Search in sources :

Example 16 with ServletRequest

use of jakarta.servlet.ServletRequest in project spring-security by spring-projects.

the class GrantedAuthorityDefaultsJcTests method doFilterIsUserInRole.

// SEC-2926
@Test
public void doFilterIsUserInRole() throws Exception {
    SecurityContext context = SecurityContextHolder.getContext();
    this.request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, context);
    this.chain = new MockFilterChain() {

        @Override
        public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
            HttpServletRequest httpRequest = (HttpServletRequest) request;
            assertThat(httpRequest.isUserInRole("USER")).isTrue();
            assertThat(httpRequest.isUserInRole("INVALID")).isFalse();
            super.doFilter(request, response);
        }
    };
    this.springSecurityFilterChain.doFilter(this.request, this.response, this.chain);
    assertThat(this.chain.getRequest()).isNotNull();
}
Also used : ServletException(jakarta.servlet.ServletException) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ServletRequest(jakarta.servlet.ServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) ServletResponse(jakarta.servlet.ServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) SecurityContext(org.springframework.security.core.context.SecurityContext) IOException(java.io.IOException) MockFilterChain(org.springframework.mock.web.MockFilterChain) Test(org.junit.jupiter.api.Test)

Example 17 with ServletRequest

use of jakarta.servlet.ServletRequest in project tomcat by apache.

the class ApplicationDispatcher method unwrapRequest.

/**
 * Unwrap the request if we have wrapped it.
 */
private void unwrapRequest(State state) {
    if (state.wrapRequest == null) {
        return;
    }
    if (state.outerRequest.isAsyncStarted()) {
        if (!state.outerRequest.getAsyncContext().hasOriginalRequestAndResponse()) {
            return;
        }
    }
    ServletRequest previous = null;
    ServletRequest current = state.outerRequest;
    while (current != null) {
        // If we run into the container request we are done
        if ((current instanceof Request) || (current instanceof RequestFacade)) {
            break;
        }
        // Remove the current request if it is our wrapper
        if (current == state.wrapRequest) {
            ServletRequest next = ((ServletRequestWrapper) current).getRequest();
            if (previous == null) {
                state.outerRequest = next;
            } else {
                ((ServletRequestWrapper) previous).setRequest(next);
            }
            break;
        }
        // Advance to the next request in the chain
        previous = current;
        current = ((ServletRequestWrapper) current).getRequest();
    }
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ServletRequest(jakarta.servlet.ServletRequest) ServletRequestWrapper(jakarta.servlet.ServletRequestWrapper) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) Request(org.apache.catalina.connector.Request) ServletRequest(jakarta.servlet.ServletRequest) RequestFacade(org.apache.catalina.connector.RequestFacade)

Example 18 with ServletRequest

use of jakarta.servlet.ServletRequest in project tomcat by apache.

the class ApplicationDispatcher method wrapRequest.

/**
 * Create and return a request wrapper that has been inserted in the
 * appropriate spot in the request chain.
 */
private ServletRequest wrapRequest(State state) {
    // Locate the request we should insert in front of
    ServletRequest previous = null;
    ServletRequest current = state.outerRequest;
    while (current != null) {
        if (state.hrequest == null && (current instanceof HttpServletRequest)) {
            state.hrequest = (HttpServletRequest) current;
        }
        if (!(current instanceof ServletRequestWrapper)) {
            break;
        }
        if (current instanceof ApplicationHttpRequest) {
            break;
        }
        if (current instanceof ApplicationRequest) {
            break;
        }
        previous = current;
        current = ((ServletRequestWrapper) current).getRequest();
    }
    // Instantiate a new wrapper at this point and insert it in the chain
    ServletRequest wrapper = null;
    if ((current instanceof ApplicationHttpRequest) || (current instanceof Request) || (current instanceof HttpServletRequest)) {
        // Compute a crossContext flag
        HttpServletRequest hcurrent = (HttpServletRequest) current;
        boolean crossContext = false;
        if ((state.outerRequest instanceof ApplicationHttpRequest) || (state.outerRequest instanceof Request) || (state.outerRequest instanceof HttpServletRequest)) {
            HttpServletRequest houterRequest = (HttpServletRequest) state.outerRequest;
            Object contextPath = houterRequest.getAttribute(RequestDispatcher.INCLUDE_CONTEXT_PATH);
            if (contextPath == null) {
                // Forward
                contextPath = houterRequest.getContextPath();
            }
            crossContext = !(context.getPath().equals(contextPath));
        }
        wrapper = new ApplicationHttpRequest(hcurrent, context, crossContext);
    } else {
        wrapper = new ApplicationRequest(current);
    }
    if (previous == null) {
        state.outerRequest = wrapper;
    } else {
        ((ServletRequestWrapper) previous).setRequest(wrapper);
    }
    state.wrapRequest = wrapper;
    return wrapper;
}
Also used : HttpServletRequest(jakarta.servlet.http.HttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ServletRequest(jakarta.servlet.ServletRequest) ServletRequestWrapper(jakarta.servlet.ServletRequestWrapper) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) Request(org.apache.catalina.connector.Request) ServletRequest(jakarta.servlet.ServletRequest)

Example 19 with ServletRequest

use of jakarta.servlet.ServletRequest in project tomcat by apache.

the class ApplicationDispatcher method checkSameObjects.

private void checkSameObjects(ServletRequest appRequest, ServletResponse appResponse) throws ServletException {
    ServletRequest originalRequest = ApplicationFilterChain.getLastServicedRequest();
    ServletResponse originalResponse = ApplicationFilterChain.getLastServicedResponse();
    // Some forwards, eg from valves will not set original values
    if (originalRequest == null || originalResponse == null) {
        return;
    }
    boolean same = false;
    ServletRequest dispatchedRequest = appRequest;
    // find the request that was passed into the service method
    while (originalRequest instanceof ServletRequestWrapper && ((ServletRequestWrapper) originalRequest).getRequest() != null) {
        originalRequest = ((ServletRequestWrapper) originalRequest).getRequest();
    }
    // compare with the dispatched request
    while (!same) {
        if (originalRequest.equals(dispatchedRequest)) {
            same = true;
        }
        if (!same && dispatchedRequest instanceof ServletRequestWrapper) {
            dispatchedRequest = ((ServletRequestWrapper) dispatchedRequest).getRequest();
        } else {
            break;
        }
    }
    if (!same) {
        throw new ServletException(sm.getString("applicationDispatcher.specViolation.request"));
    }
    same = false;
    ServletResponse dispatchedResponse = appResponse;
    // find the response that was passed into the service method
    while (originalResponse instanceof ServletResponseWrapper && ((ServletResponseWrapper) originalResponse).getResponse() != null) {
        originalResponse = ((ServletResponseWrapper) originalResponse).getResponse();
    }
    // compare with the dispatched response
    while (!same) {
        if (originalResponse.equals(dispatchedResponse)) {
            same = true;
        }
        if (!same && dispatchedResponse instanceof ServletResponseWrapper) {
            dispatchedResponse = ((ServletResponseWrapper) dispatchedResponse).getResponse();
        } else {
            break;
        }
    }
    if (!same) {
        throw new ServletException(sm.getString("applicationDispatcher.specViolation.response"));
    }
}
Also used : ServletException(jakarta.servlet.ServletException) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ServletRequest(jakarta.servlet.ServletRequest) ServletResponse(jakarta.servlet.ServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) ServletRequestWrapper(jakarta.servlet.ServletRequestWrapper) ServletResponseWrapper(jakarta.servlet.ServletResponseWrapper)

Example 20 with ServletRequest

use of jakarta.servlet.ServletRequest in project tomcat by apache.

the class TestAsyncContextImpl method testAsyncListenerSupplyRequestResponse.

@Test
public void testAsyncListenerSupplyRequestResponse() {
    final ServletRequest servletRequest = EasyMock.createMock(ServletRequest.class);
    final ServletResponse servletResponse = EasyMock.createMock(ServletResponse.class);
    final AsyncListener listener = new AsyncListener() {

        @Override
        public void onTimeout(AsyncEvent event) throws IOException {
            checkRequestResponse(event);
        }

        @Override
        public void onStartAsync(AsyncEvent event) throws IOException {
            checkRequestResponse(event);
        }

        @Override
        public void onError(AsyncEvent event) throws IOException {
            checkRequestResponse(event);
        }

        @Override
        public void onComplete(AsyncEvent event) throws IOException {
            checkRequestResponse(event);
        }

        private void checkRequestResponse(AsyncEvent event) {
            Assert.assertEquals(servletRequest, event.getSuppliedRequest());
            Assert.assertEquals(servletResponse, event.getSuppliedResponse());
        }
    };
    final Context context = new TesterContext();
    final Response response = new Response();
    final Request request = new Request(null);
    request.setCoyoteRequest(new org.apache.coyote.Request());
    request.getMappingData().context = context;
    final AsyncContextImpl ac = new AsyncContextImpl(request);
    ac.addListener(listener, servletRequest, servletResponse);
    ac.setStarted(context, request, response, true);
    ac.addListener(listener, servletRequest, servletResponse);
    ac.setErrorState(new Exception(), true);
    ac.fireOnComplete();
}
Also used : AsyncContext(jakarta.servlet.AsyncContext) Context(org.apache.catalina.Context) TesterContext(org.apache.tomcat.unittest.TesterContext) ServletRequest(jakarta.servlet.ServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) ServletResponse(jakarta.servlet.ServletResponse) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) Request(org.apache.catalina.connector.Request) ServletRequest(jakarta.servlet.ServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) AsyncEvent(jakarta.servlet.AsyncEvent) URISyntaxException(java.net.URISyntaxException) ServletException(jakarta.servlet.ServletException) IOException(java.io.IOException) ServletResponse(jakarta.servlet.ServletResponse) Response(org.apache.catalina.connector.Response) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) AsyncListener(jakarta.servlet.AsyncListener) TesterContext(org.apache.tomcat.unittest.TesterContext) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Aggregations

ServletRequest (jakarta.servlet.ServletRequest)28 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)17 ServletResponse (jakarta.servlet.ServletResponse)13 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)12 ServletException (jakarta.servlet.ServletException)9 IOException (java.io.IOException)8 Test (org.junit.jupiter.api.Test)5 Request (org.apache.catalina.connector.Request)4 MockFilterChain (org.springframework.mock.web.MockFilterChain)4 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)4 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)4 MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)4 MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)4 ServletRequestWrapper (jakarta.servlet.ServletRequestWrapper)3 RequestDataValueProcessor (org.springframework.web.servlet.support.RequestDataValueProcessor)3 Principal (java.security.Principal)2 HashMap (java.util.HashMap)2 Properties (java.util.Properties)2 Context (org.apache.catalina.Context)2 BeforeEach (org.junit.jupiter.api.BeforeEach)2