Examples with HttpServletRequest jakarta.servlet.http.HttpServletRequest used on opensource projects
Example 1 with HttpServletRequest
use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.
the class WebSecurity method getRequestMatcherPrivilegeEvaluatorsEntry.
private RequestMatcherEntry<List<WebInvocationPrivilegeEvaluator>> getRequestMatcherPrivilegeEvaluatorsEntry(SecurityFilterChain securityFilterChain) {
List<WebInvocationPrivilegeEvaluator> privilegeEvaluators = new ArrayList<>();
for (Filter filter : securityFilterChain.getFilters()) {
if (filter instanceof FilterSecurityInterceptor) {
DefaultWebInvocationPrivilegeEvaluator defaultWebInvocationPrivilegeEvaluator = new DefaultWebInvocationPrivilegeEvaluator((FilterSecurityInterceptor) filter);
defaultWebInvocationPrivilegeEvaluator.setServletContext(this.servletContext);
privilegeEvaluators.add(defaultWebInvocationPrivilegeEvaluator);
continue;
}
if (filter instanceof AuthorizationFilter) {
AuthorizationManager<HttpServletRequest> authorizationManager = ((AuthorizationFilter) filter).getAuthorizationManager();
privilegeEvaluators.add(new AuthorizationManagerWebInvocationPrivilegeEvaluator(authorizationManager));
}
}
return new RequestMatcherEntry<>(securityFilterChain::matches, privilegeEvaluators);
}
Also used :
DefaultWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
WebInvocationPrivilegeEvaluator(org.springframework.security.web.access.WebInvocationPrivilegeEvaluator)
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator)
AuthorizationManagerWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator)
DefaultWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator)
AuthorizationFilter(org.springframework.security.web.access.intercept.AuthorizationFilter)
Filter(jakarta.servlet.Filter)
DebugFilter(org.springframework.security.web.debug.DebugFilter)
AuthorizationFilter(org.springframework.security.web.access.intercept.AuthorizationFilter)
FilterSecurityInterceptor(org.springframework.security.web.access.intercept.FilterSecurityInterceptor)
ArrayList(java.util.ArrayList)
RequestMatcherEntry(org.springframework.security.web.util.matcher.RequestMatcherEntry)
AuthorizationManagerWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator)
Example 2 with HttpServletRequest
use of jakarta.servlet.http.HttpServletRequest in project spring-security by spring-projects.
the class AuthorizeHttpRequestsConfigurer method configure.
@Override
public void configure(H http) {
AuthorizationManager<HttpServletRequest> authorizationManager = this.registry.createAuthorizationManager();
AuthorizationFilter authorizationFilter = new AuthorizationFilter(authorizationManager);
http.addFilter(postProcess(authorizationFilter));
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
AuthorizationFilter(org.springframework.security.web.access.intercept.AuthorizationFilter)
Example 3 with HttpServletRequest
use of jakarta.servlet.http.HttpServletRequest in project atmosphere by Atmosphere.
the class AtmosphereRequestImpl method cloneRequest.
/**
* Copy the HttpServletRequest content inside an AtmosphereRequest. By default the returned AtmosphereRequest
* is not destroyable.
*
* @param request {@link HttpServletRequest}
* @return an {@link AtmosphereRequest}
*/
public static final AtmosphereRequest cloneRequest(HttpServletRequest request, boolean loadInMemory, boolean copySession, boolean isDestroyable, boolean createSession) {
Builder b;
HttpServletRequest r;
Cookie[] cs = request.getCookies();
Set<Cookie> hs = Collections.synchronizedSet(new HashSet<>());
if (cs != null) {
Collections.addAll(hs, cs);
}
boolean isWrapped = false;
if (AtmosphereRequestImpl.class.isAssignableFrom(request.getClass())) {
b = ((AtmosphereRequestImpl) request).b;
isWrapped = true;
} else {
b = new Builder();
b.request(request);
}
HttpSession session = request.getSession(false);
if (copySession) {
session = request.getSession(createSession);
if (session != null) {
session = new FakeHttpSession(session);
} else {
session = new FakeHttpSession("", null, System.currentTimeMillis(), -1);
}
}
b.servletPath(request.getServletPath()).pathInfo(request.getPathInfo()).contextPath(request.getContextPath()).requestURI(request.getRequestURI()).requestURL(request.getRequestURL().toString()).method(request.getMethod()).serverName(request.getServerName()).serverPort(request.getServerPort()).remoteAddr(request.getRemoteAddr()).remoteHost(request.getRemoteHost()).remotePort(request.getRemotePort()).destroyable(isDestroyable).cookies(hs).session(session).principal(request.getUserPrincipal()).authType(request.getAuthType()).isSSecure(request.isSecure());
if (loadInMemory) {
String s = (String) attributeWithoutException(request, FrameworkConfig.THROW_EXCEPTION_ON_CLONED_REQUEST);
boolean throwException = Boolean.parseBoolean(s);
r = new NoOpsRequest(throwException);
if (isWrapped) {
load(b.request, b);
} else {
load(request, b);
}
b.request(r);
}
return isWrapped ? (AtmosphereRequestImpl) request : b.build();
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
Cookie(jakarta.servlet.http.Cookie)
FakeHttpSession(org.atmosphere.util.FakeHttpSession)
HttpSession(jakarta.servlet.http.HttpSession)
FakeHttpSession(org.atmosphere.util.FakeHttpSession)
Example 4 with HttpServletRequest
use of jakarta.servlet.http.HttpServletRequest in project atmosphere by Atmosphere.
the class AtmosphereRequestImpl method getHeader.
@Override
public String getHeader(String s, boolean checkCase) {
if ("content-type".equalsIgnoreCase(s)) {
return getContentType();
}
String name = b.request.getHeader(s);
if (name == null) {
if (b.headers.get(s) != null) {
return b.headers.get(s);
}
if (s.startsWith(X_ATMOSPHERE) && isNotNoOps()) {
// Craziness with Struts 2 who wraps String attribute as BigDecimal
// https://github.com/Atmosphere/atmosphere/issues/1367
Object o = attributeWithoutException(b.request, s);
if (o == null || String.class.isAssignableFrom(o.getClass())) {
name = (String) o;
} else {
try {
if (HttpServletRequestWrapper.class.isAssignableFrom(b.request.getClass())) {
HttpServletRequest hsr = b.request;
while (hsr instanceof HttpServletRequestWrapper) {
hsr = (HttpServletRequest) ((HttpServletRequestWrapper) hsr).getRequest();
o = attributeWithoutException(hsr, s);
if (o == null || String.class.isAssignableFrom(o.getClass())) {
name = (String) o;
break;
}
}
}
} catch (Exception ex) {
logger.warn("", ex);
}
}
}
}
if (name == null && checkCase) {
return getHeader(s.toLowerCase(), false);
}
if (name == null && "connection".equalsIgnoreCase(s)) {
return "keep-alive";
}
return name;
}
Also used :
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
HttpServletRequestWrapper(jakarta.servlet.http.HttpServletRequestWrapper)
ServletException(jakarta.servlet.ServletException)
IOException(java.io.IOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Example 5 with HttpServletRequest
use of jakarta.servlet.http.HttpServletRequest in project atmosphere by Atmosphere.
the class ContainerInitializer method onStartup.
@Override
public void onStartup(Set<Class<?>> classes, final ServletContext c) {
c.log("Initializing AtmosphereFramework");
for (Map.Entry<String, ? extends ServletRegistration> reg : c.getServletRegistrations().entrySet()) {
String disableSwitchValue = reg.getValue().getInitParameter(ApplicationConfig.DISABLE_ATMOSPHERE_INITIALIZER);
// check if AtmosphereInitializer is disabled via web.xml see: https://github.com/Atmosphere/atmosphere/issues/1695
if (Boolean.parseBoolean(disableSwitchValue)) {
c.log("Container managed initialization disabled for servlet: " + reg.getValue().getName());
continue;
}
if (c.getAttribute(reg.getKey()) == null && IOUtils.isAtmosphere(reg.getValue().getClassName())) {
final AtmosphereFramework framework = AtmosphereFrameworkInitializer.newAtmosphereFramework(c, false, true);
// Hack to make jsr356 works. Pretty ugly.
DefaultAsyncSupportResolver resolver = new DefaultAsyncSupportResolver(framework.getAtmosphereConfig());
List<Class<? extends AsyncSupport>> l = resolver.detectWebSocketPresent(false, true);
// Don't use WebLogic Native WebSocket support if JSR356 is available
int size = c.getServerInfo().toLowerCase().contains("weblogic") ? 1 : 0;
String s = reg.getValue().getInitParameter(ApplicationConfig.PROPERTY_COMET_SUPPORT);
boolean force = c.getServerInfo().toLowerCase().contains("glassfish") || c.getServerInfo().toLowerCase().contains("payara");
if (s != null && s.equals(JSR356AsyncSupport.class.getName())) {
force = true;
} else if (s != null) {
force = false;
}
if (force || l.size() == size && resolver.testClassExists(DefaultAsyncSupportResolver.JSR356_WEBSOCKET)) {
try {
framework.setAsyncSupport(new JSR356AsyncSupport(framework.getAtmosphereConfig(), c));
} catch (IllegalStateException ex) {
framework.initializationError(ex);
}
}
try {
c.addListener(new ServletRequestListener() {
@Override
public void requestDestroyed(ServletRequestEvent sre) {
}
@Override
public void requestInitialized(ServletRequestEvent sre) {
HttpServletRequest r = HttpServletRequest.class.cast(sre.getServletRequest());
AtmosphereConfig config = framework.getAtmosphereConfig();
if (config.isSupportSession() && Utils.webSocketEnabled(r)) {
r.getSession(config.getInitParameter(ApplicationConfig.PROPERTY_SESSION_CREATE, true));
}
}
});
} catch (Throwable t) {
c.log("AtmosphereFramework : Unable to install WebSocket Session Creator", t);
}
try {
s = c.getInitParameter(PROPERTY_SESSION_SUPPORT);
if (s != null) {
boolean sessionSupport = Boolean.valueOf(s);
if (sessionSupport && c.getMajorVersion() > 2) {
c.addListener(SessionSupport.class);
c.log("AtmosphereFramework : Installed " + SessionSupport.class);
}
}
} catch (Throwable t) {
c.log("AtmosphereFramework : SessionSupport error. Make sure you also define {} as a listener in web.xml, see https://github.com/Atmosphere/atmosphere/wiki/Enabling-HttpSession-Support", t);
}
c.setAttribute(reg.getKey(), framework);
}
}
}
Also used :
ServletRequestListener(jakarta.servlet.ServletRequestListener)
JSR356AsyncSupport(org.atmosphere.container.JSR356AsyncSupport)
JSR356AsyncSupport(org.atmosphere.container.JSR356AsyncSupport)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
ServletRequestEvent(jakarta.servlet.ServletRequestEvent)
Map(java.util.Map)
Aggregations
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)334
Test (org.junit.jupiter.api.Test)200
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)93
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)91
MockHttpServletRequest (org.springframework.web.testfixture.servlet.MockHttpServletRequest)67
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)44
Authentication (org.springframework.security.core.Authentication)31
MockHttpServletResponse (org.springframework.web.testfixture.servlet.MockHttpServletResponse)31
Test (org.junit.Test)28
TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)26
IOException (java.io.IOException)22
ServletException (jakarta.servlet.ServletException)21
HashMap (java.util.HashMap)20
HttpServlet (jakarta.servlet.http.HttpServlet)19
FilterChain (jakarta.servlet.FilterChain)17
FilterDef (org.apache.tomcat.util.descriptor.web.FilterDef)16
HttpSession (jakarta.servlet.http.HttpSession)14
MockFilterChain (org.springframework.mock.web.MockFilterChain)14
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)14
ServletRequest (jakarta.servlet.ServletRequest)13
