Search in sources :

Example 51 with Request

use of org.apache.catalina.connector.Request in project tomee by apache.

the class TomcatSecurityService method onLogout.

@Override
public void onLogout(final HttpServletRequest request) {
    final Request state = OpenEJBSecurityListener.requests.get();
    final Object webappState = state == null ? null : state.getNote(TomEERealm.SECURITY_NOTE);
    if (webappState != null) {
        exitWebApp(webappState);
    } else {
        super.onLogout(request);
    }
}
Also used : Request(org.apache.catalina.connector.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest)

Example 52 with Request

use of org.apache.catalina.connector.Request in project tomee by apache.

the class TomcatWebAppBuilder method afterStart.

/**
 * {@inheritDoc}
 */
@Override
public void afterStart(final StandardContext standardContext) {
    if (isIgnored(standardContext)) {
        return;
    }
    if (shouldNotDeploy(standardContext)) {
        return;
    }
    final Realm realm = standardContext.getRealm();
    final ClassLoader classLoader = standardContext.getLoader().getClassLoader();
    final Thread thread = Thread.currentThread();
    final ClassLoader originalLoader = thread.getContextClassLoader();
    if (realm != null && !(realm instanceof TomEERealm) && (standardContext.getParent() == null || (!realm.equals(standardContext.getParent().getRealm())))) {
        thread.setContextClassLoader(classLoader);
        try {
            standardContext.setRealm(tomeeRealm(realm));
        } finally {
            thread.setContextClassLoader(originalLoader);
        }
    }
    // if appInfo is null this is a failed deployment... just ignore
    final ContextInfo contextInfo = getContextInfo(standardContext);
    // shouldnt be there after startup (actually we shouldnt need it from info tree but our scanning does)
    contextInfo.module = null;
    if (contextInfo != null && contextInfo.appInfo == null) {
        return;
    } else if (contextInfo == null) {
        // openejb webapp loaded from the LoaderServlet
        return;
    }
    final String id = getId(standardContext);
    WebAppInfo currentWebAppInfo = null;
    for (final WebAppInfo webAppInfo : contextInfo.appInfo.webApps) {
        final String wId = getId(webAppInfo.host, webAppInfo.contextRoot, contextInfo.version);
        if (id.equals(wId)) {
            currentWebAppInfo = webAppInfo;
            break;
        }
    }
    // bind extra stuff at the java:comp level which can only be
    // bound after the context is created
    thread.setContextClassLoader(classLoader);
    final NamingContextListener ncl = standardContext.getNamingContextListener();
    final String listenerName = ncl.getName();
    ContextAccessController.setWritable(listenerName, standardContext.getNamingToken());
    try {
        final Context openejbContext = (Context) getContainerSystem().getJNDIContext().lookup("openejb");
        final Context root = (Context) ContextBindings.getClassLoader().lookup("");
        // usually fails
        final Context comp = (Context) ContextBindings.getClassLoader().lookup("comp");
        // Context root = ncl.getNamingContext();
        // Context comp = (Context) root.lookup("comp");
        safeBind(root, "openejb", openejbContext);
        // add context to WebDeploymentInfo
        if (currentWebAppInfo != null) {
            final WebContext webContext = getContainerSystem().getWebContext(currentWebAppInfo.moduleId);
            if (webContext != null) {
                webContext.setJndiEnc(root);
            }
            try {
                // Bean Validation
                standardContext.getServletContext().setAttribute("javax.faces.validator.beanValidator.ValidatorFactory", openejbContext.lookup(Assembler.VALIDATOR_FACTORY_NAMING_CONTEXT.replaceFirst("openejb", "") + currentWebAppInfo.uniqueId));
            } catch (final NamingException ne) {
                LOGGER.warning("no validator factory found for webapp " + currentWebAppInfo.moduleId);
            }
        }
        try {
            final Class<?> orb = TomcatWebAppBuilder.class.getClassLoader().loadClass("org.omg.CORBA.ORB");
            if (SystemInstance.get().getComponent(orb) != null) {
                safeBind(comp, "ORB", new SystemComponentReference(orb));
            }
        } catch (final NoClassDefFoundError | ClassNotFoundException cnfe) {
        // no-op
        }
        if (SystemInstance.get().getComponent(HandleDelegate.class) != null) {
            safeBind(comp, "HandleDelegate", new SystemComponentReference(HandleDelegate.class));
        }
    } catch (final NamingException e) {
    // no-op
    } finally {
        // see also the start method getContainerSystem().addWebDeployment(webContext);
        try {
            servletContextHandler.getContexts().put(classLoader, standardContext.getServletContext());
            for (final WebAppInfo webAppInfo : contextInfo.appInfo.webApps) {
                final String wId = getId(webAppInfo.host, webAppInfo.contextRoot, contextInfo.version);
                if (id.equals(wId)) {
                    // Allow any post-deployment to happen without the RequestContext of a call to /tomee/ejb
                    final Request request = OpenEJBSecurityListener.requests.get();
                    OpenEJBSecurityListener.requests.remove();
                    SystemInstance.get().fireEvent(new AfterApplicationCreated(contextInfo.appInfo, webAppInfo, standardContext.getServletContext()));
                    if (request != null) {
                        OpenEJBSecurityListener.requests.set(request);
                    }
                    break;
                }
            }
        } finally {
            servletContextHandler.getContexts().remove(classLoader);
        }
        thread.setContextClassLoader(originalLoader);
        ContextAccessController.setReadOnly(listenerName);
    }
    thread.setContextClassLoader(classLoader);
    try {
        // owb integration filters
        final WebBeansContext webBeansContext = getWebBeansContext(contextInfo);
        if (webBeansContext != null) {
            // it is important to have a begin and a end listener
            // to be sure to create contexts before other listeners
            // and destroy contexts after other listeners
            final BeginWebBeansListener beginWebBeansListener = new BeginWebBeansListener(webBeansContext);
            final EndWebBeansListener endWebBeansListener = new EndWebBeansListener(webBeansContext);
            {
                final Object[] appEventListeners = standardContext.getApplicationEventListeners();
                final Object[] newEventListeners = new Object[appEventListeners.length + 2];
                newEventListeners[0] = beginWebBeansListener;
                System.arraycopy(appEventListeners, 0, newEventListeners, 1, appEventListeners.length);
                newEventListeners[newEventListeners.length - 1] = endWebBeansListener;
                standardContext.setApplicationEventListeners(newEventListeners);
            }
            {
                final Object[] lifecycleListeners = standardContext.getApplicationLifecycleListeners();
                final Object[] newLifecycleListeners = new Object[lifecycleListeners.length + 2];
                newLifecycleListeners[0] = beginWebBeansListener;
                System.arraycopy(lifecycleListeners, 0, newLifecycleListeners, 1, lifecycleListeners.length);
                newLifecycleListeners[newLifecycleListeners.length - 1] = endWebBeansListener;
                standardContext.setApplicationLifecycleListeners(newLifecycleListeners);
            }
            // also add the ThreadBindingListener to clean up async thread executions
            {
                WebBeansThreadBindingListener webBeansThreadBindingListener = new WebBeansThreadBindingListener(webBeansContext, standardContext.getThreadBindingListener());
                standardContext.setThreadBindingListener(webBeansThreadBindingListener);
            }
            final ContextsService contextsService = webBeansContext.getContextsService();
            if (CdiAppContextsService.class.isInstance(contextsService)) {
                // here ServletContext is usable
                CdiAppContextsService.class.cast(contextsService).applicationStarted(standardContext.getServletContext());
            }
        } else {
            // just add the end listener to be able to stack tasks to execute at the request end
            final EndWebBeansListener endWebBeansListener = new EndWebBeansListener(webBeansContext);
            {
                final Object[] appEventListeners = standardContext.getApplicationEventListeners();
                final Object[] newEventListeners = new Object[appEventListeners.length + 1];
                System.arraycopy(appEventListeners, 0, newEventListeners, 0, appEventListeners.length);
                newEventListeners[newEventListeners.length - 1] = endWebBeansListener;
                standardContext.setApplicationEventListeners(newEventListeners);
            }
            {
                final Object[] lifecycleListeners = standardContext.getApplicationLifecycleListeners();
                final Object[] newLifecycleListeners = new Object[lifecycleListeners.length + 1];
                System.arraycopy(lifecycleListeners, 0, newLifecycleListeners, 0, lifecycleListeners.length);
                newLifecycleListeners[newLifecycleListeners.length - 1] = endWebBeansListener;
                standardContext.setApplicationLifecycleListeners(newLifecycleListeners);
            }
        }
    } finally {
        thread.setContextClassLoader(originalLoader);
    }
    LinkageErrorProtection.preload(standardContext);
    final Pipeline pipeline = standardContext.getPipeline();
    pipeline.addValve(new OpenEJBValve());
    final String[] valves = SystemInstance.get().getOptions().get("tomee.valves", "").split(" *, *");
    for (final String className : valves) {
        if ("".equals(className)) {
            continue;
        }
        try {
            final Class<?> clazz = classLoader.loadClass(className);
            if (Valve.class.isAssignableFrom(clazz)) {
                final Valve valve = (Valve) clazz.newInstance();
                pipeline.addValve(valve);
            }
        } catch (final Exception e) {
            LOGGER.error("can't add the valve " + className, e);
        }
    }
    // add servlets to webappinfo
    if (currentWebAppInfo != null) {
        for (final String mapping : standardContext.findServletMappings()) {
            final ServletInfo info = new ServletInfo();
            info.servletName = standardContext.findServletMapping(mapping);
            info.mappings.add(mapping);
            final Container container = standardContext.findChild(info.servletName);
            if (container instanceof StandardWrapper) {
                info.servletClass = ((StandardWrapper) container).getServletClass();
            } else {
                info.servletClass = mapping;
            }
            currentWebAppInfo.servlets.add(info);
        }
    }
    addConfiguredDocBases(standardContext, contextInfo);
    ensureMyFacesDontLooseFacesContext(standardContext);
}
Also used : WebContext(org.apache.openejb.core.WebContext) CdiAppContextsService(org.apache.openejb.cdi.CdiAppContextsService) ServletInfo(org.apache.openejb.assembler.classic.ServletInfo) BeginWebBeansListener(org.apache.openejb.server.httpd.BeginWebBeansListener) WebAppInfo(org.apache.openejb.assembler.classic.WebAppInfo) Container(org.apache.catalina.Container) WebBeansContext(org.apache.webbeans.config.WebBeansContext) EndWebBeansListener(org.apache.openejb.server.httpd.EndWebBeansListener) NewEjbAvailableAfterApplicationCreated(org.apache.openejb.assembler.classic.event.NewEjbAvailableAfterApplicationCreated) AfterApplicationCreated(org.apache.tomee.catalina.event.AfterApplicationCreated) RouterValve(org.apache.tomee.catalina.routing.RouterValve) Valve(org.apache.catalina.Valve) NamingException(javax.naming.NamingException) NamingContextListener(org.apache.catalina.core.NamingContextListener) Realm(org.apache.catalina.Realm) WebContext(org.apache.openejb.core.WebContext) InitialContext(javax.naming.InitialContext) WebBeansContext(org.apache.webbeans.config.WebBeansContext) BeanContext(org.apache.openejb.BeanContext) Context(javax.naming.Context) ServletContext(javax.servlet.ServletContext) PolicyContext(org.apache.openejb.assembler.classic.PolicyContext) AppContext(org.apache.openejb.AppContext) StandardContext(org.apache.catalina.core.StandardContext) CdiAppContextsService(org.apache.openejb.cdi.CdiAppContextsService) ContextsService(org.apache.webbeans.spi.ContextsService) WebBeansThreadBindingListener(org.apache.tomee.catalina.cdi.WebBeansThreadBindingListener) Request(org.apache.catalina.connector.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) SystemComponentReference(org.apache.openejb.core.ivm.naming.SystemComponentReference) LifecycleException(org.apache.catalina.LifecycleException) NameNotFoundException(javax.naming.NameNotFoundException) IOException(java.io.IOException) NamingException(javax.naming.NamingException) OpenEJBException(org.apache.openejb.OpenEJBException) OpenEJBRuntimeException(org.apache.openejb.OpenEJBRuntimeException) Pipeline(org.apache.catalina.Pipeline) HandleDelegate(javax.ejb.spi.HandleDelegate) StandardWrapper(org.apache.catalina.core.StandardWrapper)

Example 53 with Request

use of org.apache.catalina.connector.Request in project tomee by apache.

the class ServletContextHandler method invoke.

@Override
public Object invoke(final Object proxy, final Method method, final Object[] args) throws Throwable {
    // ITE are handled by Proxys
    final Request request = OpenEJBSecurityListener.requests.get();
    if (request != null) {
        return method.invoke(request.getServletContext(), args);
    }
    final ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
    final ServletContext c = contexts.get(contextClassLoader);
    if (c != null) {
        return method.invoke(c, args);
    }
    // can be a not container thread so clean it up
    OpenEJBSecurityListener.requests.remove();
    for (final AppContext a : SystemInstance.get().getComponent(ContainerSystem.class).getAppContexts()) {
        for (final WebContext w : a.getWebContexts()) {
            if (w.getClassLoader() == contextClassLoader) {
                // not in CXF so == should be fine
                return method.invoke(w.getServletContext(), args);
            }
        }
    }
    throw new IllegalStateException("Didnt find a web context for " + contextClassLoader);
}
Also used : ContainerSystem(org.apache.openejb.spi.ContainerSystem) WebContext(org.apache.openejb.core.WebContext) AppContext(org.apache.openejb.AppContext) Request(org.apache.catalina.connector.Request) ServletContext(javax.servlet.ServletContext)

Example 54 with Request

use of org.apache.catalina.connector.Request in project Payara by payara.

the class WebProgrammaticLoginImpl method getUnwrappedCoyoteRequest.

// ################### Private Methods
/**
 * Return the unwrapped <code>CoyoteRequest</code> object.
 */
private static Request getUnwrappedCoyoteRequest(HttpServletRequest request) {
    Request unwrappedCoyoteRequest = null;
    ServletRequest servletRequest = request;
    try {
        ServletRequest prevServletRequest = null;
        while (servletRequest != prevServletRequest && servletRequest instanceof ServletRequestWrapper) {
            prevServletRequest = servletRequest;
            servletRequest = ((ServletRequestWrapper) servletRequest).getRequest();
        }
        if (servletRequest instanceof RequestFacade) {
            unwrappedCoyoteRequest = ((RequestFacade) servletRequest).getUnwrappedCoyoteRequest();
        }
    } catch (AccessControlException ex) {
        logger.fine("Programmatic login faiied to get request");
    }
    return unwrappedCoyoteRequest;
}
Also used : ServletRequest(javax.servlet.ServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequestWrapper(javax.servlet.ServletRequestWrapper) Request(org.apache.catalina.connector.Request) ServletRequest(javax.servlet.ServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) AccessControlException(java.security.AccessControlException) RequestFacade(org.apache.catalina.connector.RequestFacade)

Example 55 with Request

use of org.apache.catalina.connector.Request in project Payara by payara.

the class WebProgrammaticLoginImpl method logout.

/**
 * Logout and remove principal in request and session.
 *
 * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
 * @param response HTTP response object provided by called application. It should be an instance of HttpServletResponse.
 * This is not used currently.
 * @returns A Boolean object; true if login succeeded, false otherwise.
 * @see com.sun.enterprise.security.ee.auth.login.ProgrammaticLogin
 * @throws Exception any exception encountered during logout operation
 */
@Override
public Boolean logout(HttpServletRequest request, HttpServletResponse response) throws Exception {
    // Need real request object not facade
    Request unwrappedCoyoteRequest = getUnwrappedCoyoteRequest(request);
    if (unwrappedCoyoteRequest == null) {
        return false;
    }
    // Logout - clears out security context
    WebAndEjbToJaasBridge.logout();
    // Remove principal and auth type from request
    unwrappedCoyoteRequest.setUserPrincipal(null);
    unwrappedCoyoteRequest.setAuthType(null);
    logger.fine("Programmatic logout removed principal from request.");
    // Remove from session if possible.
    Session realSession = getSession(unwrappedCoyoteRequest);
    if (realSession != null) {
        realSession.setPrincipal(null);
        realSession.setAuthType(null);
        if (logger.isLoggable(FINE)) {
            logger.log(FINE, "Programmatic logout removed principal from " + "session.");
        }
    }
    return true;
}
Also used : Request(org.apache.catalina.connector.Request) ServletRequest(javax.servlet.ServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpSession(javax.servlet.http.HttpSession) Session(org.apache.catalina.Session)

Aggregations

Request (org.apache.catalina.connector.Request)80 Test (org.junit.Test)44 Response (org.apache.catalina.connector.Response)16 HttpServletRequest (javax.servlet.http.HttpServletRequest)14 IOException (java.io.IOException)9 HttpSession (javax.servlet.http.HttpSession)9 Context (org.apache.catalina.Context)9 ServletRequest (javax.servlet.ServletRequest)8 Valve (org.apache.catalina.Valve)7 RequestFacade (org.apache.catalina.connector.RequestFacade)7 TesterContext (org.apache.tomcat.unittest.TesterContext)7 HttpServletRequest (jakarta.servlet.http.HttpServletRequest)5 HttpSession (jakarta.servlet.http.HttpSession)5 ServletException (javax.servlet.ServletException)5 Connector (org.apache.catalina.connector.Connector)5 ServletRequest (jakarta.servlet.ServletRequest)4 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)4 ServletRequestWrapper (javax.servlet.ServletRequestWrapper)3 LifecycleException (org.apache.catalina.LifecycleException)3 ServletException (jakarta.servlet.ServletException)2