Example 1 with ServletSessionConfig
use of io.undertow.servlet.api.ServletSessionConfig in project wildfly by wildfly.
the class UndertowDeploymentInfoService method start.
@Override
public synchronized void start(final StartContext startContext) throws StartException {
ClassLoader oldTccl = Thread.currentThread().getContextClassLoader();
try {
Thread.currentThread().setContextClassLoader(module.getClassLoader());
DeploymentInfo deploymentInfo = createServletConfig();
deploymentInfo.setConfidentialPortManager(getConfidentialPortManager());
handleDistributable(deploymentInfo);
if (securityFunction.getOptionalValue() == null) {
handleIdentityManager(deploymentInfo);
handleJASPIMechanism(deploymentInfo);
handleJACCAuthorization(deploymentInfo);
handleAuthManagerLogout(deploymentInfo, mergedMetaData);
if (mergedMetaData.isUseJBossAuthorization()) {
deploymentInfo.setAuthorizationManager(new JbossAuthorizationManager(deploymentInfo.getAuthorizationManager()));
}
}
handleAdditionalAuthenticationMechanisms(deploymentInfo);
SessionConfigMetaData sessionConfig = mergedMetaData.getSessionConfig();
if (sharedSessionManagerConfig != null && sharedSessionManagerConfig.getSessionConfig() != null) {
sessionConfig = sharedSessionManagerConfig.getSessionConfig();
}
ServletSessionConfig config = null;
//default session config
SessionCookieConfig defaultSessionConfig = container.getValue().getSessionCookieConfig();
if (defaultSessionConfig != null) {
config = new ServletSessionConfig();
if (defaultSessionConfig.getName() != null) {
config.setName(defaultSessionConfig.getName());
}
if (defaultSessionConfig.getDomain() != null) {
config.setDomain(defaultSessionConfig.getDomain());
}
if (defaultSessionConfig.getHttpOnly() != null) {
config.setHttpOnly(defaultSessionConfig.getHttpOnly());
}
if (defaultSessionConfig.getSecure() != null) {
config.setSecure(defaultSessionConfig.getSecure());
}
if (defaultSessionConfig.getMaxAge() != null) {
config.setMaxAge(defaultSessionConfig.getMaxAge());
}
if (defaultSessionConfig.getComment() != null) {
config.setComment(defaultSessionConfig.getComment());
}
}
SecureRandomSessionIdGenerator sessionIdGenerator = new SecureRandomSessionIdGenerator();
sessionIdGenerator.setLength(container.getValue().getSessionIdLength());
deploymentInfo.setSessionIdGenerator(sessionIdGenerator);
boolean sessionTimeoutSet = false;
if (sessionConfig != null) {
if (sessionConfig.getSessionTimeoutSet()) {
deploymentInfo.setDefaultSessionTimeout(sessionConfig.getSessionTimeout() * 60);
sessionTimeoutSet = true;
}
CookieConfigMetaData cookieConfig = sessionConfig.getCookieConfig();
if (config == null) {
config = new ServletSessionConfig();
}
if (cookieConfig != null) {
if (cookieConfig.getName() != null) {
config.setName(cookieConfig.getName());
}
if (cookieConfig.getDomain() != null) {
config.setDomain(cookieConfig.getDomain());
}
if (cookieConfig.getComment() != null) {
config.setComment(cookieConfig.getComment());
}
config.setSecure(cookieConfig.getSecure());
config.setPath(cookieConfig.getPath());
config.setMaxAge(cookieConfig.getMaxAge());
config.setHttpOnly(cookieConfig.getHttpOnly());
}
List<SessionTrackingModeType> modes = sessionConfig.getSessionTrackingModes();
if (modes != null && !modes.isEmpty()) {
final Set<SessionTrackingMode> trackingModes = new HashSet<>();
for (SessionTrackingModeType mode : modes) {
switch(mode) {
case COOKIE:
trackingModes.add(SessionTrackingMode.COOKIE);
break;
case SSL:
trackingModes.add(SessionTrackingMode.SSL);
break;
case URL:
trackingModes.add(SessionTrackingMode.URL);
break;
}
}
config.setSessionTrackingModes(trackingModes);
}
}
if (!sessionTimeoutSet) {
deploymentInfo.setDefaultSessionTimeout(container.getValue().getDefaultSessionTimeout() * 60);
}
if (config != null) {
deploymentInfo.setServletSessionConfig(config);
}
for (final SetupAction action : setupActions) {
deploymentInfo.addThreadSetupAction(new UndertowThreadSetupAction(action));
}
if (initialHandlerChainWrappers != null) {
for (HandlerWrapper handlerWrapper : initialHandlerChainWrappers) {
deploymentInfo.addInitialHandlerChainWrapper(handlerWrapper);
}
}
if (innerHandlerChainWrappers != null) {
for (HandlerWrapper handlerWrapper : innerHandlerChainWrappers) {
deploymentInfo.addInnerHandlerChainWrapper(handlerWrapper);
}
}
if (outerHandlerChainWrappers != null) {
for (HandlerWrapper handlerWrapper : outerHandlerChainWrappers) {
deploymentInfo.addOuterHandlerChainWrapper(handlerWrapper);
}
}
if (threadSetupActions != null) {
for (ThreadSetupHandler threadSetupAction : threadSetupActions) {
deploymentInfo.addThreadSetupAction(threadSetupAction);
}
}
deploymentInfo.setServerName(serverEnvironmentInjectedValue.getValue().getProductConfig().getPrettyVersionString());
if (undertowService.getValue().isStatisticsEnabled()) {
deploymentInfo.setMetricsCollector(new UndertowMetricsCollector());
}
ControlPoint controlPoint = controlPointInjectedValue.getOptionalValue();
if (controlPoint != null) {
deploymentInfo.addOuterHandlerChainWrapper(GlobalRequestControllerHandler.wrapper(controlPoint, allowSuspendedRequests));
}
container.getValue().getAuthenticationMechanisms().entrySet().forEach(e -> deploymentInfo.addAuthenticationMechanism(e.getKey(), e.getValue()));
deploymentInfo.setUseCachedAuthenticationMechanism(!deploymentInfo.getAuthenticationMechanisms().containsKey(SingleSignOnService.AUTHENTICATION_MECHANISM_NAME));
this.deploymentInfo = deploymentInfo;
} finally {
Thread.currentThread().setContextClassLoader(oldTccl);
}
}
Also used :
SessionConfigMetaData(org.jboss.metadata.web.spec.SessionConfigMetaData)
JbossAuthorizationManager(org.wildfly.extension.undertow.security.JbossAuthorizationManager)
SessionTrackingMode(javax.servlet.SessionTrackingMode)
CookieConfigMetaData(org.jboss.metadata.web.spec.CookieConfigMetaData)
SetupAction(org.jboss.as.server.deployment.SetupAction)
SecurityContextThreadSetupAction(org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction)
ControlPoint(org.wildfly.extension.requestcontroller.ControlPoint)
ServletSessionConfig(io.undertow.servlet.api.ServletSessionConfig)
HandlerWrapper(io.undertow.server.HandlerWrapper)
ThreadSetupHandler(io.undertow.servlet.api.ThreadSetupHandler)
SecureRandomSessionIdGenerator(io.undertow.server.session.SecureRandomSessionIdGenerator)
SessionCookieConfig(org.wildfly.extension.undertow.SessionCookieConfig)
DeploymentInfo(io.undertow.servlet.api.DeploymentInfo)
WebSocketDeploymentInfo(io.undertow.websockets.jsr.WebSocketDeploymentInfo)
SessionTrackingModeType(org.jboss.metadata.web.spec.SessionTrackingModeType)
LinkedHashSet(java.util.LinkedHashSet)
HashSet(java.util.HashSet)
Example 2 with ServletSessionConfig
use of io.undertow.servlet.api.ServletSessionConfig in project undertow by undertow-io.
the class ServletFormAuthURLRewriteTestCase method setup.
@BeforeClass
public static void setup() throws ServletException {
final PathHandler path = new PathHandler();
final ServletContainer container = ServletContainer.Factory.newInstance();
ServletInfo s = new ServletInfo("servlet", SendUsernameServlet.class).setServletSecurityInfo(new ServletSecurityInfo().addRoleAllowed("role1")).addMapping("/secured/*");
ServletInfo echo = new ServletInfo("echo", EchoServlet.class).setServletSecurityInfo(new ServletSecurityInfo().addRoleAllowed("role1")).addMapping("/secured/echo");
ServletInfo echoParam = new ServletInfo("echoParam", RequestParamEchoServlet.class).setServletSecurityInfo(new ServletSecurityInfo().addRoleAllowed("role1")).addMapping("/secured/echoParam");
ServletInfo s1 = new ServletInfo("loginPage", FormLoginServlet.class).setServletSecurityInfo(new ServletSecurityInfo().addRoleAllowed("group1")).addMapping("/FormLoginServlet");
ServletIdentityManager identityManager = new ServletIdentityManager();
identityManager.addUser("user1", "password1", "role1");
DeploymentInfo builder = new DeploymentInfo().setServletSessionConfig(new ServletSessionConfig().setSessionTrackingModes(Collections.singleton(SessionTrackingMode.URL))).setClassLoader(SimpleServletTestCase.class.getClassLoader()).setContextPath("/servletContext").setClassIntrospecter(TestClassIntrospector.INSTANCE).setDeploymentName("servletContext.war").setAuthenticationMode(AuthenticationMode.CONSTRAINT_DRIVEN).setIdentityManager(identityManager).setLoginConfig(new LoginConfig("FORM", "Test Realm", "/FormLoginServlet", "/error.html")).addServlets(s, s1, echo, echoParam);
DeploymentManager manager = container.addDeployment(builder);
manager.deploy();
path.addPrefixPath(builder.getContextPath(), manager.start());
DefaultServer.setRootHandler(path);
}
Also used :
ServletInfo(io.undertow.servlet.api.ServletInfo)
ServletSecurityInfo(io.undertow.servlet.api.ServletSecurityInfo)
DeploymentManager(io.undertow.servlet.api.DeploymentManager)
ServletContainer(io.undertow.servlet.api.ServletContainer)
LoginConfig(io.undertow.servlet.api.LoginConfig)
PathHandler(io.undertow.server.handlers.PathHandler)
DeploymentInfo(io.undertow.servlet.api.DeploymentInfo)
ServletSessionConfig(io.undertow.servlet.api.ServletSessionConfig)
ServletIdentityManager(io.undertow.servlet.test.security.constraint.ServletIdentityManager)
BeforeClass(org.junit.BeforeClass)
Example 3 with ServletSessionConfig
use of io.undertow.servlet.api.ServletSessionConfig in project undertow by undertow-io.
the class DeploymentManagerImpl method handleDeploymentSessionConfig.
public void handleDeploymentSessionConfig(DeploymentInfo deploymentInfo, ServletContextImpl servletContext) {
SessionCookieConfigImpl sessionCookieConfig = servletContext.getSessionCookieConfig();
ServletSessionConfig sc = deploymentInfo.getServletSessionConfig();
if (sc != null) {
sessionCookieConfig.setName(sc.getName());
sessionCookieConfig.setComment(sc.getComment());
sessionCookieConfig.setDomain(sc.getDomain());
sessionCookieConfig.setHttpOnly(sc.isHttpOnly());
sessionCookieConfig.setMaxAge(sc.getMaxAge());
if (sc.getPath() != null) {
sessionCookieConfig.setPath(sc.getPath());
} else {
sessionCookieConfig.setPath(deploymentInfo.getContextPath());
}
sessionCookieConfig.setSecure(sc.isSecure());
if (sc.getSessionTrackingModes() != null) {
servletContext.setDefaultSessionTrackingModes(new HashSet<>(sc.getSessionTrackingModes()));
}
}
}
Also used :
ServletSessionConfig(io.undertow.servlet.api.ServletSessionConfig)
SessionCookieConfigImpl(io.undertow.servlet.spec.SessionCookieConfigImpl)
Example 4 with ServletSessionConfig
use of io.undertow.servlet.api.ServletSessionConfig in project undertow by undertow-io.
the class CrossContextServletSessionTestCase method createDeployment.
private static void createDeployment(final String name, final ServletContainer container, final PathHandler path) throws ServletException {
ServletInfo s = new ServletInfo("servlet", SessionServlet.class).addMapping("/servlet");
ServletInfo forward = new ServletInfo("forward", ForwardServlet.class).addMapping("/forward");
ServletInfo include = new ServletInfo("include", IncludeServlet.class).addMapping("/include");
DeploymentInfo builder = new DeploymentInfo().setClassLoader(SimpleServletTestCase.class.getClassLoader()).setContextPath("/" + name).setClassIntrospecter(TestClassIntrospector.INSTANCE).setDeploymentName(name + ".war").setServletSessionConfig(new ServletSessionConfig().setPath("/")).addServlets(s, forward, include);
DeploymentManager manager = container.addDeployment(builder);
manager.deploy();
path.addPrefixPath(builder.getContextPath(), manager.start());
}
Also used :
ServletInfo(io.undertow.servlet.api.ServletInfo)
DeploymentManager(io.undertow.servlet.api.DeploymentManager)
DeploymentInfo(io.undertow.servlet.api.DeploymentInfo)
ServletSessionConfig(io.undertow.servlet.api.ServletSessionConfig)
Example 5 with ServletSessionConfig
use of io.undertow.servlet.api.ServletSessionConfig in project undertow by undertow-io.
the class ServletSessionPersistenceTestCase method testSimpleSessionUsage.
@Test
public void testSimpleSessionUsage() throws IOException, ServletException {
final PathHandler pathHandler = new PathHandler();
final ServletContainer container = ServletContainer.Factory.newInstance();
DeploymentInfo builder = new DeploymentInfo().setClassLoader(SimpleServletTestCase.class.getClassLoader()).setContextPath("/servletContext").setClassIntrospecter(TestClassIntrospector.INSTANCE).setDeploymentName("servletContext.war").setSessionPersistenceManager(new InMemorySessionPersistence()).setServletSessionConfig(new ServletSessionConfig().setPath("/servletContext/aa")).addServlets(new ServletInfo("servlet", SessionServlet.class).addMapping("/aa/b"));
DeploymentManager manager = container.addDeployment(builder);
manager.deploy();
try {
pathHandler.addPrefixPath(builder.getContextPath(), manager.start());
} catch (ServletException e) {
throw new RuntimeException(e);
}
DefaultServer.setRootHandler(pathHandler);
TestHttpClient client = new TestHttpClient();
try {
HttpGet get = new HttpGet(DefaultServer.getDefaultServerURL() + "/servletContext/aa/b");
HttpResponse result = client.execute(get);
Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
String response = HttpClientUtils.readResponse(result);
Assert.assertEquals("1", response);
String cookieValue = result.getHeaders("Set-Cookie")[0].getValue();
Assert.assertTrue(cookieValue, cookieValue.contains("JSESSIONID"));
Assert.assertTrue(cookieValue, cookieValue.contains("/servletContext/aa"));
result = client.execute(get);
Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
response = HttpClientUtils.readResponse(result);
Assert.assertEquals("2", response);
manager.stop();
manager.undeploy();
manager.deploy();
pathHandler.addPrefixPath(builder.getContextPath(), manager.start());
result = client.execute(get);
Assert.assertEquals(StatusCodes.OK, result.getStatusLine().getStatusCode());
response = HttpClientUtils.readResponse(result);
Assert.assertEquals("3", response);
} finally {
client.getConnectionManager().shutdown();
}
}
Also used :
DeploymentManager(io.undertow.servlet.api.DeploymentManager)
HttpGet(org.apache.http.client.methods.HttpGet)
PathHandler(io.undertow.server.handlers.PathHandler)
HttpResponse(org.apache.http.HttpResponse)
ServletSessionConfig(io.undertow.servlet.api.ServletSessionConfig)
SimpleServletTestCase(io.undertow.servlet.test.SimpleServletTestCase)
TestHttpClient(io.undertow.testutils.TestHttpClient)
ServletInfo(io.undertow.servlet.api.ServletInfo)
ServletException(javax.servlet.ServletException)
ServletContainer(io.undertow.servlet.api.ServletContainer)
InMemorySessionPersistence(io.undertow.servlet.util.InMemorySessionPersistence)
DeploymentInfo(io.undertow.servlet.api.DeploymentInfo)
Test(org.junit.Test)
Aggregations
ServletSessionConfig (io.undertow.servlet.api.ServletSessionConfig)5
DeploymentInfo (io.undertow.servlet.api.DeploymentInfo)4
DeploymentManager (io.undertow.servlet.api.DeploymentManager)3
ServletInfo (io.undertow.servlet.api.ServletInfo)3
PathHandler (io.undertow.server.handlers.PathHandler)2
ServletContainer (io.undertow.servlet.api.ServletContainer)2
HandlerWrapper (io.undertow.server.HandlerWrapper)1
SecureRandomSessionIdGenerator (io.undertow.server.session.SecureRandomSessionIdGenerator)1
LoginConfig (io.undertow.servlet.api.LoginConfig)1
ServletSecurityInfo (io.undertow.servlet.api.ServletSecurityInfo)1
ThreadSetupHandler (io.undertow.servlet.api.ThreadSetupHandler)1
SessionCookieConfigImpl (io.undertow.servlet.spec.SessionCookieConfigImpl)1
SimpleServletTestCase (io.undertow.servlet.test.SimpleServletTestCase)1
ServletIdentityManager (io.undertow.servlet.test.security.constraint.ServletIdentityManager)1
InMemorySessionPersistence (io.undertow.servlet.util.InMemorySessionPersistence)1
TestHttpClient (io.undertow.testutils.TestHttpClient)1
WebSocketDeploymentInfo (io.undertow.websockets.jsr.WebSocketDeploymentInfo)1
HashSet (java.util.HashSet)1
LinkedHashSet (java.util.LinkedHashSet)1
ServletException (javax.servlet.ServletException)1
