List of usage examples for javax.servlet ServletRequest isSecure
public boolean isSecure();
From source file:com.springsource.hq.plugin.tcserver.serverconfig.web.support.RequestUtils.java
/** * Returns the url to access HQ locally, i.e. without routing through any proxy or load balancer which may be in * front of HQ.// w w w . j a v a 2 s. c om * * @param request A request received by the HQ server from which the HQ URL will be determined * @return the local URL for the HQ server hosting the web app */ public static String getLocalHqUrl(ServletRequest request) { StringBuilder serverUrl = new StringBuilder(); serverUrl.append(request.getScheme()); serverUrl.append("://"); String hostName = request.getLocalName(); if (hostName.contains(":")) { hostName = "[" + hostName + "]"; } serverUrl.append(hostName); serverUrl.append(":"); serverUrl.append(request.getLocalPort()); if (request.isSecure()) { LOGGER.debug("Registering protocol."); UntrustedSSLProtocolSocketFactory.register(); } return serverUrl.toString(); }
From source file:org.apache.nifi.minifi.c2.security.authentication.X509AuthenticationFilter.java
private void authenticateIfPossible(ServletRequest request) { if (!request.isSecure()) { return;/*from w ww . j a v a 2s. co m*/ } X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate"); if (certs == null || certs.length == 0) { if (logger.isDebugEnabled()) { logger.debug( "Unable to get certificates in request from " + HttpRequestUtil.getClientString(request)); } return; } Authentication authentication = authenticationManager.authenticate(new X509AuthenticationToken(certs)); if (authentication.isAuthenticated()) { SecurityContextHolder.getContext().setAuthentication(authentication); } }
From source file:fr.xebia.servlet.filter.SecuredRemoteAddressFilterTest.java
private void testRemoteAddr(String remoteAddr, boolean expected) throws ServletException, IOException { SecuredRemoteAddressFilter filter = new SecuredRemoteAddressFilter(); MockFilterConfig filterConfig = new MockFilterConfig(); filter.init(filterConfig);//from w w w .ja v a 2s .c o m final AtomicBoolean secured = new AtomicBoolean(); MockFilterChain filterChain = new MockFilterChain() { @Override public void doFilter(ServletRequest request, ServletResponse response) { secured.set(request.isSecure()); } }; MockHttpServletRequest request = new MockHttpServletRequest(); request.setRemoteAddr(remoteAddr); filter.doFilter(request, new MockHttpServletResponse(), filterChain); assertEquals(expected, secured.get()); }
From source file:com.castlemock.web.basis.web.mvc.controller.AbstractViewController.java
/** * The method indicates which protocol is used for the incoming request: HTTP or HTTPS * @param request The request is used to determine the protocol * @return HTTP is returned if the request is not secured. HTTPS is returned if the request is secured. *//*from w w w . ja v a2 s . c o m*/ protected String getProtocol(final ServletRequest request) { return request.isSecure() ? HTTPS : HTTP; }
From source file:ru.org.linux.group.GroupModificationController.java
@RequestMapping(value = "/groupmod.jsp", method = RequestMethod.GET) public ModelAndView showForm(@RequestParam("group") int id, ServletRequest request) throws Exception { Template tmpl = Template.getTemplate(request); if (!tmpl.isModeratorSession()) { throw new AccessViolationException("Not moderator"); }// w ww. ja va 2 s . co m Group group = groupDao.getGroup(id); ModelAndView mv = new ModelAndView("groupmod", "group", group); mv.getModel().put("groupInfo", prepareService.prepareGroupInfo(group, request.isSecure())); return mv; }
From source file:gov.nih.nci.caarray.web.filter.CacheControlFilter.java
/** * {@inheritDoc}//www .ja v a 2 s . c o m */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!(response instanceof HttpServletResponse)) { chain.doFilter(request, response); return; } HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; if (StringUtils.substringAfterLast(httpRequest.getRequestURI(), ".").equals(DYNAMIC_URL_EXTENSION)) { if (!request.isSecure()) { // workaround for IE files bug http://support.microsoft.com/kb/812935 httpResponse.addHeader("Cache-control", "no-cache"); httpResponse.addHeader("Pragma", "no-cache"); } httpResponse.addIntHeader("Expires", 0); } chain.doFilter(request, response); }
From source file:org.everit.jetty.server.ecm.tests.EchoRemoteInfoServlet.java
@Override public void service(final ServletRequest req, final ServletResponse res) throws ServletException, IOException { PrintWriter writer = res.getWriter(); JSONObject jsonObject = new JSONObject(); jsonObject.put("remoteAddr", req.getRemoteAddr()); jsonObject.put("remoteHost", req.getRemoteHost()); jsonObject.put("remotePort", req.getRemotePort()); jsonObject.put("serverName", req.getServerName()); jsonObject.put("serverPort", req.getServerPort()); jsonObject.put("protocol", req.getProtocol()); jsonObject.put("secure", req.isSecure()); writer.write(jsonObject.toString()); }
From source file:ru.org.linux.group.GroupModificationController.java
@RequestMapping(value = "/groupmod.jsp", method = RequestMethod.POST) public ModelAndView modifyGroup(@RequestParam("group") int id, @RequestParam("title") String title, @RequestParam("info") String info, @RequestParam("urlName") String urlName, @RequestParam("longinfo") String longInfo, @RequestParam(value = "preview", required = false) String preview, @RequestParam(value = "resolvable", required = false) String resolvable, ServletRequest request) throws Exception { Template tmpl = Template.getTemplate(request); if (!tmpl.isModeratorSession()) { throw new AccessViolationException("Not moderator"); }/*w ww. j av a 2s. c o m*/ Group group = groupDao.getGroup(id); if (preview != null) { group.setTitle(title); group.setInfo(info); group.setLongInfo(longInfo); Map<String, Object> params = new HashMap<>(); params.put("group", group); params.put("groupInfo", prepareService.prepareGroupInfo(group, request.isSecure())); params.put("preview", true); return new ModelAndView("groupmod", params); } groupDao.setParams(group, title, info, longInfo, resolvable != null, urlName); return new ModelAndView("action-done", "message", " "); }
From source file:org.apache.roller.weblogger.ui.core.filters.SchemeEnforcementFilter.java
/** * Process filter./*from w w w . j a va 2s. co m*/ * * We'll take the incoming request and first determine if this is a secure * request. If the request is secure then we'll see if it matches one of the * allowed secure urls, if not then we will redirect back out of https. */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (this.schemeEnforcementEnabled && this.secureLoginEnabled) { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; if (log.isDebugEnabled()) log.debug("checking path = " + req.getServletPath()); if (!request.isSecure() && allowedUrls.contains(req.getServletPath())) { // http insecure request that should be over https String redirect = "https://" + req.getServerName(); if (this.httpsPort != 443) redirect += ":" + this.httpsPort; redirect += req.getRequestURI(); if (req.getQueryString() != null) redirect += "?" + req.getQueryString(); if (log.isDebugEnabled()) log.debug("Redirecting to " + redirect); res.sendRedirect(redirect); return; } else if (request.isSecure() && !isIgnoredURL(req.getServletPath()) && !allowedUrls.contains(req.getServletPath())) { // https secure request that should be over http String redirect = "http://" + req.getServerName(); if (this.httpPort != 80) redirect += ":" + this.httpPort; redirect += req.getRequestURI(); if (req.getQueryString() != null) redirect += "?" + req.getQueryString(); if (log.isDebugEnabled()) log.debug("Redirecting to " + redirect); res.sendRedirect(redirect); return; } } chain.doFilter(request, response); }
From source file:org.apache.cxf.fediz.service.idp.STSPortFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { Assert.isTrue(applicationContext != null, "Application context must not be null"); STSAuthenticationProvider authProvider = authenticationProvider; if (authProvider == null) { authProvider = applicationContext.getBean(STSAuthenticationProvider.class); }/*from w ww .j a v a2s.c om*/ Assert.isTrue(authProvider != null, "STSAuthenticationProvider must be configured"); //Only update the port if HTTPS is used, otherwise ignored (like retrieving the WADL over HTTP) if (!isPortSet && request.isSecure()) { try { URL url = new URL(authProvider.getWsdlLocation()); if (url.getPort() == 0) { URL updatedUrl = new URL(url.getProtocol(), url.getHost(), request.getLocalPort(), url.getFile()); setSTSWsdlUrl(authProvider, updatedUrl.toString()); LOG.info("STSAuthenticationProvider.wsdlLocation set to " + updatedUrl.toString()); } else { setSTSWsdlUrl(authProvider, url.toString()); } } catch (MalformedURLException e) { LOG.error("Invalid Url '" + authProvider.getWsdlLocation() + "': " + e.getMessage()); } } chain.doFilter(request, response); }