Example 11 with HttpSession
use of javax.servlet.http.HttpSession in project che by eclipse.
the class ServerContainerInitializeListener method createConfigurator.
private Configurator createConfigurator() {
return new Configurator() {
@Override
public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) {
super.modifyHandshake(sec, request, response);
final HttpSession httpSession = (HttpSession) request.getHttpSession();
if (httpSession != null) {
sec.getUserProperties().put(HTTP_SESSION_ATTRIBUTE, httpSession);
}
sec.getUserProperties().put(SECURITY_CONTEXT, createSecurityContext(request));
sec.getUserProperties().put(ENVIRONMENT_CONTEXT, EnvironmentContext.getCurrent());
}
};
}
Also used :
HandshakeResponse(javax.websocket.HandshakeResponse)
ServerEndpointConfig(javax.websocket.server.ServerEndpointConfig)
Configurator(javax.websocket.server.ServerEndpointConfig.Configurator)
HttpSession(javax.servlet.http.HttpSession)
HandshakeRequest(javax.websocket.server.HandshakeRequest)
Example 12 with HttpSession
use of javax.servlet.http.HttpSession in project jetty.project by eclipse.
the class HelloSessionServlet method doGet.
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html");
response.setStatus(HttpServletResponse.SC_OK);
response.addHeader("Cache-Control", "no-cache");
HttpSession session = request.getSession();
String message;
String link;
String greeting = request.getParameter("greeting");
if (greeting != null) {
session.setAttribute("greeting", greeting);
message = "New greeting '" + greeting + "' set in session.";
link = "Click <a href=\"/\">here</a> to use the new greeting from the session.";
} else {
greeting = (String) session.getAttribute("greeting");
if (greeting != null) {
message = "Greeting '" + greeting + "' set from session.";
} else {
greeting = "Hello";
message = "Greeting '" + greeting + "' is default.";
}
link = "Click <a href=\"/?greeting=Hola\">here</a> to set a new greeting.";
}
PrintWriter out = response.getWriter();
out.println("<h1>" + greeting + " from HelloSessionServlet</h1>");
out.println("<p>" + message + "</p>");
out.println("<pre>");
out.println("session.getId() = " + session.getId());
out.println("session.isNew() = " + session.isNew());
out.println("</pre>");
out.println("<p>" + link + "</p>");
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
PrintWriter(java.io.PrintWriter)
Example 13 with HttpSession
use of javax.servlet.http.HttpSession in project jetty.project by eclipse.
the class Response method encodeURL.
@Override
public String encodeURL(String url) {
final Request request = _channel.getRequest();
SessionHandler sessionManager = request.getSessionHandler();
if (sessionManager == null)
return url;
HttpURI uri = null;
if (sessionManager.isCheckingRemoteSessionIdEncoding() && URIUtil.hasScheme(url)) {
uri = new HttpURI(url);
String path = uri.getPath();
path = (path == null ? "" : path);
int port = uri.getPort();
if (port < 0)
port = HttpScheme.HTTPS.asString().equalsIgnoreCase(uri.getScheme()) ? 443 : 80;
// Is it the same server?
if (!request.getServerName().equalsIgnoreCase(uri.getHost()))
return url;
if (request.getServerPort() != port)
return url;
if (//TODO the root context path is "", with which every non null string starts
!path.startsWith(request.getContextPath()))
return url;
}
String sessionURLPrefix = sessionManager.getSessionIdPathParameterNamePrefix();
if (sessionURLPrefix == null)
return url;
if (url == null)
return null;
// should not encode if cookies in evidence
if ((sessionManager.isUsingCookies() && request.isRequestedSessionIdFromCookie()) || !sessionManager.isUsingURLs()) {
int prefix = url.indexOf(sessionURLPrefix);
if (prefix != -1) {
int suffix = url.indexOf("?", prefix);
if (suffix < 0)
suffix = url.indexOf("#", prefix);
if (suffix <= prefix)
return url.substring(0, prefix);
return url.substring(0, prefix) + url.substring(suffix);
}
return url;
}
// get session;
HttpSession session = request.getSession(false);
// no session
if (session == null)
return url;
// invalid session
if (!sessionManager.isValid(session))
return url;
String id = sessionManager.getExtendedId(session);
if (uri == null)
uri = new HttpURI(url);
// Already encoded
int prefix = url.indexOf(sessionURLPrefix);
if (prefix != -1) {
int suffix = url.indexOf("?", prefix);
if (suffix < 0)
suffix = url.indexOf("#", prefix);
if (suffix <= prefix)
return url.substring(0, prefix + sessionURLPrefix.length()) + id;
return url.substring(0, prefix + sessionURLPrefix.length()) + id + url.substring(suffix);
}
// edit the session
int suffix = url.indexOf('?');
if (suffix < 0)
suffix = url.indexOf('#');
if (suffix < 0) {
return url + //if no path, insert the root path
((HttpScheme.HTTPS.is(uri.getScheme()) || HttpScheme.HTTP.is(uri.getScheme())) && uri.getPath() == null ? "/" : "") + sessionURLPrefix + id;
}
return url.substring(0, suffix) + //if no path so insert the root path
((HttpScheme.HTTPS.is(uri.getScheme()) || HttpScheme.HTTP.is(uri.getScheme())) && uri.getPath() == null ? "/" : "") + sessionURLPrefix + id + url.substring(suffix);
}
Also used :
SessionHandler(org.eclipse.jetty.server.session.SessionHandler)
HttpSession(javax.servlet.http.HttpSession)
HttpURI(org.eclipse.jetty.http.HttpURI)
Example 14 with HttpSession
use of javax.servlet.http.HttpSession in project jetty.project by eclipse.
the class Request method getPushBuilder.
/* ------------------------------------------------------------ */
/** Get a PushBuilder associated with this request initialized as follows:<ul>
* <li>The method is initialized to "GET"</li>
* <li>The headers from this request are copied to the Builder, except for:<ul>
* <li>Conditional headers (eg. If-Modified-Since)
* <li>Range headers
* <li>Expect headers
* <li>Authorization headers
* <li>Referrer headers
* </ul></li>
* <li>If the request was Authenticated, an Authorization header will
* be set with a container generated token that will result in equivalent
* Authorization</li>
* <li>The query string from {@link #getQueryString()}
* <li>The {@link #getRequestedSessionId()} value, unless at the time
* of the call {@link #getSession(boolean)}
* has previously been called to create a new {@link HttpSession}, in
* which case the new session ID will be used as the PushBuilders
* requested session ID.</li>
* <li>The source of the requested session id will be the same as for
* this request</li>
* <li>The builders Referer header will be set to {@link #getRequestURL()}
* plus any {@link #getQueryString()} </li>
* <li>If {@link HttpServletResponse#addCookie(Cookie)} has been called
* on the associated response, then a corresponding Cookie header will be added
* to the PushBuilder, unless the {@link Cookie#getMaxAge()} is <=0, in which
* case the Cookie will be removed from the builder.</li>
* <li>If this request has has the conditional headers If-Modified-Since or
* If-None-Match then the {@link PushBuilderImpl#isConditional()} header is set
* to true.
* </ul>
*
* <p>Each call to getPushBuilder() will return a new instance
* of a PushBuilder based off this Request. Any mutations to the
* returned PushBuilder are not reflected on future returns.
* @return A new PushBuilder or null if push is not supported
*/
public PushBuilder getPushBuilder() {
if (!isPushSupported())
throw new IllegalStateException(String.format("%s,push=%b,channel=%s", this, isPush(), getHttpChannel()));
HttpFields fields = new HttpFields(getHttpFields().size() + 5);
boolean conditional = false;
for (HttpField field : getHttpFields()) {
HttpHeader header = field.getHeader();
if (header == null)
fields.add(field);
else {
switch(header) {
case IF_MATCH:
case IF_RANGE:
case IF_UNMODIFIED_SINCE:
case RANGE:
case EXPECT:
case REFERER:
case COOKIE:
continue;
case AUTHORIZATION:
continue;
case IF_NONE_MATCH:
case IF_MODIFIED_SINCE:
conditional = true;
continue;
default:
fields.add(field);
}
}
}
String id = null;
try {
HttpSession session = getSession();
if (session != null) {
// checks if session is valid
session.getLastAccessedTime();
id = session.getId();
} else
id = getRequestedSessionId();
} catch (IllegalStateException e) {
id = getRequestedSessionId();
}
PushBuilder builder = new PushBuilderImpl(this, fields, getMethod(), getQueryString(), id, conditional);
builder.addHeader("referer", getRequestURL().toString());
return builder;
}
Also used :
HttpHeader(org.eclipse.jetty.http.HttpHeader)
HostPortHttpField(org.eclipse.jetty.http.HostPortHttpField)
HttpField(org.eclipse.jetty.http.HttpField)
HttpSession(javax.servlet.http.HttpSession)
HttpFields(org.eclipse.jetty.http.HttpFields)
Example 15 with HttpSession
use of javax.servlet.http.HttpSession in project jetty.project by eclipse.
the class DoSFilter method getRateTracker.
/**
* Return a request rate tracker associated with this connection; keeps
* track of this connection's request rate. If this is not the first request
* from this connection, return the existing object with the stored stats.
* If it is the first request, then create a new request tracker.
* <p>
* Assumes that each connection has an identifying characteristic, and goes
* through them in order, taking the first that matches: user id (logged
* in), session id, client IP address. Unidentifiable connections are lumped
* into one.
* <p>
* When a session expires, its rate tracker is automatically deleted.
*
* @param request the current request
* @return the request rate tracker for the current connection
*/
public RateTracker getRateTracker(ServletRequest request) {
HttpSession session = ((HttpServletRequest) request).getSession(false);
String loadId = extractUserId(request);
final int type;
if (loadId != null) {
type = USER_AUTH;
} else {
if (isTrackSessions() && session != null && !session.isNew()) {
loadId = session.getId();
type = USER_SESSION;
} else {
loadId = isRemotePort() ? (request.getRemoteAddr() + request.getRemotePort()) : request.getRemoteAddr();
type = USER_IP;
}
}
RateTracker tracker = _rateTrackers.get(loadId);
if (tracker == null) {
boolean allowed = checkWhitelist(request.getRemoteAddr());
int maxRequestsPerSec = getMaxRequestsPerSec();
tracker = allowed ? new FixedRateTracker(loadId, type, maxRequestsPerSec) : new RateTracker(loadId, type, maxRequestsPerSec);
RateTracker existing = _rateTrackers.putIfAbsent(loadId, tracker);
if (existing != null)
tracker = existing;
if (type == USER_IP) {
// USER_IP expiration from _rateTrackers is handled by the _scheduler
_scheduler.schedule(tracker, getMaxIdleTrackerMs(), TimeUnit.MILLISECONDS);
} else if (session != null) {
// USER_SESSION expiration from _rateTrackers are handled by the HttpSessionBindingListener
session.setAttribute(__TRACKER, tracker);
}
}
return tracker;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HttpSession(javax.servlet.http.HttpSession)
Aggregations
HttpSession (javax.servlet.http.HttpSession)730
HttpServletRequest (javax.servlet.http.HttpServletRequest)151
Test (org.junit.Test)110
IOException (java.io.IOException)80
HttpServletResponse (javax.servlet.http.HttpServletResponse)80
ServletException (javax.servlet.ServletException)75
ArrayList (java.util.ArrayList)65
RequestDispatcher (javax.servlet.RequestDispatcher)59
HashMap (java.util.HashMap)48
Map (java.util.Map)44
Locale (java.util.Locale)39
Properties (java.util.Properties)39
PrintWriter (java.io.PrintWriter)38
Cookie (javax.servlet.http.Cookie)27
List (java.util.List)24
SQLException (java.sql.SQLException)23
WebUser (org.compiere.util.WebUser)23
FlakyTest (org.apache.geode.test.junit.categories.FlakyTest)20
IntegrationTest (org.apache.geode.test.junit.categories.IntegrationTest)20
ModelAndView (org.springframework.web.servlet.ModelAndView)20
