="L154" href="#L154">154</a> <strong class="jxr_keyword">this</strong>.enabled = enabled;
<a class="jxr_linenumber" name="L155" href="#L155">155</a> }
<a class="jxr_linenumber" name="L156" href="#L156">156</a>
<a class="jxr_linenumber" name="L157" href="#L157">157</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">int</strong> getMaxAge() {
<a class="jxr_linenumber" name="L158" href="#L158">158</a> <strong class="jxr_keyword">return</strong> maxAge;
<a class="jxr_linenumber" name="L159" href="#L159">159</a> }
<a class="jxr_linenumber" name="L160" href="#L160">160</a>
<a class="jxr_linenumber" name="L161" href="#L161">161</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setMaxAge(<strong class="jxr_keyword">int</strong> maxAge) {
<a class="jxr_linenumber" name="L162" href="#L162">162</a> <strong class="jxr_keyword">this</strong>.maxAge = maxAge;
<a class="jxr_linenumber" name="L163" href="#L163">163</a> }
<a class="jxr_linenumber" name="L164" href="#L164">164</a>
<a class="jxr_linenumber" name="L165" href="#L165">165</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">boolean</strong> isIncludeSubDomains() {
<a class="jxr_linenumber" name="L166" href="#L166">166</a> <strong class="jxr_keyword">return</strong> includeSubDomains;
<a class="jxr_linenumber" name="L167" href="#L167">167</a> }
<a class="jxr_linenumber" name="L168" href="#L168">168</a>
<a class="jxr_linenumber" name="L169" href="#L169">169</a> <strong class="jxr_keyword">public</strong> <strong class="jxr_keyword">void</strong> setIncludeSubDomains(<strong class="jxr_keyword">boolean</strong> includeSubDomains) {
<a class="jxr_linenumber" name="L170" href="#L170">170</a> <strong class="jxr_keyword">this</strong>.includeSubDomains = includeSubDomains;
<a class="jxr_linenumber" name="L171" href="#L171">171</a> }
<a class="jxr_linenumber" name="L172" href="#L172">172</a> }
<a class="jxr_linenumber" name="L173" href="#L173">173</a> }
</pre>
<hr/>
<div id="footer">Copyright &#169; 2004&#x2013;2020 <a href="https://www.apache.org/">The Apache Software Foundation</a>. All rights reserved.</div>
</body>
</html>