Examples with HttpServletRequestWrapper javax.servlet.http.HttpServletRequestWrapper used on opensource projects

Search in sources :

Example 46 with HttpServletRequestWrapper

use of javax.servlet.http.HttpServletRequestWrapper in project roboguice by roboguice.

the class ServletDefinition method doService.

/**
   * Utility that delegates to the actual service method of the servlet wrapped with a contextual
   * request (i.e. with correctly computed path info).
   *
   * We need to suppress deprecation coz we use HttpServletRequestWrapper, which implements
   * deprecated API for backwards compatibility.
   */
void doService(final ServletRequest servletRequest, ServletResponse servletResponse) throws ServletException, IOException {
    HttpServletRequest request = new HttpServletRequestWrapper((HttpServletRequest) servletRequest) {

        private boolean pathComputed;

        private String path;

        private boolean pathInfoComputed;

        private String pathInfo;

        @Override
        public String getPathInfo() {
            if (!isPathInfoComputed()) {
                String servletPath = getServletPath();
                int servletPathLength = servletPath.length();
                String requestUri = getRequestURI();
                pathInfo = requestUri.substring(getContextPath().length()).replaceAll("[/]{2,}", "/");
                // See: https://github.com/google/guice/issues/372
                if (pathInfo.startsWith(servletPath)) {
                    pathInfo = pathInfo.substring(servletPathLength);
                    // then pathinfo is null.
                    if (pathInfo.isEmpty() && servletPathLength > 0) {
                        pathInfo = null;
                    } else {
                        try {
                            pathInfo = new URI(pathInfo).getPath();
                        } catch (URISyntaxException e) {
                        // ugh, just leave it alone then
                        }
                    }
                } else {
                    // we know nothing additional about the URI.
                    pathInfo = null;
                }
                pathInfoComputed = true;
            }
            return pathInfo;
        }

        // NOTE(dhanji): These two are a bit of a hack to help ensure that request dispatcher-sent
        // requests don't use the same path info that was memoized for the original request.
        // NOTE(iqshum): I don't think this is possible, since the dispatcher-sent request would
        // perform its own wrapping.
        private boolean isPathInfoComputed() {
            return pathInfoComputed && servletRequest.getAttribute(REQUEST_DISPATCHER_REQUEST) == null;
        }

        private boolean isPathComputed() {
            return pathComputed && servletRequest.getAttribute(REQUEST_DISPATCHER_REQUEST) == null;
        }

        @Override
        public String getServletPath() {
            return computePath();
        }

        @Override
        public String getPathTranslated() {
            final String info = getPathInfo();
            return (null == info) ? null : getRealPath(info);
        }

        // Memoizer pattern.
        private String computePath() {
            if (!isPathComputed()) {
                String servletPath = super.getServletPath();
                path = patternMatcher.extractPath(servletPath);
                pathComputed = true;
                if (null == path) {
                    path = servletPath;
                }
            }
            return path;
        }
    };
    doServiceImpl(request, (HttpServletResponse) servletResponse);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) URISyntaxException(java.net.URISyntaxException) URI(java.net.URI)

Example 47 with HttpServletRequestWrapper

use of javax.servlet.http.HttpServletRequestWrapper in project roboguice by roboguice.

the class ServletTest method testRequestAndResponseBindings_matchesPassedParameters.

public void testRequestAndResponseBindings_matchesPassedParameters() throws Exception {
    final int[] filterInvoked = new int[1];
    final boolean[] servletInvoked = new boolean[1];
    createInjector(new ServletModule() {

        @Override
        protected void configureServlets() {
            final HttpServletRequest[] previousReq = new HttpServletRequest[1];
            final HttpServletResponse[] previousResp = new HttpServletResponse[1];
            final Provider<ServletRequest> servletReqProvider = getProvider(ServletRequest.class);
            final Provider<HttpServletRequest> reqProvider = getProvider(HttpServletRequest.class);
            final Provider<ServletResponse> servletRespProvider = getProvider(ServletResponse.class);
            final Provider<HttpServletResponse> respProvider = getProvider(HttpServletResponse.class);
            Filter filter = new Filter() {

                public void init(FilterConfig filterConfig) {
                }

                public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
                    filterInvoked[0]++;
                    assertSame(req, servletReqProvider.get());
                    assertSame(req, reqProvider.get());
                    if (previousReq[0] != null) {
                        assertEquals(req, previousReq[0]);
                    }
                    assertSame(resp, servletRespProvider.get());
                    assertSame(resp, respProvider.get());
                    if (previousResp[0] != null) {
                        assertEquals(resp, previousResp[0]);
                    }
                    chain.doFilter(previousReq[0] = new HttpServletRequestWrapper((HttpServletRequest) req), previousResp[0] = new HttpServletResponseWrapper((HttpServletResponse) resp));
                    assertSame(req, reqProvider.get());
                    assertSame(resp, respProvider.get());
                }

                public void destroy() {
                }
            };
            filter("/*").through(filter);
            // filter twice to test wrapping in filters
            filter("/*").through(filter);
            serve("/*").with(new HttpServlet() {

                @Override
                protected void doGet(HttpServletRequest req, HttpServletResponse resp) {
                    servletInvoked[0] = true;
                    assertSame(req, servletReqProvider.get());
                    assertSame(req, reqProvider.get());
                    assertSame(resp, servletRespProvider.get());
                    assertSame(resp, respProvider.get());
                }
            });
        }
    });
    GuiceFilter filter = new GuiceFilter();
    filter.doFilter(newFakeHttpServletRequest(), newFakeHttpServletResponse(), new FilterChain() {

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) {
            throw new IllegalStateException("Shouldn't get here");
        }
    });
    assertEquals(2, filterInvoked[0]);
    assertTrue(servletInvoked[0]);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) ServletTestUtils.newFakeHttpServletRequest(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletRequest) ServletTestUtils.newFakeHttpServletResponse(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletResponse(javax.servlet.ServletResponse) HttpServlet(javax.servlet.http.HttpServlet) FilterChain(javax.servlet.FilterChain) HttpServletResponseWrapper(javax.servlet.http.HttpServletResponseWrapper) ServletTestUtils.newFakeHttpServletResponse(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) Provider(com.google.inject.Provider) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletTestUtils.newFakeHttpServletRequest(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletRequest) ServletException(javax.servlet.ServletException) Filter(javax.servlet.Filter) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) FilterConfig(javax.servlet.FilterConfig)

Example 48 with HttpServletRequestWrapper

use of javax.servlet.http.HttpServletRequestWrapper in project roboguice by roboguice.

the class ServletTest method testRequestAndResponseBindings_wrappingFilter.

public void testRequestAndResponseBindings_wrappingFilter() throws Exception {
    final HttpServletRequest request = newFakeHttpServletRequest();
    final ImmutableMap<String, String[]> wrappedParamMap = ImmutableMap.of("wrap", new String[] { "a", "b" });
    final HttpServletRequestWrapper requestWrapper = new HttpServletRequestWrapper(request) {

        @Override
        public Map getParameterMap() {
            return wrappedParamMap;
        }

        @Override
        public Object getAttribute(String attr) {
            // Ensure that attributes are stored on the original request object.
            throw new UnsupportedOperationException();
        }
    };
    final HttpServletResponse response = newFakeHttpServletResponse();
    final HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(response);
    final boolean[] filterInvoked = new boolean[1];
    final Injector injector = createInjector(new ServletModule() {

        @Override
        protected void configureServlets() {
            filter("/*").through(new Filter() {

                @Inject
                Provider<ServletRequest> servletReqProvider;

                @Inject
                Provider<HttpServletRequest> reqProvider;

                @Inject
                Provider<ServletResponse> servletRespProvider;

                @Inject
                Provider<HttpServletResponse> respProvider;

                public void init(FilterConfig filterConfig) {
                }

                public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
                    filterInvoked[0] = true;
                    assertSame(req, servletReqProvider.get());
                    assertSame(req, reqProvider.get());
                    assertSame(resp, servletRespProvider.get());
                    assertSame(resp, respProvider.get());
                    chain.doFilter(requestWrapper, responseWrapper);
                    assertSame(req, reqProvider.get());
                    assertSame(resp, respProvider.get());
                }

                public void destroy() {
                }
            });
        }
    });
    GuiceFilter filter = new GuiceFilter();
    final boolean[] chainInvoked = new boolean[1];
    FilterChain filterChain = new FilterChain() {

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) {
            chainInvoked[0] = true;
            assertSame(requestWrapper, servletRequest);
            assertSame(requestWrapper, injector.getInstance(ServletRequest.class));
            assertSame(requestWrapper, injector.getInstance(HTTP_REQ_KEY));
            assertSame(responseWrapper, servletResponse);
            assertSame(responseWrapper, injector.getInstance(ServletResponse.class));
            assertSame(responseWrapper, injector.getInstance(HTTP_RESP_KEY));
            assertSame(servletRequest.getParameterMap(), injector.getInstance(REQ_PARAMS_KEY));
            InRequest inRequest = injector.getInstance(InRequest.class);
            assertSame(inRequest, injector.getInstance(InRequest.class));
        }
    };
    filter.doFilter(request, response, filterChain);
    assertTrue(chainInvoked[0]);
    assertTrue(filterInvoked[0]);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) ServletTestUtils.newFakeHttpServletRequest(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletRequest) ServletTestUtils.newFakeHttpServletResponse(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletResponse(javax.servlet.ServletResponse) FilterChain(javax.servlet.FilterChain) HttpServletResponseWrapper(javax.servlet.http.HttpServletResponseWrapper) ServletTestUtils.newFakeHttpServletResponse(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) Provider(com.google.inject.Provider) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletTestUtils.newFakeHttpServletRequest(com.google.inject.servlet.ServletTestUtils.newFakeHttpServletRequest) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) Filter(javax.servlet.Filter) Injector(com.google.inject.Injector) FilterConfig(javax.servlet.FilterConfig)

Example 49 with HttpServletRequestWrapper

use of javax.servlet.http.HttpServletRequestWrapper in project lucene-solr by apache.

the class HadoopAuthFilter method doFilter.

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    // HttpClient 4.4.x throws NPE if query string is null and parsed through URLEncodedUtils.
    // See HTTPCLIENT-1746 and HADOOP-12767
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    String queryString = httpRequest.getQueryString();
    final String nonNullQueryString = queryString == null ? "" : queryString;
    HttpServletRequest requestNonNullQueryString = new HttpServletRequestWrapper(httpRequest) {

        @Override
        public String getQueryString() {
            return nonNullQueryString;
        }
    };
    // include Impersonator User Name in case someone (e.g. logger) wants it
    FilterChain filterChainWrapper = new FilterChain() {

        @Override
        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
            HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
            UserGroupInformation ugi = HttpUserGroupInformation.get();
            if (ugi != null && ugi.getAuthenticationMethod() == UserGroupInformation.AuthenticationMethod.PROXY) {
                UserGroupInformation realUserUgi = ugi.getRealUser();
                if (realUserUgi != null) {
                    httpRequest.setAttribute(KerberosPlugin.IMPERSONATOR_USER_NAME, realUserUgi.getShortUserName());
                }
            }
            filterChain.doFilter(servletRequest, servletResponse);
        }
    };
    super.doFilter(requestNonNullQueryString, response, filterChainWrapper);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) ServletResponse(javax.servlet.ServletResponse) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) FilterChain(javax.servlet.FilterChain) UserGroupInformation(org.apache.hadoop.security.UserGroupInformation) HttpUserGroupInformation(org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation)

Example 50 with HttpServletRequestWrapper

use of javax.servlet.http.HttpServletRequestWrapper in project ddf by codice.

the class AssertionConsumerService method login.

private boolean login(org.opensaml.saml.saml2.core.Response samlResponse) {
    if (!request.isSecure()) {
        return false;
    }
    Map<String, Cookie> cookieMap = HttpUtils.getCookieMap(request);
    if (cookieMap.containsKey("JSESSIONID")) {
        sessionFactory.getOrCreateSession(request).invalidate();
    }
    String assertionValue = DOM2Writer.nodeToString(samlResponse.getAssertions().get(0).getDOM());
    String encodedAssertion;
    try {
        encodedAssertion = RestSecurity.deflateAndBase64Encode(assertionValue);
    } catch (IOException e) {
        LOGGER.info("Unable to deflate and encode assertion.", e);
        return false;
    }
    final String authHeader = RestSecurity.SAML_HEADER_PREFIX + encodedAssertion;
    HttpServletRequestWrapper wrappedRequest = new HttpServletRequestWrapper(request) {

        @Override
        public String getHeader(String name) {
            if (RestSecurity.AUTH_HEADER.equals(name)) {
                return authHeader;
            }
            return super.getHeader(name);
        }

        @Override
        public Object getAttribute(String name) {
            if (ContextPolicy.ACTIVE_REALM.equals(name)) {
                return "idp";
            }
            return super.getAttribute(name);
        }
    };
    SAMLAssertionHandler samlAssertionHandler = new SAMLAssertionHandler();
    LOGGER.trace("Processing SAML assertion with SAML Handler.");
    HandlerResult samlResult = samlAssertionHandler.getNormalizedToken(wrappedRequest, null, null, false);
    if (samlResult.getStatus() != HandlerResult.Status.COMPLETED) {
        LOGGER.debug("Failed to handle SAML assertion.");
        return false;
    }
    request.setAttribute(WebSSOFilter.DDF_AUTHENTICATION_TOKEN, samlResult);
    request.removeAttribute(ContextPolicy.NO_AUTH_POLICY);
    try {
        LOGGER.trace("Trying to login with provided SAML assertion.");
        loginFilter.doFilter(wrappedRequest, null, (servletRequest, servletResponse) -> {
        });
    } catch (IOException | ServletException e) {
        LOGGER.debug("Failed to apply login filter to SAML assertion", e);
        return false;
    }
    return true;
}
Also used : Cookie(javax.servlet.http.Cookie) ServletException(javax.servlet.ServletException) SAMLAssertionHandler(org.codice.ddf.security.handler.saml.SAMLAssertionHandler) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) IOException(java.io.IOException)

Aggregations

HttpServletRequestWrapper (javax.servlet.http.HttpServletRequestWrapper)54 HttpServletRequest (javax.servlet.http.HttpServletRequest)42 HttpServletResponse (javax.servlet.http.HttpServletResponse)17 ServletRequest (javax.servlet.ServletRequest)13 ServletResponse (javax.servlet.ServletResponse)11 IOException (java.io.IOException)10 FilterChain (javax.servlet.FilterChain)10 ServletException (javax.servlet.ServletException)9 Test (org.junit.Test)9 HttpServletResponseWrapper (javax.servlet.http.HttpServletResponseWrapper)8 FilterConfig (javax.servlet.FilterConfig)7 Principal (java.security.Principal)6 Filter (javax.servlet.Filter)6 ArrayList (java.util.ArrayList)5 Provider (com.google.inject.Provider)4 ServletTestUtils.newFakeHttpServletRequest (com.google.inject.servlet.ServletTestUtils.newFakeHttpServletRequest)4 ServletTestUtils.newFakeHttpServletResponse (com.google.inject.servlet.ServletTestUtils.newFakeHttpServletResponse)4 OutputStream (java.io.OutputStream)4 Cookie (javax.servlet.http.Cookie)4 Injector (com.google.inject.Injector)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial