beforeHTTP ( context )
Invoked before publication by IHTTPHandler adapter
This can be used to enforce any preconditions for interacting with this
object via the web. For example, an e-commerce "checkout" traversable
might want to ensure that there is an active session and there are
items in the user's cart, or that the connection is secure.
This method is only invoked when the traversable is about to be
traversed into via a web request, AND the target object does
not have any other adaptation to IHTTPHandler. It is not invoked
when app-server code traverses a location (e.g. by paths in page
templates, including ++id++ paths that pass through a location but
don't "stop" there).
Traversables can take advantage of this to have different security
restrictions for app-server code and via-the-web URL traversal.
Resources, for example, do not do security checks in traverseTo(),
only in beforeHTTP(), thus ensuring that app-server code can access
all available resources, whether they are available to the user or not.
This method must return either the passed-in context, or a new
traversal context to be used in its place. Note also that if your
object implements IHTTPHandler, or you are implementing an adapter
to IHTTPHandler, you must call this method yourself, since it is
normally only invoked by PEAK's adapter from IWebTraversable to
IHTTPHandler.
|