Example usage for org.apache.shiro.web.util WebUtils toHttp

List of usage examples for org.apache.shiro.web.util WebUtils toHttp

  1. HOME
  2. Java
  3. org.apache.shiro
  4. org.apache.shiro.web.util.*
  5. WebUtils
  6. toHttp

Introduction

In this page you can find the example usage for org.apache.shiro.web.util WebUtils toHttp.

Prototype

public static HttpServletResponse toHttp(ServletResponse response)

Source Link

Document

A convenience method that merely casts the incoming <code>ServletResponse</code> to an <code>HttpServletResponse</code>: <p/> <code>return (HttpServletResponse)response;</code> <p/> Logic could be changed in the future for logging or throwing an meaningful exception in non HTTP request environments (e.g.

Usage

From source file:b4f.seguridad.filtros.LoginFilter.java

@Override
protected AuthenticationToken createToken(ServletRequest request, ServletResponse sr1) throws Exception {
    HttpServletRequest httpRequest = WebUtils.toHttp(request);
    if (DEBUG) {//from   w w w  .  j a  v a2  s.com
        System.out.println("[SECURITY FILTER]  Authorization= " + httpRequest.getHeader("Authorization"));
    }

    String header = httpRequest.getHeader("Authorization");
    return new JwtToken(header != null ? header.replaceAll("JWT ", "") : null);
}

From source file:b4f.seguridad.filtros.LoginFilter.java

@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request,
        ServletResponse response) {/*from w  w w  .j  av  a2  s  . c  om*/
    if (DEBUG) {
        System.err.println("[SECURITY FILTER] login failure: message=" + e.getMessage());
    }
    HttpServletResponse toHttp = WebUtils.toHttp(response);
    try {
        toHttp.sendError(401);
    } catch (IOException ex) {
        Logger.getLogger(LoginFilter.class.getName()).log(Level.SEVERE, null, ex);
    }
    return false;
}

From source file:b4f.seguridad.filtros.LoginFilter.java

@Override
protected boolean onAccessDenied(ServletRequest sr, ServletResponse sr1) throws Exception {
    if (DEBUG) {/*from  w  ww.  java  2 s. c o m*/
        System.err.println("[SECURITY FILTER] Access denied");
    }
    HttpServletRequest httpRequest = WebUtils.toHttp(sr);
    HttpServletResponse httpResponse = WebUtils.toHttp(sr1);
    String httpMethod = httpRequest.getMethod();
    if ("OPTIONS".equalsIgnoreCase(httpMethod)) {
        httpResponse.addHeader("Access-Control-Allow-Origin", "*");
        httpResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
        httpResponse.addHeader("Access-Control-Allow-Headers",
                "X-Requested-With,Origin,Content-Type, Accept, authorization");
        return true;
    } else {
        httpResponse.addHeader("Access-Control-Allow-Origin", "*");
        httpResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
        httpResponse.addHeader("Access-Control-Allow-Headers",
                "X-Requested-With,Origin,Content-Type, Accept, authorization");
        return executeLogin(sr, sr1);
    }

}

From source file:b4f.seguridad.filtros.RolesFilter.java

@Override
protected boolean onAccessDenied(ServletRequest sr, ServletResponse sr1) {

    HttpServletRequest httpRequest = WebUtils.toHttp(sr);
    HttpServletResponse httpResponse = WebUtils.toHttp(sr1);
    String httpMethod = httpRequest.getMethod();
    if ("OPTIONS".equalsIgnoreCase(httpMethod)) {
        httpResponse.addHeader("Access-Control-Allow-Origin", "*");
        httpResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
        httpResponse.addHeader("Access-Control-Allow-Headers",
                "X-Requested-With,Origin,Content-Type, Accept, authorization");

    } else {//from w w  w  .  ja v  a2s. c om
        httpResponse.addHeader("Access-Control-Allow-Origin", "*");
        httpResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
        httpResponse.addHeader("Access-Control-Allow-Headers",
                "X-Requested-With,Origin,Content-Type, Accept, authorization");

    }

    return false;
}

From source file:cn.dreampie.common.plugin.shiro.MyFormAuthenticationFilter.java

License:Apache License

/**
 * This default implementation merely returns <code>true</code> if the request is an HTTP <code>POST</code>,
 * <code>false</code> otherwise. Can be overridden by subclasses for custom login submission detection behavior.
 *
 * @param request  the incoming ServletRequest
 * @param response the outgoing ServletResponse.
 * @return <code>true</code> if the request is an HTTP <code>POST</code>, <code>false</code> otherwise.
 *//*from   w  w  w.  j a  va  2 s .  c om*/
@SuppressWarnings({ "UnusedDeclaration" })
protected boolean isLoginSubmission(ServletRequest request, ServletResponse response) {
    return (request instanceof HttpServletRequest)
            && WebUtils.toHttp(request).getMethod().equalsIgnoreCase(POST_METHOD);
}

From source file:cn.mmb.b2b.user.infrastructure.filter.JCaptchaValidateFilter.java

License:Apache License

@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
        throws Exception {
    //1????????????
    request.setAttribute("jcaptchaEbabled", jcaptchaEbabled);

    HttpServletRequest httpServletRequest = WebUtils.toHttp(request);
    //2????? ?????
    if (jcaptchaEbabled == false || !"post".equalsIgnoreCase(httpServletRequest.getMethod())) {
        return true;
    }// w  w w.j a v  a2s  .c  o m
    //3????????
    return JCaptcha.validateResponse(httpServletRequest, httpServletRequest.getParameter(jcaptchaParam));
}

From source file:co.edu.uniandes.csw.auth.filter.JWTAllowGetFilter.java

@Override
public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {

    String httpMethod = WebUtils.toHttp(request).getMethod();

    if ("GET".equals(httpMethod)) {
        return true;
    }//from   w ww  . j  a  v  a 2  s. c o  m
    return super.isAccessAllowed(request, response, mappedValue);
}

From source file:co.edu.uniandes.csw.auth.filter.RestAllowGetFilter.java

@Override
public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
        throws IOException {

    String httpMethod = WebUtils.toHttp(request).getMethod();

    if ("GET".equals(httpMethod)) {
        return true;
    }//  ww  w. ja  v a 2 s.c  o m
    return super.isAccessAllowed(request, response, mappedValue);
}

From source file:co.edu.uniandes.csw.miso4204.security.auth.SecurityFilter.java

@Override
protected AuthenticationToken createToken(ServletRequest request, ServletResponse sr1) throws Exception {
    HttpServletRequest httpRequest = WebUtils.toHttp(request);
    return new JwtToken(httpRequest.getHeader("x_rest_user"));
}

From source file:co.edu.uniandes.csw.miso4204.security.auth.SecurityFilter.java

@Override
protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request,
        ServletResponse response) {/*from w  ww .java  2 s.  c  o m*/
    HttpServletResponse toHttp = WebUtils.toHttp(response);
    try {
        toHttp.sendError(401);
    } catch (IOException ex) {
        Logger.getLogger(SecurityFilter.class.getName()).log(Level.SEVERE, null, ex);
    }
    return false;
}