List of usage examples for org.springframework.security.web.util UrlUtils isAbsoluteUrl
public static boolean isAbsoluteUrl(String url)
From source file:com.jnj.b2b.storefront.security.impl.WebHttpSessionRequestCache.java
protected String calculateRelativeRedirectUrl(final String contextPath, final String url) { if (UrlUtils.isAbsoluteUrl(url)) { String relUrl = url.substring(url.indexOf("://") + 3); String modifiedContextPath = contextPath; final String urlEncodingAttributes = getSessionService() .getAttribute(WebConstants.URL_ENCODING_ATTRIBUTES); if (urlEncodingAttributes != null && !url.contains(urlEncodingAttributes) && modifiedContextPath.contains(urlEncodingAttributes)) { modifiedContextPath = StringUtils.remove(modifiedContextPath, urlEncodingAttributes); }// w w w .j ava 2 s. c o m if (StringUtils.isEmpty(relUrl) || StringUtils.isEmpty(modifiedContextPath)) { relUrl = "/"; } else { relUrl = relUrl.substring(relUrl.indexOf(modifiedContextPath) + modifiedContextPath.length()); } return relUrl; } else { return url; } }
From source file:com.acc.storefront.security.impl.WebHttpSessionRequestCache.java
protected String calculateRelativeRedirectUrl(final String contextPath, final String url) { if (UrlUtils.isAbsoluteUrl(url)) { String relUrl = url.substring(url.indexOf("://") + 3); String modifiedContextPath = contextPath; String urlEncodingAttributes = getSessionService().getAttribute(WebConstants.URL_ENCODING_ATTRIBUTES); if (urlEncodingAttributes != null && !url.contains(urlEncodingAttributes) && modifiedContextPath.contains(urlEncodingAttributes)) { modifiedContextPath = StringUtils.remove(modifiedContextPath, urlEncodingAttributes); }//from w w w. j a v a 2 s.c om if (StringUtils.isEmpty(relUrl)) { relUrl = "/"; } else { relUrl = relUrl.substring(relUrl.indexOf(modifiedContextPath) + modifiedContextPath.length()); } return relUrl; } else { return url; } }
From source file:cec.easyshop.storefront.security.impl.WebHttpSessionRequestCache.java
protected String calculateRelativeRedirectUrl(final String contextPath, final String url) { if (UrlUtils.isAbsoluteUrl(url)) { String relUrl = url.substring(url.indexOf("://") + 3); String modifiedContextPath = (StringUtils.isNotEmpty(contextPath)) ? contextPath : "/"; final String urlEncodingAttributes = getSessionService() .getAttribute(WebConstants.URL_ENCODING_ATTRIBUTES); if (urlEncodingAttributes != null && !url.contains(urlEncodingAttributes) && modifiedContextPath.contains(urlEncodingAttributes)) { modifiedContextPath = StringUtils.remove(modifiedContextPath, urlEncodingAttributes); }//from w w w. ja v a 2 s . c o m relUrl = relUrl.substring(relUrl.indexOf(modifiedContextPath) + modifiedContextPath.length()); return (StringUtils.isEmpty(relUrl)) ? "/" : relUrl; } else { return url; } }
From source file:com.epam.storefront.security.impl.WebHttpSessionRequestCache.java
protected String calculateRelativeRedirectUrl(final String contextPath, final String url) { if (UrlUtils.isAbsoluteUrl(url)) { String relUrl = url.substring(url.indexOf("://") + 3); String modifiedContextPath = contextPath; final String urlEncodingAttributes = getSessionService() .getAttribute(WebConstants.URL_ENCODING_ATTRIBUTES); if (urlEncodingAttributes != null && !url.contains(urlEncodingAttributes) && modifiedContextPath.contains(urlEncodingAttributes)) { modifiedContextPath = StringUtils.remove(modifiedContextPath, urlEncodingAttributes); }//from w w w . ja v a2s . c o m if (StringUtils.isEmpty(relUrl)) { relUrl = "/"; } else { relUrl = relUrl.substring(relUrl.indexOf(modifiedContextPath) + modifiedContextPath.length()); } return relUrl; } else { return url; } }
From source file:com.ctc.storefront.security.impl.WebHttpSessionRequestCache.java
protected String calculateRelativeRedirectUrl(final String contextPath, final String url) { if (UrlUtils.isAbsoluteUrl(url)) { String relUrl = url.substring(url.indexOf("://") + 3); String modifiedContextPath = StringUtils.isNotEmpty(contextPath) ? contextPath : "/"; final String urlEncodingAttributes = getSessionService() .getAttribute(WebConstants.URL_ENCODING_ATTRIBUTES); if (urlEncodingAttributes != null && !url.contains(urlEncodingAttributes) && modifiedContextPath.contains(urlEncodingAttributes)) { modifiedContextPath = StringUtils.remove(modifiedContextPath, urlEncodingAttributes); }//from www. j a va2 s. c o m relUrl = relUrl.substring(relUrl.indexOf(modifiedContextPath) + modifiedContextPath.length()); return StringUtils.isEmpty(relUrl) ? "/" : relUrl; } else { return url; } }
From source file:org.xine.marketplace.frontend.views.security.JsfLoginUrlAuthenticationEntryPoint.java
protected String buildRedirectUrlToLoginPage(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) { final String loginForm = determineUrlToUseForThisRequest(request, response, authException); if (UrlUtils.isAbsoluteUrl(loginForm)) { return loginForm; }// www . ja v a 2 s . co m final int serverPort = this.portResolver.getServerPort(request); final String scheme = request.getScheme(); final RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder(); urlBuilder.setScheme(scheme); urlBuilder.setServerName(request.getServerName()); urlBuilder.setPort(serverPort); urlBuilder.setContextPath(request.getContextPath()); urlBuilder.setPathInfo(loginForm); if (this.forceHttps && "http".equals(scheme)) { final Integer httpsPort = this.portMapper.lookupHttpsPort(Integer.valueOf(serverPort)); if (httpsPort != null) { // Overwrite scheme and port in the redirect URL urlBuilder.setScheme("https"); urlBuilder.setPort(httpsPort.intValue()); } else { logger.warn("Unable to redirect to HTTPS as no port mapping found for HTTP port " + serverPort); } } return urlBuilder.getUrl(); }
From source file:com.sibvisions.rad.server.security.spring.authentication.SecurityManagerPreparer.java
/** * Builds the absolute logout process URL based on the request instance <code>pRequest</code> and <code>logoutProcessUrl</code>. * /*from w ww .ja va 2 s . c o m*/ * @param pRequest the request to build the logout process URL * * @return the absolute logout process URL */ protected String buildAbsoluteLogoutProcessUrl(HttpServletRequest pRequest) { if (logoutProcessUrl.startsWith("./") || UrlUtils.isAbsoluteUrl(logoutProcessUrl)) { return logoutProcessUrl; } RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder(); urlBuilder.setScheme(pRequest.getScheme()); urlBuilder.setServerName(pRequest.getServerName()); urlBuilder.setPort(portResolver.getServerPort(pRequest)); urlBuilder.setContextPath(pRequest.getContextPath()); urlBuilder.setPathInfo(logoutProcessUrl); return urlBuilder.getUrl(); }
From source file:de.thm.arsnova.controller.LoginController.java
@RequestMapping(value = { "/auth/dialog" }, method = RequestMethod.GET)
@ResponseBody//from w ww . j a v a 2s . c om
public View dialog(@RequestParam("type") final String type,
@RequestParam(value = "successurl", defaultValue = "/") String successUrl,
@RequestParam(value = "failureurl", defaultValue = "/") String failureUrl,
final HttpServletRequest request, final HttpServletResponse response)
throws IOException, ServletException {
View result = null;
/* Use URLs from a request parameters for redirection as long as the
* URL is not absolute (to prevent abuse of the redirection). */
if (UrlUtils.isAbsoluteUrl(successUrl)) {
successUrl = "/";
}
if (UrlUtils.isAbsoluteUrl(failureUrl)) {
failureUrl = "/";
}
String serverUrl = request.getScheme() + "://" + request.getServerName();
/* Handle proxy
* TODO: It might be better, to support the proposed standard: http://tools.ietf.org/html/rfc7239 */
int port = "".equals(request.getHeader("X-Forwarded-Port"))
? Integer.valueOf(request.getHeader("X-Forwarded-Port"))
: request.getServerPort();
if ("https".equals(request.getScheme())) {
if (443 != port) {
serverUrl = serverUrl + ":" + String.valueOf(port);
}
} else {
if (80 != port) {
serverUrl = serverUrl + ":" + String.valueOf(port);
}
}
request.getSession().setAttribute("ars-login-success-url", serverUrl + successUrl);
request.getSession().setAttribute("ars-login-failure-url", serverUrl + failureUrl);
if ("cas".equals(type)) {
casEntryPoint.commence(request, response, null);
} else if ("twitter".equals(type)) {
final String authUrl = twitterProvider.getAuthorizationUrl(new HttpUserSession(request));
result = new RedirectView(authUrl);
} else if ("facebook".equals(type)) {
facebookProvider.setFields("id,link");
facebookProvider.setScope("");
final String authUrl = facebookProvider.getAuthorizationUrl(new HttpUserSession(request));
result = new RedirectView(authUrl);
} else if ("google".equals(type)) {
final String authUrl = googleProvider.getAuthorizationUrl(new HttpUserSession(request));
result = new RedirectView(authUrl);
}
return result;
}
From source file:org.fluxtream.core.auth.FlxLoginUrlAuthenticationEntryPoint.java
protected String buildRedirectUrlToLoginPage(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { String loginForm = determineUrlToUseForThisRequest(request, response, authException); if (UrlUtils.isAbsoluteUrl(loginForm)) { return loginForm; }/* w w w . j a v a 2 s.c om*/ int serverPort = portResolver.getServerPort(request); String scheme = request.getScheme(); RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder(); urlBuilder.setScheme(scheme); urlBuilder.setServerName(request.getServerName()); urlBuilder.setPort(serverPort); urlBuilder.setContextPath(request.getContextPath()); urlBuilder.setPathInfo(loginForm); if (forceHttps && "http".equals(scheme)) { Integer httpsPort = portMapper.lookupHttpsPort(Integer.valueOf(serverPort)); if (httpsPort != null) { // Overwrite scheme and port in the redirect URL urlBuilder.setScheme("https"); urlBuilder.setPort(httpsPort.intValue()); } else { logger.warn("Unable to redirect to HTTPS as no port mapping found for HTTP port " + serverPort); } } return urlBuilder.getUrl(); }