Search in sources :

Example 6 with SessionAttachmentHandler

use of io.undertow.server.session.SessionAttachmentHandler in project undertow by undertow-io.

the class SsoTestCase method setup.

@BeforeClass
public static void setup() {
    final SingleSignOnAuthenticationMechanism sso = new SingleSignOnAuthenticationMechanism(new InMemorySingleSignOnManager());
    final PathHandler path = new PathHandler();
    HttpHandler current = new ResponseHandler();
    current = new AuthenticationCallHandler(current);
    current = new AuthenticationConstraintHandler(current);
    List<AuthenticationMechanism> mechs = new ArrayList<>();
    mechs.add(sso);
    mechs.add(new BasicAuthenticationMechanism("Test Realm"));
    current = new AuthenticationMechanismsHandler(current, mechs);
    current = new NotificationReceiverHandler(current, Collections.<NotificationReceiver>singleton(auditReceiver));
    current = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, identityManager, current);
    path.addPrefixPath("/test1", current);
    current = new ResponseHandler();
    current = new AuthenticationCallHandler(current);
    current = new AuthenticationConstraintHandler(current);
    mechs = new ArrayList<>();
    mechs.add(sso);
    mechs.add(new FormAuthenticationMechanism("form", "/login", "/error"));
    current = new AuthenticationMechanismsHandler(current, mechs);
    current = new NotificationReceiverHandler(current, Collections.<NotificationReceiver>singleton(auditReceiver));
    current = new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, identityManager, current);
    path.addPrefixPath("/test2", current);
    path.addPrefixPath("/login", new ResponseCodeHandler(StatusCodes.UNAUTHORIZED));
    DefaultServer.setRootHandler(new SessionAttachmentHandler(path, new InMemorySessionManager(""), new SessionCookieConfig()));
}
Also used : HttpHandler(io.undertow.server.HttpHandler) AuthenticationConstraintHandler(io.undertow.security.handlers.AuthenticationConstraintHandler) FormAuthenticationMechanism(io.undertow.security.impl.FormAuthenticationMechanism) SingleSignOnAuthenticationMechanism(io.undertow.security.impl.SingleSignOnAuthenticationMechanism) SingleSignOnAuthenticationMechanism(io.undertow.security.impl.SingleSignOnAuthenticationMechanism) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism) AuthenticationMechanism(io.undertow.security.api.AuthenticationMechanism) FormAuthenticationMechanism(io.undertow.security.impl.FormAuthenticationMechanism) ArrayList(java.util.ArrayList) PathHandler(io.undertow.server.handlers.PathHandler) ResponseCodeHandler(io.undertow.server.handlers.ResponseCodeHandler) SessionAttachmentHandler(io.undertow.server.session.SessionAttachmentHandler) InMemorySingleSignOnManager(io.undertow.security.impl.InMemorySingleSignOnManager) NotificationReceiverHandler(io.undertow.security.handlers.NotificationReceiverHandler) SecurityInitialHandler(io.undertow.security.handlers.SecurityInitialHandler) AuthenticationMechanismsHandler(io.undertow.security.handlers.AuthenticationMechanismsHandler) NotificationReceiver(io.undertow.security.api.NotificationReceiver) AuthenticationCallHandler(io.undertow.security.handlers.AuthenticationCallHandler) SessionCookieConfig(io.undertow.server.session.SessionCookieConfig) BasicAuthenticationMechanism(io.undertow.security.impl.BasicAuthenticationMechanism) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager) BeforeClass(org.junit.BeforeClass)

Example 7 with SessionAttachmentHandler

use of io.undertow.server.session.SessionAttachmentHandler in project undertow by undertow-io.

the class SSLSessionTestCase method testSslSession.

@Test
public void testSslSession() throws IOException {
    TestHttpClient client = new TestHttpClient();
    try {
        InMemorySessionManager sessionManager = new InMemorySessionManager("");
        final SslSessionConfig sessionConfig = new SslSessionConfig(sessionManager);
        final SessionAttachmentHandler handler = new SessionAttachmentHandler(sessionManager, sessionConfig).setNext(new HttpHandler() {

            @Override
            public void handleRequest(final HttpServerExchange exchange) throws Exception {
                final SessionManager manager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
                Session session = manager.getSession(exchange, sessionConfig);
                if (session == null) {
                    session = manager.createSession(exchange, sessionConfig);
                    session.setAttribute(COUNT, 0);
                }
                Integer count = (Integer) session.getAttribute(COUNT);
                exchange.getResponseHeaders().add(new HttpString(COUNT), count.toString());
                session.setAttribute(COUNT, ++count);
            }
        });
        DefaultServer.startSSLServer();
        client.setSSLContext(DefaultServer.getClientSSLContext());
        DefaultServer.setRootHandler(handler);
        HttpGet get = new HttpGet(DefaultServer.getDefaultServerSSLAddress() + "/notamatchingpath");
        HttpResponse result = client.execute(get);
        Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        HttpClientUtils.readResponse(result);
        Header[] header = result.getHeaders(COUNT);
        Assert.assertEquals("0", header[0].getValue());
        get = new HttpGet(DefaultServer.getDefaultServerSSLAddress() + "/notamatchingpath");
        result = client.execute(get);
        Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        HttpClientUtils.readResponse(result);
        header = result.getHeaders(COUNT);
        Assert.assertEquals("1", header[0].getValue());
        get = new HttpGet(DefaultServer.getDefaultServerSSLAddress() + "/notamatchingpath");
        result = client.execute(get);
        Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        HttpClientUtils.readResponse(result);
        header = result.getHeaders(COUNT);
        Assert.assertEquals("2", header[0].getValue());
        Assert.assertEquals(0, client.getCookieStore().getCookies().size());
    } finally {
        DefaultServer.stopSSLServer();
        client.getConnectionManager().shutdown();
    }
}
Also used : HttpHandler(io.undertow.server.HttpHandler) SessionManager(io.undertow.server.session.SessionManager) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager) HttpGet(org.apache.http.client.methods.HttpGet) HttpResponse(org.apache.http.HttpResponse) IOException(java.io.IOException) TestHttpClient(io.undertow.testutils.TestHttpClient) HttpServerExchange(io.undertow.server.HttpServerExchange) SessionAttachmentHandler(io.undertow.server.session.SessionAttachmentHandler) SslSessionConfig(io.undertow.server.session.SslSessionConfig) Header(org.apache.http.Header) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager) Session(io.undertow.server.session.Session) HttpString(io.undertow.util.HttpString) Test(org.junit.Test)

Example 8 with SessionAttachmentHandler

use of io.undertow.server.session.SessionAttachmentHandler in project undertow by undertow-io.

the class AbstractModClusterTestBase method createNode.

static Undertow createNode(final NodeTestConfig config) {
    final Undertow.Builder builder = Undertow.builder();
    final String type = config.getType();
    switch(type) {
        case "ajp":
            builder.addAjpListener(config.getPort(), config.getHostname());
            break;
        case "http":
            builder.addHttpListener(config.getPort(), config.getHostname());
            break;
        case "https":
            builder.addHttpsListener(config.getPort(), config.getHostname(), DefaultServer.getServerSslContext());
            break;
        default:
            throw new IllegalArgumentException(type);
    }
    final SessionCookieConfig sessionConfig = new SessionCookieConfig();
    if (config.getStickySessionCookie() != null) {
        sessionConfig.setCookieName(config.getStickySessionCookie());
    }
    final PathHandler pathHandler = path(ResponseCodeHandler.HANDLE_200).addPrefixPath("/name", new StringSendHandler(config.getJvmRoute())).addPrefixPath("/session", new SessionAttachmentHandler(new SessionTestHandler(config.getJvmRoute(), sessionConfig), new InMemorySessionManager(""), sessionConfig));
    // Setup test handlers
    config.setupHandlers(pathHandler);
    builder.setSocketOption(Options.REUSE_ADDRESSES, true).setHandler(jvmRoute("JSESSIONID", config.getJvmRoute(), pathHandler));
    return builder.build();
}
Also used : SessionAttachmentHandler(io.undertow.server.session.SessionAttachmentHandler) PathHandler(io.undertow.server.handlers.PathHandler) SessionCookieConfig(io.undertow.server.session.SessionCookieConfig) Undertow(io.undertow.Undertow) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager)

Example 9 with SessionAttachmentHandler

use of io.undertow.server.session.SessionAttachmentHandler in project undertow by undertow-io.

the class InMemorySessionTestCase method inMemoryMaxSessionsTest.

@Test
public void inMemoryMaxSessionsTest() throws IOException {
    TestHttpClient client1 = new TestHttpClient();
    client1.setCookieStore(new BasicCookieStore());
    TestHttpClient client2 = new TestHttpClient();
    client2.setCookieStore(new BasicCookieStore());
    try {
        final SessionCookieConfig sessionConfig = new SessionCookieConfig();
        final SessionAttachmentHandler handler = new SessionAttachmentHandler(new InMemorySessionManager("", 1, true), sessionConfig);
        handler.setNext(new HttpHandler() {

            @Override
            public void handleRequest(final HttpServerExchange exchange) throws Exception {
                final SessionManager manager = exchange.getAttachment(SessionManager.ATTACHMENT_KEY);
                Session session = manager.getSession(exchange, sessionConfig);
                if (session == null) {
                    session = manager.createSession(exchange, sessionConfig);
                    session.setAttribute(COUNT, 0);
                }
                Integer count = (Integer) session.getAttribute(COUNT);
                exchange.getResponseHeaders().add(new HttpString(COUNT), count.toString());
                session.setAttribute(COUNT, ++count);
            }
        });
        DefaultServer.setRootHandler(handler);
        HttpGet get = new HttpGet(DefaultServer.getDefaultServerURL() + "/notamatchingpath");
        HttpResponse result = client1.execute(get);
        Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        HttpClientUtils.readResponse(result);
        Header[] header = result.getHeaders(COUNT);
        Assert.assertEquals("0", header[0].getValue());
        get = new HttpGet(DefaultServer.getDefaultServerURL() + "/notamatchingpath");
        result = client1.execute(get);
        Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        HttpClientUtils.readResponse(result);
        header = result.getHeaders(COUNT);
        Assert.assertEquals("1", header[0].getValue());
        get = new HttpGet(DefaultServer.getDefaultServerURL() + "/notamatchingpath");
        result = client2.execute(get);
        Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        HttpClientUtils.readResponse(result);
        header = result.getHeaders(COUNT);
        Assert.assertEquals("0", header[0].getValue());
        get = new HttpGet(DefaultServer.getDefaultServerURL() + "/notamatchingpath");
        result = client1.execute(get);
        Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
        HttpClientUtils.readResponse(result);
        header = result.getHeaders(COUNT);
        Assert.assertEquals("0", header[0].getValue());
    } finally {
        client1.getConnectionManager().shutdown();
        client2.getConnectionManager().shutdown();
    }
}
Also used : HttpHandler(io.undertow.server.HttpHandler) SessionManager(io.undertow.server.session.SessionManager) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager) HttpGet(org.apache.http.client.methods.HttpGet) HttpResponse(org.apache.http.HttpResponse) IOException(java.io.IOException) TestHttpClient(io.undertow.testutils.TestHttpClient) HttpServerExchange(io.undertow.server.HttpServerExchange) SessionAttachmentHandler(io.undertow.server.session.SessionAttachmentHandler) BasicCookieStore(org.apache.http.impl.client.BasicCookieStore) Header(org.apache.http.Header) SessionCookieConfig(io.undertow.server.session.SessionCookieConfig) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager) Session(io.undertow.server.session.Session) HttpString(io.undertow.util.HttpString) Test(org.junit.Test)

Example 10 with SessionAttachmentHandler

use of io.undertow.server.session.SessionAttachmentHandler in project undertow by undertow-io.

the class Http2Server method main.

public static void main(final String[] args) throws Exception {
    String version = System.getProperty("java.version");
    System.out.println("Java version " + version);
    if (version.charAt(0) == '1' && Integer.parseInt(version.charAt(2) + "") < 8) {
        System.out.println("This example requires Java 1.8 or later");
        System.out.println("The HTTP2 spec requires certain cyphers that are not present in older JVM's");
        System.out.println("See section 9.2.2 of the HTTP2 specification for details");
        System.exit(1);
    }
    String bindAddress = System.getProperty("bind.address", "localhost");
    SSLContext sslContext = createSSLContext(loadKeyStore("server.keystore"), loadKeyStore("server.truststore"));
    Undertow server = Undertow.builder().setServerOption(UndertowOptions.ENABLE_HTTP2, true).addHttpListener(8080, bindAddress).addHttpsListener(8443, bindAddress, sslContext).setHandler(new SessionAttachmentHandler(new LearningPushHandler(100, -1, Handlers.header(predicate(secure(), resource(new PathResourceManager(Paths.get(System.getProperty("example.directory", System.getProperty("user.home"))), 100)).setDirectoryListingEnabled(true), new HttpHandler() {

        @Override
        public void handleRequest(HttpServerExchange exchange) throws Exception {
            exchange.getResponseHeaders().add(Headers.LOCATION, "https://" + exchange.getHostName() + ":" + (exchange.getHostPort() + 363) + exchange.getRelativePath());
            exchange.setStatusCode(StatusCodes.TEMPORARY_REDIRECT);
        }
    }), "x-undertow-transport", ExchangeAttributes.transportProtocol())), new InMemorySessionManager("test"), new SessionCookieConfig())).build();
    server.start();
    SSLContext clientSslContext = createSSLContext(loadKeyStore("client.keystore"), loadKeyStore("client.truststore"));
    LoadBalancingProxyClient proxy = new LoadBalancingProxyClient().addHost(new URI("https://localhost:8443"), null, new UndertowXnioSsl(Xnio.getInstance(), OptionMap.EMPTY, clientSslContext), OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).setConnectionsPerThread(20);
    Undertow reverseProxy = Undertow.builder().setServerOption(UndertowOptions.ENABLE_HTTP2, true).addHttpListener(8081, bindAddress).addHttpsListener(8444, bindAddress, sslContext).setHandler(new ProxyHandler(proxy, 30000, ResponseCodeHandler.HANDLE_404)).build();
    reverseProxy.start();
}
Also used : HttpHandler(io.undertow.server.HttpHandler) ProxyHandler(io.undertow.server.handlers.proxy.ProxyHandler) SSLContext(javax.net.ssl.SSLContext) LearningPushHandler(io.undertow.server.handlers.LearningPushHandler) URI(java.net.URI) PathResourceManager(io.undertow.server.handlers.resource.PathResourceManager) LoadBalancingProxyClient(io.undertow.server.handlers.proxy.LoadBalancingProxyClient) HttpServerExchange(io.undertow.server.HttpServerExchange) SessionAttachmentHandler(io.undertow.server.session.SessionAttachmentHandler) SessionCookieConfig(io.undertow.server.session.SessionCookieConfig) UndertowXnioSsl(io.undertow.protocols.ssl.UndertowXnioSsl) Undertow(io.undertow.Undertow) InMemorySessionManager(io.undertow.server.session.InMemorySessionManager)

Aggregations

InMemorySessionManager (io.undertow.server.session.InMemorySessionManager)11 SessionAttachmentHandler (io.undertow.server.session.SessionAttachmentHandler)11 HttpHandler (io.undertow.server.HttpHandler)9 SessionCookieConfig (io.undertow.server.session.SessionCookieConfig)9 HttpServerExchange (io.undertow.server.HttpServerExchange)8 IOException (java.io.IOException)6 Session (io.undertow.server.session.Session)5 SessionManager (io.undertow.server.session.SessionManager)5 HttpString (io.undertow.util.HttpString)4 Undertow (io.undertow.Undertow)3 PathHandler (io.undertow.server.handlers.PathHandler)3 TestHttpClient (io.undertow.testutils.TestHttpClient)3 Header (org.apache.http.Header)3 HttpResponse (org.apache.http.HttpResponse)3 HttpGet (org.apache.http.client.methods.HttpGet)3 Test (org.junit.Test)3 URI (java.net.URI)2 BeforeClass (org.junit.BeforeClass)2 UndertowXnioSsl (io.undertow.protocols.ssl.UndertowXnioSsl)1 AuthenticationMechanism (io.undertow.security.api.AuthenticationMechanism)1