CORSFilterConfiguration.java

  1. /*
  2.  * GovWay - A customizable API Gateway
  3.  * https://govway.org
  4.  *
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it).
  6.  *
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */
  20. package org.openspcoop2.utils.transport.http;

  21. import java.util.ArrayList;
  22. import java.util.List;
  23. import java.util.Properties;

  24. /**
  25.  * CORSFilterConfiguration
  26.  *
  27.  * @author Poli Andrea (apoli@link.it)
  28.  * @author $Author$
  29.  * @version $Rev$, $Date$
  30.  */
  31. public class CORSFilterConfiguration {

  32.     // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/

  33.     protected boolean errorAsDebug = true;
  34.    
  35.     // indicazione se una richiesta invalida deve cmq essere continuata ad essere gestita (e pilotata con le opzioni seguenti)
  36.     protected boolean throwExceptionIfInvalid = false;
  37.     protected boolean terminateIfInvalid = true;
  38.    
  39.     // indica un utilizzo errato del cors come descritto nel capitolo 6.1.1 e 6.2.1 (https://www.w3.org/TR/cors/#resource-processing-model)
  40.     // If the Origin header is not present terminate this set of steps. The request is outside the scope of this specification.
  41.     protected boolean throwExceptionIfNotFoundOrigin = false;
  42.     protected boolean terminateIfNotFoundOrigin = false;
  43.    
  44.     // indica un utilizzo errato del cors come descritto nel capitolo 6.1.2 e 6.2.2 (https://www.w3.org/TR/cors/#resource-processing-model)
  45.     // If the value of the Origin header is not a case-sensitive match for any of the values in list of origins,
  46.     // do not set any additional headers and terminate this set of steps.
  47.     protected boolean throwExceptionIfNotMatchOrigin = false;
  48.     protected boolean terminateIfNotMatchOrigin = false;

  49.     // indica una configurazione errata come descritto nel capitolo 6.1.3 e 6.2.7 (https://www.w3.org/TR/cors/#resource-processing-model)
  50.     // The string "*" (Access-Control-Allow-Origin) cannot be used for a resource that supports credentials (Access-Control-Allow-Credentials=true).
  51.     protected boolean throwExceptionIfAllowCredentialAndAllowOrigin = false;

  52.     // indica un utilizzo errato del cors come descritto nel capitolo 6.3.3 (https://www.w3.org/TR/cors/#resource-processing-model)
  53.     // If there is no Access-Control-Request-Method header or if parsing failed, do not set any additional headers and terminate this set of steps.
  54.     // The request is outside the scope of this specification.
  55.     protected boolean throwExceptionIfNotFoundRequestMethod = false;
  56.     protected boolean terminateIfNotFoundRequestMethod = false;
  57.    
  58.     // indica un utilizzo errato del cors come descritto nel capitolo 6.3.5 (https://www.w3.org/TR/cors/#resource-processing-model)
  59.     // If method is not a case-sensitive match for any of the values in list of methods do not set any additional headers and terminate this set of steps.
  60.     protected boolean throwExceptionIfNotMatchRequestMethod = false;
  61.     protected boolean terminateIfNotMatchRequestMethod = false;
  62.    
  63.     // indica se produrre la lista dei metodi supportati, anche se la richiesta non presenta un Access-Control-Request-Method header o il valore presente non è permesso.
  64.     // Se non produco alcun header in risposta, sarà il browser a riconoscere che non e' abilitato, cosi come se ritorna una lista non contenente il metodo richiesto
  65.     protected boolean generateListAllowIfNotMatchRequestMethod = true;
  66.    
  67.     // indica un utilizzo errato del cors come descritto nel capitolo 6.3.4 (https://www.w3.org/TR/cors/#resource-processing-model)
  68.     // If parsing failed do not set any additional headers and terminate this set of steps.
  69.     // The request is outside the scope of this specification.
  70.     protected boolean throwExceptionIfNotFoundRequestHeaders = false;
  71.     protected boolean terminateIfNotFoundRequestHeaders = false;
  72.    
  73.     // indica un utilizzo errato del cors come descritto nel capitolo 6.3.6 (https://www.w3.org/TR/cors/#resource-processing-model)
  74.     // If any of the header field-names is not a ASCII case-insensitive match for any of the values in list of headers do not set any additional headers and terminate this set of steps.
  75.     protected boolean throwExceptionIfNotMatchRequestHeaders = false;
  76.     protected boolean terminateIfNotMatchRequestHeaders = false;
  77.    
  78.     // indica se produrre la lista degli headers supportati, anche se la richiesta non presenta un Access-Control-Request-Header header o un degli header presenti non è permesso.
  79.     // Se non produco alcun header in risposta, sarà il browser a riconoscere che non e' abilitato, cosi come se ritorna una lista non contenente l'header richiesto
  80.     protected boolean generateListAllowIfNotMatchRequestHeaders = true;
  81.    
  82.    
  83.    
  84.     /*
  85.      * The Access-Control-Allow-Credentials response header indicates whether or not the response to the request can be exposed to the page.
  86.      * It can be exposed when the true value is returned.
  87.      * Credentials are cookies, authorization headers or TLS client certificates.
  88.      * When used as part of a response to a preflight request, this indicates whether or not the actual request can be made using credentials.
  89.      * Note that simple GET requests are not preflighted, and so if a request is made for a resource with credentials,
  90.      * if this header is not returned with the resource, the response is ignored by the browser and not returned to web content.
  91.      *
  92.      * NOTE: The only valid value for this header is true (case-sensitive). If you don't need credentials, omit this header entirely (rather than setting its value to false).
  93.      **/
  94.     protected Boolean allowCredentials = null;

  95.     /*
  96.      * The Access-Control-Request-Headers request header is used when issuing a preflight request to let the server know which HTTP headers will be used when the actual request is made.
  97.      **/
  98.     protected Boolean allowRequestHeader = null;
  99.     /*
  100.      * The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request.
  101.      * The simple headers, Accept, Accept-Language, Content-Language, Content-Type (but only with a MIME type of its parsed value (ignoring parameters) of either application/x-www-form-urlencoded, multipart/form-data, or text/plain),
  102.      * are always available and don't need to be listed by this header.
  103.      *
  104.      * This header is required if the request has an Access-Control-Request-Headers header.
  105.      **/
  106.     protected List<String> allowHeaders = new ArrayList<>();
  107.    
  108.     /*
  109.      * Oltre all'header Access-Control-Allow-Headers response header viene generato anche l'header Allow con medesimi valori
  110.      */
  111.     protected boolean generateAllowHeader = false;
  112.    
  113.     /*
  114.      * The Access-Control-Request-Method request header is used when issuing a preflight request to let the server know which HTTP method will be used when the actual request is made.
  115.      * This header is necessary as the preflight request is always an OPTIONS and doesn't use the same method as the actual request.
  116.      **/
  117.     protected Boolean allowRequestMethod = null;
  118.     /*
  119.      * The Access-Control-Allow-Methods response header specifies the method or methods allowed when accessing the resource in response to a preflight request.
  120.      **/
  121.     protected List<String> allowMethods = new ArrayList<>();
  122.    

  123.     /*
  124.      * The Access-Control-Allow-Origin response header indicates whether the response can be shared with requesting code from the given origin.
  125.      *
  126.      * Access-Control-Allow-Origin: <origin>
  127.      * Specifies an origin. Only a single origin can be specified.
  128.      *
  129.      * !! CORS and caching !! If the server sends a response with an Access-Control-Allow-Origin value that is an explicit origin (rather than the "*" wildcard),
  130.      * then the response should also include a Vary response header with the value Origin to indicate to browsers that server responses can differ based
  131.      * on the value of the Origin request header.
  132.      *
  133.      * example request:
  134.      * Origin: https://developer.mozilla.org
  135.      *
  136.      * example response:
  137.      * Access-Control-Allow-Origin: https://developer.mozilla.org
  138.      * Vary: Origin
  139.      **/
  140.     protected Boolean allowRequestOrigin = null;
  141.     /*
  142.      * Access-Control-Allow-Origin: *
  143.      *
  144.      * For requests without credentials, the literal value "*" can be specified, as a wildcard;
  145.      * the value tells browsers to allow requesting code from any origin to access the resource.
  146.      * Attempting to use the wildcard with credentials will result in an error.
  147.      **/
  148.     protected Boolean allowAllOrigin = null;
  149.     /*
  150.      * The Access-Control-Allow-Origin enabled.
  151.      **/
  152.     protected List<String> allowOrigins = new ArrayList<>();


  153.     /*
  154.      * The Access-Control-Expose-Headers response header indicates which headers can be exposed as part of the response by listing their names.
  155.      * By default, only the 6 simple response headers are exposed: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
  156.      * If you want clients to be able to access other headers, you have to list them using the Access-Control-Expose-Headers header.
  157.      **/
  158.     protected List<String> exposeHeaders = new ArrayList<>();
  159.    
  160.     /*
  161.      * The Access-Control-Max-Age response header indicates how long the results of a preflight request
  162.      * (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.
  163.      *
  164.      * Maximum number of seconds the results can be cached. Firefox caps this at 24 hours (86400 seconds) and Chromium at 10 minutes (600 seconds).
  165.      * Chromium also specifies a default value of 5 seconds.
  166.      **/
  167.     protected Integer cachingAccessControl_maxAgeSeconds = null;
  168.    
  169.     /*
  170.      * A value of -1 will disable caching, requiring a preflight OPTIONS check for all calls.
  171.      **/
  172.     protected Boolean cachingAccessControl_disable = null;


  173.    
  174.     public void init(Properties p) {
  175.                        
  176.         /*
  177.          * cors.errorAsDebug=true/false
  178.          *
  179.          * cors.throwExceptionIfInvalid=true/false
  180.          * cors.terminateIfInvalid=true/false
  181.          *
  182.          * cors.throwExceptionIfNotFoundOrigin=true/false
  183.          * cors.terminateIfNotFoundOrigin=true/false
  184.          * cors.throwExceptionIfNotMatchOrigin=true/false
  185.          * cors.terminateIfNotMatchOrigin=true/false
  186.          *
  187.          * cors.throwExceptionIfAllowCredentialAndAllowOrigin=true/false
  188.          *
  189.          * cors.throwExceptionIfNotFoundRequestMethod=true/false
  190.          * cors.terminateIfNotFoundRequestMethod=true/false
  191.          * cors.throwExceptionIfNotMatchRequestMethod=true/false
  192.          * cors.terminateIfNotMatchRequestMethod=true/false
  193.          * cors.generateListAllowIfNotMatchRequestMethod=true/false
  194.          *
  195.          * cors.throwExceptionIfNotFoundRequestHeaders=true/false
  196.          * cors.terminateIfNotFoundRequestHeaders=true/false
  197.          * cors.throwExceptionIfNotMatchRequestHeaders=true/false
  198.          * cors.terminateIfNotMatchRequestHeaders=true/false
  199.          * cors.generateListAllowIfNotMatchRequestHeaders=true/false
  200.          *
  201.          *
  202.          * cors.allowCredentials=true/false
  203.          *
  204.          * cors.allowRequestHeaders=true/false
  205.          * cors.allowHeaders=HDR1,...,HDRN
  206.          *
  207.          * cors.allowRequestMethod=true/false
  208.          * cors.allowMethods=METHOD1,...,METHODN
  209.          *
  210.          * cors.allowRequestOrigin=true/false
  211.          * cors.allowAllOrigin=true/false
  212.          * cors.allowOrigins=http://origin1, ... ,http://originN
  213.          *
  214.          * cors.exposeHeaders=HDR1,...,HDRN
  215.          *
  216.          * cors.maxAge.cacheDisable=true/false
  217.          * cors.maxAge.seconds=
  218.          *
  219.          **/
  220.        
  221.         String tmp = p.getProperty("cors.errorAsDebug");
  222.         if(tmp!=null) {
  223.             this.errorAsDebug = "true".equalsIgnoreCase(tmp.trim());
  224.         }
  225.        
  226.         tmp = p.getProperty("cors.throwExceptionIfInvalid");
  227.         if(tmp!=null) {
  228.             this.throwExceptionIfInvalid = "true".equalsIgnoreCase(tmp.trim());
  229.         }
  230.         tmp = p.getProperty("cors.terminateIfInvalid");
  231.         if(tmp!=null) {
  232.             this.terminateIfInvalid = "true".equalsIgnoreCase(tmp.trim());
  233.         }  
  234.        
  235.         tmp = p.getProperty("cors.throwExceptionIfNotFoundOrigin");
  236.         if(tmp!=null) {
  237.             this.throwExceptionIfNotFoundOrigin = "true".equalsIgnoreCase(tmp.trim());
  238.         }
  239.         tmp = p.getProperty("cors.terminateIfNotFoundOrigin");
  240.         if(tmp!=null) {
  241.             this.terminateIfNotFoundOrigin = "true".equalsIgnoreCase(tmp.trim());
  242.         }      
  243.         tmp = p.getProperty("cors.throwExceptionIfNotMatchOrigin");
  244.         if(tmp!=null) {
  245.             this.throwExceptionIfNotMatchOrigin = "true".equalsIgnoreCase(tmp.trim());
  246.         }
  247.         tmp = p.getProperty("cors.terminateIfNotMatchOrigin");
  248.         if(tmp!=null) {
  249.             this.terminateIfNotMatchOrigin = "true".equalsIgnoreCase(tmp.trim());
  250.         }
  251.        
  252.         tmp = p.getProperty("cors.throwExceptionIfAllowCredentialAndAllowOrigin");
  253.         if(tmp!=null) {
  254.             this.throwExceptionIfAllowCredentialAndAllowOrigin = "true".equalsIgnoreCase(tmp.trim());
  255.         }
  256.            
  257.         tmp = p.getProperty("cors.throwExceptionIfNotFoundRequestMethod");
  258.         if(tmp!=null) {
  259.             this.throwExceptionIfNotFoundRequestMethod = "true".equalsIgnoreCase(tmp.trim());
  260.         }
  261.         tmp = p.getProperty("cors.terminateIfNotFoundRequestMethod");
  262.         if(tmp!=null) {
  263.             this.terminateIfNotFoundRequestMethod = "true".equalsIgnoreCase(tmp.trim());
  264.         }      
  265.         tmp = p.getProperty("cors.throwExceptionIfNotMatchRequestMethod");
  266.         if(tmp!=null) {
  267.             this.throwExceptionIfNotMatchRequestMethod = "true".equalsIgnoreCase(tmp.trim());
  268.         }
  269.         tmp = p.getProperty("cors.terminateIfNotMatchRequestMethod");
  270.         if(tmp!=null) {
  271.             this.terminateIfNotMatchRequestMethod = "true".equalsIgnoreCase(tmp.trim());
  272.         }
  273.         tmp = p.getProperty("cors.generateListAllowIfNotMatchRequestMethod");
  274.         if(tmp!=null) {
  275.             this.generateListAllowIfNotMatchRequestMethod = "true".equalsIgnoreCase(tmp.trim());
  276.         }
  277.        
  278.         tmp = p.getProperty("cors.throwExceptionIfNotFoundRequestHeaders");
  279.         if(tmp!=null) {
  280.             this.throwExceptionIfNotFoundRequestHeaders = "true".equalsIgnoreCase(tmp.trim());
  281.         }
  282.         tmp = p.getProperty("cors.terminateIfNotFoundRequestHeaders");
  283.         if(tmp!=null) {
  284.             this.terminateIfNotFoundRequestHeaders = "true".equalsIgnoreCase(tmp.trim());
  285.         }      
  286.         tmp = p.getProperty("cors.throwExceptionIfNotMatchRequestHeaders");
  287.         if(tmp!=null) {
  288.             this.throwExceptionIfNotMatchRequestHeaders = "true".equalsIgnoreCase(tmp.trim());
  289.         }
  290.         tmp = p.getProperty("cors.terminateIfNotMatchRequestHeaders");
  291.         if(tmp!=null) {
  292.             this.terminateIfNotMatchRequestHeaders = "true".equalsIgnoreCase(tmp.trim());
  293.         }
  294.         tmp = p.getProperty("cors.generateListAllowIfNotMatchRequestHeaders");
  295.         if(tmp!=null) {
  296.             this.generateListAllowIfNotMatchRequestHeaders = "true".equalsIgnoreCase(tmp.trim());
  297.         }

  298.        
  299.         tmp = p.getProperty("cors.allowCredentials");
  300.         if(tmp!=null) {
  301.             this.allowCredentials = "true".equalsIgnoreCase(tmp.trim());
  302.         }
  303.        
  304.         tmp = p.getProperty("cors.allowRequestHeaders");
  305.         if(tmp!=null) {
  306.             this.allowRequestHeader = "true".equalsIgnoreCase(tmp.trim());
  307.         }
  308.         tmp = p.getProperty("cors.allowHeaders");
  309.         if(tmp!=null) {
  310.             String [] tmpList = tmp.trim().split(",");
  311.             for (String v : tmpList) {
  312.                 this.allowHeaders.add(v.trim());
  313.             }
  314.         }
  315.        
  316.         tmp = p.getProperty("cors.allowRequestMethod");
  317.         if(tmp!=null) {
  318.             this.allowRequestMethod = "true".equalsIgnoreCase(tmp.trim());
  319.         }
  320.         tmp = p.getProperty("cors.allowMethods");
  321.         if(tmp!=null) {
  322.             String [] tmpList = tmp.trim().split(",");
  323.             for (String v : tmpList) {
  324.                 this.allowMethods.add(v.trim());
  325.             }
  326.         }
  327.        
  328.         tmp = p.getProperty("cors.allowRequestOrigin");
  329.         if(tmp!=null) {
  330.             this.allowRequestOrigin = "true".equalsIgnoreCase(tmp.trim());
  331.         }
  332.         tmp = p.getProperty("cors.allowAllOrigin");
  333.         if(tmp!=null) {
  334.             this.allowAllOrigin = "true".equalsIgnoreCase(tmp.trim());
  335.         }
  336.         tmp = p.getProperty("cors.allowOrigins");
  337.         if(tmp!=null) {
  338.             String [] tmpList = tmp.trim().split(",");
  339.             for (String v : tmpList) {
  340.                 this.allowOrigins.add(v.trim());
  341.             }
  342.         }
  343.        
  344.         tmp = p.getProperty("cors.exposeHeaders");
  345.         if(tmp!=null) {
  346.             String [] tmpList = tmp.trim().split(",");
  347.             for (String v : tmpList) {
  348.                 this.exposeHeaders.add(v.trim());
  349.             }
  350.         }
  351.        
  352.         tmp = p.getProperty("cors.maxAge.cacheDisable");
  353.         if(tmp!=null) {
  354.             this.cachingAccessControl_disable = "true".equalsIgnoreCase(tmp.trim());
  355.         }
  356.         tmp = p.getProperty("cors.maxAge.seconds");
  357.         if(tmp!=null) {
  358.             this.cachingAccessControl_maxAgeSeconds = Integer.valueOf(tmp.trim());
  359.         }
  360.        
  361.     }

  362.     public boolean isErrorAsDebug() {
  363.         return this.errorAsDebug;
  364.     }
  365.     public void setErrorAsDebug(boolean errorAsDebug) {
  366.         this.errorAsDebug = errorAsDebug;
  367.     }

  368.     public boolean isThrowExceptionIfInvalid() {
  369.         return this.throwExceptionIfInvalid;
  370.     }
  371.     public void setThrowExceptionIfInvalid(boolean throwExceptionIfInvalid) {
  372.         this.throwExceptionIfInvalid = throwExceptionIfInvalid;
  373.     }

  374.     public boolean isTerminateIfInvalid() {
  375.         return this.terminateIfInvalid;
  376.     }
  377.     public void setTerminateIfInvalid(boolean terminateIfInvalid) {
  378.         this.terminateIfInvalid = terminateIfInvalid;
  379.     }

  380.    
  381.     public boolean isThrowExceptionIfNotFoundOrigin() {
  382.         return this.throwExceptionIfNotFoundOrigin;
  383.     }
  384.     public void setThrowExceptionIfNotFoundOrigin(boolean throwExceptionIfNotFoundOrigin) {
  385.         this.throwExceptionIfNotFoundOrigin = throwExceptionIfNotFoundOrigin;
  386.     }

  387.     public boolean isTerminateIfNotFoundOrigin() {
  388.         return this.terminateIfNotFoundOrigin;
  389.     }
  390.     public void setTerminateIfNotFoundOrigin(boolean terminateIfNotFoundOrigin) {
  391.         this.terminateIfNotFoundOrigin = terminateIfNotFoundOrigin;
  392.     }


  393.     public boolean isThrowExceptionIfNotMatchOrigin() {
  394.         return this.throwExceptionIfNotMatchOrigin;
  395.     }
  396.     public void setThrowExceptionIfNotMatchOrigin(boolean throwExceptionIfNotMatchOrigin) {
  397.         this.throwExceptionIfNotMatchOrigin = throwExceptionIfNotMatchOrigin;
  398.     }

  399.     public boolean isTerminateIfNotMatchOrigin() {
  400.         return this.terminateIfNotMatchOrigin;
  401.     }
  402.     public void setTerminateIfNotMatchOrigin(boolean terminateIfNotMatchOrigin) {
  403.         this.terminateIfNotMatchOrigin = terminateIfNotMatchOrigin;
  404.     }


  405.    
  406.     public boolean isThrowExceptionIfAllowCredentialAndAllowOrigin() {
  407.         return this.throwExceptionIfAllowCredentialAndAllowOrigin;
  408.     }
  409.     public void setThrowExceptionIfAllowCredentialAndAllowOrigin(boolean throwExceptionIfAllowCredentialAndAllowOrigin) {
  410.         this.throwExceptionIfAllowCredentialAndAllowOrigin = throwExceptionIfAllowCredentialAndAllowOrigin;
  411.     }



  412.     public boolean isThrowExceptionIfNotFoundRequestMethod() {
  413.         return this.throwExceptionIfNotFoundRequestMethod;
  414.     }
  415.     public void setThrowExceptionIfNotFoundRequestMethod(boolean throwExceptionIfNotFoundRequestMethod) {
  416.         this.throwExceptionIfNotFoundRequestMethod = throwExceptionIfNotFoundRequestMethod;
  417.     }

  418.     public boolean isTerminateIfNotFoundRequestMethod() {
  419.         return this.terminateIfNotFoundRequestMethod;
  420.     }
  421.     public void setTerminateIfNotFoundRequestMethod(boolean terminateIfNotFoundRequestMethod) {
  422.         this.terminateIfNotFoundRequestMethod = terminateIfNotFoundRequestMethod;
  423.     }


  424.     public boolean isThrowExceptionIfNotMatchRequestMethod() {
  425.         return this.throwExceptionIfNotMatchRequestMethod;
  426.     }
  427.     public void setThrowExceptionIfNotMatchRequestMethod(boolean throwExceptionIfNotMatchRequestMethod) {
  428.         this.throwExceptionIfNotMatchRequestMethod = throwExceptionIfNotMatchRequestMethod;
  429.     }

  430.     public boolean isTerminateIfNotMatchRequestMethod() {
  431.         return this.terminateIfNotMatchRequestMethod;
  432.     }
  433.     public void setTerminateIfNotMatchRequestMethod(boolean terminateIfNotMatchRequestMethod) {
  434.         this.terminateIfNotMatchRequestMethod = terminateIfNotMatchRequestMethod;
  435.     }

  436.    
  437.     public boolean isGenerateListAllowIfNotMatchRequestMethod() {
  438.         return this.generateListAllowIfNotMatchRequestMethod;
  439.     }
  440.     public void setGenerateListAllowIfNotMatchRequestMethod(boolean generateListAllowIfNotMatchRequestMethod) {
  441.         this.generateListAllowIfNotMatchRequestMethod = generateListAllowIfNotMatchRequestMethod;
  442.     }

  443.    
  444.     public boolean isThrowExceptionIfNotFoundRequestHeaders() {
  445.         return this.throwExceptionIfNotFoundRequestHeaders;
  446.     }
  447.     public void setThrowExceptionIfNotFoundRequestHeaders(boolean throwExceptionIfNotFoundRequestHeaders) {
  448.         this.throwExceptionIfNotFoundRequestHeaders = throwExceptionIfNotFoundRequestHeaders;
  449.     }

  450.     public boolean isTerminateIfNotFoundRequestHeaders() {
  451.         return this.terminateIfNotFoundRequestHeaders;
  452.     }
  453.     public void setTerminateIfNotFoundRequestHeaders(boolean terminateIfNotFoundRequestHeaders) {
  454.         this.terminateIfNotFoundRequestHeaders = terminateIfNotFoundRequestHeaders;
  455.     }


  456.     public boolean isThrowExceptionIfNotMatchRequestHeaders() {
  457.         return this.throwExceptionIfNotMatchRequestHeaders;
  458.     }
  459.     public void setThrowExceptionIfNotMatchRequestHeaders(boolean throwExceptionIfNotMatchRequestHeaders) {
  460.         this.throwExceptionIfNotMatchRequestHeaders = throwExceptionIfNotMatchRequestHeaders;
  461.     }

  462.     public boolean isTerminateIfNotMatchRequestHeaders() {
  463.         return this.terminateIfNotMatchRequestHeaders;
  464.     }
  465.     public void setTerminateIfNotMatchRequestHeaders(boolean terminateIfNotMatchRequestHeaders) {
  466.         this.terminateIfNotMatchRequestHeaders = terminateIfNotMatchRequestHeaders;
  467.     }
  468.    
  469.    
  470.     public boolean isGenerateListAllowIfNotMatchRequestHeaders() {
  471.         return this.generateListAllowIfNotMatchRequestHeaders;
  472.     }
  473.     public void setGenerateListAllowIfNotMatchRequestHeaders(boolean generateListAllowIfNotMatchRequestHeaders) {
  474.         this.generateListAllowIfNotMatchRequestHeaders = generateListAllowIfNotMatchRequestHeaders;
  475.     }
  476.    

  477.    
  478.     public Boolean getAllowCredentials() {
  479.         return this.allowCredentials;
  480.     }
  481.     public void setAllowCredentials(Boolean allowCredentials) {
  482.         this.allowCredentials = allowCredentials;
  483.     }
  484.    
  485.     public Boolean getAllowRequestHeader() {
  486.         return this.allowRequestHeader;
  487.     }
  488.     public void setAllowRequestHeader(Boolean allowRequestHeader) {
  489.         this.allowRequestHeader = allowRequestHeader;
  490.     }
  491.    
  492.     public List<String> getAllowHeaders() {
  493.         return this.allowHeaders;
  494.     }
  495.     public void addAllowHeader(String header) {
  496.         this.allowHeaders.add(header);
  497.     }
  498.    
  499.     public boolean isGenerateAllowHeader() {
  500.         return this.generateAllowHeader;
  501.     }
  502.     public void setGenerateAllowHeader(boolean generateAllowHeader) {
  503.         this.generateAllowHeader = generateAllowHeader;
  504.     }
  505.    
  506.     public Boolean getAllowRequestMethod() {
  507.         return this.allowRequestMethod;
  508.     }
  509.     public void setAllowRequestMethod(Boolean allowRequestMethod) {
  510.         this.allowRequestMethod = allowRequestMethod;
  511.     }
  512.    
  513.     public List<String> getAllowMethods() {
  514.         return this.allowMethods;
  515.     }
  516.     public void addAllowMethod(String method) {
  517.         this.allowMethods.add(method);
  518.     }
  519.    
  520.     public Boolean getAllowRequestOrigin() {
  521.         return this.allowRequestOrigin;
  522.     }
  523.     public void setAllowRequestOrigin(Boolean allowRequestOrigin) {
  524.         this.allowRequestOrigin = allowRequestOrigin;
  525.     }
  526.    
  527.     public Boolean getAllowAllOrigin() {
  528.         return this.allowAllOrigin;
  529.     }
  530.     public void setAllowAllOrigin(Boolean allowAllOrigin) {
  531.         this.allowAllOrigin = allowAllOrigin;
  532.     }
  533.    
  534.     public List<String> getAllowOrigins() {
  535.         return this.allowOrigins;
  536.     }
  537.     public void addAllowOrigin(String origin) {
  538.         this.allowOrigins.add(origin);
  539.     }
  540.    
  541.     public List<String> getExposeHeaders() {
  542.         return this.exposeHeaders;
  543.     }
  544.     public void addExposeHeader(String header) {
  545.         this.exposeHeaders.add(header);
  546.     }
  547.    
  548.     public Integer getCachingAccessControl_maxAgeSeconds() {
  549.         return this.cachingAccessControl_maxAgeSeconds;
  550.     }
  551.     public void setCachingAccessControl_maxAgeSeconds(Integer cachingAccessControl_maxAgeSeconds) {
  552.         this.cachingAccessControl_maxAgeSeconds = cachingAccessControl_maxAgeSeconds;
  553.     }
  554.    
  555.     public Boolean getCachingAccessControl_disable() {
  556.         return this.cachingAccessControl_disable;
  557.     }
  558.     public void setCachingAccessControl_disable(Boolean cachingAccessControl_disable) {
  559.         this.cachingAccessControl_disable = cachingAccessControl_disable;
  560.     }
  561.    
  562. }