HTTP validation support
HTTP supports validation of cached content using validators that include entity tags (ETags) and last modified dates. The HTTP Validation model is also used to ensure that a client's representation of a resource is not stale as part of a RESTful interaction. This section describes the high-level support for validation available in IBM® WebSphere® sMash.
Validators
You can validate cached content using entity tags (ETags) and last modified dates as validators.
Validating with entity Tags
Entity tags are opaque validators associated with a resource that usually change when the resource changes. The entity tag for a resource is sent with the ETag response-header to the client. Computing the hash of the information associated with the resource is a common mechanism to generate an entity tag. For example, for a resource derived from a database query, the associated entity tag could be a hash of the selected field values in the query or the timestamp of the last update of the entities in the database associated with the query.
WebSphere sMash provides utility APIs for computing hashed values and setting the Etag response header. The following Java™ example shows how this can be done:
import zero.core.etags.Etag; ... String concatenatedInformation = ... /* contains the distinguishing information */ String etag = Etag.computeHashedValue(concatenatedInformation); ... Etag.setEtagHeader(etag);
Validating with the last-modified date
WebSphere sMash automatically adds a Last-Modified response header when serving static files. The value is the last modified time of the served file, formatted according to RFC1123 (for example, Wed, 22 May 1996 12:06:00 GMT).
Validation
Validation is the process of checking whether validators (presented by the client) match the current state of the resource. Validation can be used as the basis of conditional GET and PUT requests. For example, the response to a conditional GET, if the resource hasn't changed, could be a bandwidth-saving 304 Not Modified message.
Validation is also useful for preventing the lost update problem, which usually occurs when clients concurrently try to update a resource using the HTTP method PUT.
WebSphere sMash provides the PreconditionValidator utility that enables you to integrate validation into your handlers. The utility class takes the current entity tag
or the modified time, or both, of the resource as its argument. It validates those against the validators sent by the client in the request headers, as shown in the following example:
boolean valid = PreconditionValidator.validate(String etag); boolean valid = PreconditionValidator.validate(String etag, Date lastModified);
The following table represents the possible results of evaluating precondition headers.
| Header Type | Condition Met | Condition Not Met |
|---|---|---|
| if-match | return true | status code set to 412, return false |
| if-none-match (GET/HEAD) | return true | status code set to 304, return false |
| if-none-match (other HTTP methods) | return true | status code set to 412, return false |
| if-modified-since | return true | status code set to 304, return false |
| if-unmodified-since | return true | status code set to 412, return false |
If multiple headers are present they all must agree that the conditions are not met, otherwise a true value is returned to indicate that the request should be run.
