Examples with HttpServletRequest javax.servlet.http.HttpServletRequest used on opensource projects

Search in sources :

Example 91 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project zeppelin by apache.

the class CorsFilterTest method InvalidCorsFilterTest.

@Test
@SuppressWarnings("rawtypes")
public void InvalidCorsFilterTest() throws IOException, ServletException {
    CorsFilter filter = new CorsFilter();
    HttpServletResponse mockResponse = mock(HttpServletResponse.class);
    FilterChain mockedFilterChain = mock(FilterChain.class);
    HttpServletRequest mockRequest = mock(HttpServletRequest.class);
    when(mockRequest.getHeader("Origin")).thenReturn("http://evillocalhost:8080");
    when(mockRequest.getMethod()).thenReturn("Empty");
    when(mockRequest.getServerName()).thenReturn("evillocalhost");
    doAnswer(new Answer() {

        @Override
        public Object answer(InvocationOnMock invocationOnMock) throws Throwable {
            headers[count] = invocationOnMock.getArguments()[1].toString();
            count++;
            return null;
        }
    }).when(mockResponse).addHeader(anyString(), anyString());
    filter.doFilter(mockRequest, mockResponse, mockedFilterChain);
    Assert.assertTrue(headers[0].equals(""));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Answer(org.mockito.stubbing.Answer) InvocationOnMock(org.mockito.invocation.InvocationOnMock) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) Test(org.junit.Test)

Example 92 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project cas by apereo.

the class AbstractWebApplicationServiceResponseBuilder method getWebApplicationServiceResponseType.

/**
     * Determine response type response.
     *
     * @return the response type
     */
protected Response.ResponseType getWebApplicationServiceResponseType() {
    final HttpServletRequest request = WebUtils.getHttpServletRequestFromRequestAttributes();
    final String method = request != null ? request.getParameter(CasProtocolConstants.PARAMETER_METHOD) : null;
    return StringUtils.isNotBlank(method) && HttpMethod.POST.name().equalsIgnoreCase(method) ? Response.ResponseType.POST : Response.ResponseType.REDIRECT;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest)

Example 93 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project cas by apereo.

the class RequestParameterMultifactorAuthenticationPolicyEventResolver method resolveInternal.

@Override
public Set<Event> resolveInternal(final RequestContext context) {
    final RegisteredService service = resolveRegisteredServiceInRequestContext(context);
    final Authentication authentication = WebUtils.getAuthentication(context);
    if (service == null || authentication == null) {
        LOGGER.debug("No service or authentication is available to determine event for principal");
        return null;
    }
    if (StringUtils.isBlank(mfaRequestParameter)) {
        LOGGER.debug("No request parameter is defined to trigger multifactor authentication.");
        return null;
    }
    final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
    final String[] values = request.getParameterValues(mfaRequestParameter);
    if (values != null && values.length > 0) {
        LOGGER.debug("Received request parameter [{}] as [{}]", mfaRequestParameter, values);
        final Map<String, MultifactorAuthenticationProvider> providerMap = WebUtils.getAvailableMultifactorAuthenticationProviders(this.applicationContext);
        if (providerMap == null || providerMap.isEmpty()) {
            LOGGER.error("No multifactor authentication providers are available in the application context to satisfy [{}]", (Object[]) values);
            throw new AuthenticationException();
        }
        final Optional<MultifactorAuthenticationProvider> providerFound = resolveProvider(providerMap, values[0]);
        if (providerFound.isPresent()) {
            final MultifactorAuthenticationProvider provider = providerFound.get();
            if (provider.isAvailable(service)) {
                LOGGER.debug("Attempting to build an event based on the authentication provider [{}] and service [{}]", provider, service.getName());
                final Event event = validateEventIdForMatchingTransitionInContext(provider.getId(), context, buildEventAttributeMap(authentication.getPrincipal(), service, provider));
                return Collections.singleton(event);
            }
            LOGGER.warn("Located multifactor provider [{}], yet the provider cannot be reached or verified", providerFound.get());
            return null;
        } else {
            LOGGER.warn("No multifactor provider could be found for request parameter [{}]", (Object[]) values);
            throw new AuthenticationException();
        }
    }
    LOGGER.debug("No value could be found for request parameter [{}]", mfaRequestParameter);
    return null;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) RegisteredService(org.apereo.cas.services.RegisteredService) AuthenticationException(org.apereo.cas.authentication.AuthenticationException) Authentication(org.apereo.cas.authentication.Authentication) Event(org.springframework.webflow.execution.Event) MultifactorAuthenticationProvider(org.apereo.cas.services.MultifactorAuthenticationProvider)

Example 94 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project cas by apereo.

the class InitialFlowSetupAction method configureWebflowContext.

private void configureWebflowContext(final RequestContext context) {
    final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
    WebUtils.putTicketGrantingTicketInScopes(context, this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request));
    WebUtils.putGoogleAnalyticsTrackingIdIntoFlowScope(context, casProperties.getGoogleAnalytics().getGoogleAnalyticsTrackingId());
    WebUtils.putWarningCookie(context, Boolean.valueOf(this.warnCookieGenerator.retrieveCookieValue(request)));
    WebUtils.putGeoLocationTrackingIntoFlowScope(context, casProperties.getEvents().isTrackGeolocation());
    WebUtils.putRecaptchaSiteKeyIntoFlowScope(context, casProperties.getGoogleRecaptcha().getSiteKey());
    WebUtils.putStaticAuthenticationIntoFlowScope(context, StringUtils.isNotBlank(casProperties.getAuthn().getAccept().getUsers()) || StringUtils.isNotBlank(casProperties.getAuthn().getReject().getUsers()));
    WebUtils.putPasswordManagementEnabled(context, casProperties.getAuthn().getPm().isEnabled());
    WebUtils.putRememberMeAuthenticationEnabled(context, casProperties.getTicket().getTgt().getRememberMe().isEnabled());
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest)

Example 95 with HttpServletRequest

use of javax.servlet.http.HttpServletRequest in project cas by apereo.

the class LogoutAction method doInternalExecute.

@Override
protected Event doInternalExecute(final HttpServletRequest request, final HttpServletResponse response, final RequestContext context) throws Exception {
    boolean needFrontSlo = false;
    final List<LogoutRequest> logoutRequests = WebUtils.getLogoutRequests(context);
    if (logoutRequests != null) {
        // if some logout request must still be attempted
        needFrontSlo = logoutRequests.stream().anyMatch(logoutRequest -> logoutRequest.getStatus() == LogoutRequestStatus.NOT_ATTEMPTED);
    }
    final String paramName = StringUtils.defaultIfEmpty(logoutProperties.getRedirectParameter(), CasProtocolConstants.PARAMETER_SERVICE);
    LOGGER.debug("Using parameter name [{}] to detect destination service, if any", paramName);
    final String service = request.getParameter(paramName);
    LOGGER.debug("Located target service [{}] for redirection after logout", paramName);
    if (logoutProperties.isFollowServiceRedirects() && StringUtils.isNotBlank(service)) {
        final Service webAppService = webApplicationServiceFactory.createService(service);
        final RegisteredService rService = this.servicesManager.findServiceBy(webAppService);
        if (rService != null && rService.getAccessStrategy().isServiceAccessAllowed()) {
            LOGGER.debug("Redirecting to service [{}]", service);
            WebUtils.putLogoutRedirectUrl(context, service);
        } else {
            LOGGER.warn("Cannot redirect to [{}] given the service is unauthorized to use CAS. " + "Ensure the service is registered with CAS and is enabled to allowed access", service);
        }
    } else {
        LOGGER.debug("No target service is located for redirection after logout, or CAS is not allowed to follow redirects after logout");
    }
    // there are some front services to logout, perform front SLO
    if (needFrontSlo) {
        LOGGER.debug("Proceeding forward with front-channel single logout");
        return new Event(this, FRONT_EVENT);
    }
    LOGGER.debug("Moving forward to finish the logout process");
    return new Event(this, FINISH_EVENT);
}
Also used : CasProtocolConstants(org.apereo.cas.CasProtocolConstants) LogoutRequest(org.apereo.cas.logout.LogoutRequest) Logger(org.slf4j.Logger) LoggerFactory(org.slf4j.LoggerFactory) HttpServletResponse(javax.servlet.http.HttpServletResponse) LogoutRequestStatus(org.apereo.cas.logout.LogoutRequestStatus) LogoutProperties(org.apereo.cas.configuration.model.core.logout.LogoutProperties) StringUtils(org.apache.commons.lang3.StringUtils) RequestContext(org.springframework.webflow.execution.RequestContext) RegisteredService(org.apereo.cas.services.RegisteredService) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) HttpServletRequest(javax.servlet.http.HttpServletRequest) List(java.util.List) Service(org.apereo.cas.authentication.principal.Service) WebUtils(org.apereo.cas.web.support.WebUtils) ServiceFactory(org.apereo.cas.authentication.principal.ServiceFactory) Event(org.springframework.webflow.execution.Event) ServicesManager(org.apereo.cas.services.ServicesManager) RegisteredService(org.apereo.cas.services.RegisteredService) RegisteredService(org.apereo.cas.services.RegisteredService) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) Service(org.apereo.cas.authentication.principal.Service) Event(org.springframework.webflow.execution.Event) LogoutRequest(org.apereo.cas.logout.LogoutRequest)

Aggregations

HttpServletRequest (javax.servlet.http.HttpServletRequest)2488 HttpServletResponse (javax.servlet.http.HttpServletResponse)1308 Test (org.junit.Test)987 IOException (java.io.IOException)595 ServletException (javax.servlet.ServletException)498 AbstractHandler (org.eclipse.jetty.server.handler.AbstractHandler)223 FilterChain (javax.servlet.FilterChain)200 ContentResponse (org.eclipse.jetty.client.api.ContentResponse)196 Test (org.testng.annotations.Test)168 Request (org.eclipse.jetty.server.Request)164 CountDownLatch (java.util.concurrent.CountDownLatch)160 HttpServlet (javax.servlet.http.HttpServlet)156 HttpSession (javax.servlet.http.HttpSession)150 HashMap (java.util.HashMap)130 PrintWriter (java.io.PrintWriter)121 Map (java.util.Map)100 InterruptedIOException (java.io.InterruptedIOException)97 ServletRequest (javax.servlet.ServletRequest)95 ServletContext (javax.servlet.ServletContext)91 ServletOutputStream (javax.servlet.ServletOutputStream)90
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial