org.apache.catalina.connector.Request Java Examples
The following examples show how to use
org.apache.catalina.connector.Request.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SessionFlushValve.java From session-managers with Apache License 2.0 | 6 votes |
|
@Override
public void invoke(final Request request, final Response response) {
this.lockTemplate.withReadLock(new LockTemplate.LockedOperation<Void>() {
@Override
public Void invoke() throws IOException, ServletException {
try {
SessionFlushValve.this.next.invoke(request, response);
} finally {
Session session = request.getSessionInternal(false);
if (session != null && session.isValid()) {
SessionFlushValve.this.store.save(session);
}
}
return null;
}
});
}
Example #2
| Source File: AccessLogValve.java From tomcatsrc with Apache License 2.0 | 6 votes |
|
@Override
public void addElement(StringBuilder buf, Date date, Request request,
Response response, long time) {
Object value = null;
if (request != null) {
value = request.getAttribute(header);
} else {
value = "??";
}
if (value != null) {
if (value instanceof String) {
buf.append((String) value);
} else {
buf.append(value.toString());
}
} else {
buf.append('-');
}
}
Example #3
| Source File: AuthenticatorBase.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
/**
* Look for the X509 certificate chain in the Request under the key
* <code>javax.servlet.request.X509Certificate</code>. If not found, trigger
* extracting the certificate chain from the Coyote request.
*
* @param request
* Request to be processed
*
* @return The X509 certificate chain if found, <code>null</code> otherwise.
*/
protected X509Certificate[] getRequestCertificates(final Request request)
throws IllegalStateException {
X509Certificate certs[] =
(X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
if ((certs == null) || (certs.length < 1)) {
try {
request.getCoyoteRequest().action(ActionCode.REQ_SSL_CERTIFICATE, null);
certs = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR);
} catch (IllegalStateException ise) {
// Request body was too large for save buffer
// Return null which will trigger an auth failure
}
}
return certs;
}
Example #4
| Source File: AbstractAccessLogValve.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
@Override
public void addElement(CharArrayWriter buf, Date date, Request request,
Response response, long time) {
if (millis) {
buf.append(Long.toString(time));
} else {
// second
buf.append(Long.toString(time / 1000));
buf.append('.');
int remains = (int) (time % 1000);
buf.append(Long.toString(remains / 100));
remains = remains % 100;
buf.append(Long.toString(remains / 10));
buf.append(Long.toString(remains % 10));
}
}
Example #5
| Source File: WebappAuthenticationValve.java From carbon-device-mgt with Apache License 2.0 | 6 votes |
|
private void processRequest(Request request, Response response, CompositeValve compositeValve,
AuthenticationInfo authenticationInfo) {
switch (authenticationInfo.getStatus()) {
case SUCCESS:
case CONTINUE:
this.getNext().invoke(request, response, compositeValve);
break;
case FAILURE:
String msg = "Failed to authorize incoming request";
if (authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) {
msg = authenticationInfo.getMessage();
response.setHeader("WWW-Authenticate", "Basic");
}
if (log.isDebugEnabled()) {
log.debug(msg + " , API : " + Encode.forUriComponent(request.getRequestURI()));
}
AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
break;
}
}
Example #6
| Source File: AuthenticationFrameworkUtil.java From carbon-device-mgt with Apache License 2.0 | 6 votes |
|
static void handleResponse(Request request, Response response, int statusCode, String payload) {
response.setStatus(statusCode);
String targetResponseContentType =
request.getHeader(Constants.HTTPHeaders.HEADER_HTTP_ACCEPT);
if (targetResponseContentType != null && !"".equals(targetResponseContentType) &&
!Constants.ContentTypes.CONTENT_TYPE_ANY.equals(targetResponseContentType)) {
response.setContentType(targetResponseContentType);
} else {
response.setContentType(Constants.ContentTypes.CONTENT_TYPE_APPLICATION_XML);
}
response.setCharacterEncoding("UTF-8");
try {
response.getWriter().write(payload);
} catch (IOException e) {
log.error("Error occurred while sending faulty response back to the client", e);
}
}
Example #7
| Source File: RedisSessionRequestValve.java From redis-session-manager with Apache License 2.0 | 6 votes |
|
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
Context context = request.getContext();
if (context == null) {
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, sm.getString("standardHost.noContext"));
return;
}
Thread.currentThread().setContextClassLoader(context.getLoader().getClassLoader());
boolean processed = false;
try {
if (ignorePattern == null || !ignorePattern.matcher(request.getRequestURI()).matches()) {
processed = true;
if (log.isTraceEnabled()) {
log.trace("Will save to redis after request for [" + getQueryString(request) + "]");
}
} else {
if (log.isTraceEnabled()) {
log.trace("Ignoring [" + getQueryString(request) + "]");
}
}
getNext().invoke(request, response);
} finally {
manager.afterRequest(processed);
}
}
Example #8
| Source File: JvmRouteBinderValve.java From tomcatsrc with Apache License 2.0 | 6 votes |
|
/**
* Detect possible the JVMRoute change at cluster backup node..
*
* @param request
* tomcat request being processed
* @param response
* tomcat response being processed
* @exception IOException
* if an input/output error has occurred
* @exception ServletException
* if a servlet error has occurred
*/
@Override
public void invoke(Request request, Response response) throws IOException,
ServletException {
if (getEnabled() &&
request.getContext() != null &&
request.getContext().getDistributable() &&
!request.isAsyncDispatching()) {
// valve cluster can access manager - other cluster handle turnover
// at host level - hopefully!
Manager manager = request.getContext().getManager();
if (manager != null && (
(manager instanceof ClusterManager
&& getCluster() != null
&& getCluster().getManager(((ClusterManager)manager).getName()) != null)
||
(manager instanceof PersistentManager)))
handlePossibleTurnover(request);
}
// Pass this request on to the next valve in our pipeline
getNext().invoke(request, response);
}
Example #9
| Source File: JvmRouteBinderValve.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
/**
* handle possible session turn over.
*
* @see JvmRouteBinderValve#handleJvmRoute(Request, String, String)
* @param request current request
*/
protected void handlePossibleTurnover(Request request) {
String sessionID = request.getRequestedSessionId() ;
if (sessionID != null) {
long t1 = System.currentTimeMillis();
String jvmRoute = getLocalJvmRoute(request);
if (jvmRoute == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("jvmRoute.missingJvmRouteAttribute"));
}
return;
}
handleJvmRoute( request, sessionID, jvmRoute);
if (log.isDebugEnabled()) {
long t2 = System.currentTimeMillis();
long time = t2 - t1;
log.debug(sm.getString("jvmRoute.turnoverInfo", Long.valueOf(time)));
}
}
}
Example #10
| Source File: CdiEventRealm.java From tomee with Apache License 2.0 | 5 votes |
|
@Override
public SecurityConstraint[] findSecurityConstraints(final Request request, final Context context) {
final SecurityConstraint[] sc = super.findSecurityConstraints(request, context);
if (beanManager() == null) {
return sc;
}
final FindSecurityConstraintsEvent event = new FindSecurityConstraintsEvent(request.getRequest(), context.getPath());
beanManager().fireEvent(event);
if (!event.getRoles().isEmpty()) {
final SecurityConstraint s = new SecurityConstraint();
final SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*"); // only for the current request
collection.addMethod(request.getMethod());
s.addCollection(collection);
if (event.getUserConstraint() != null) {
s.setUserConstraint(event.getUserConstraint());
}
for(final String r: event.getRoles()) {
s.addAuthRole(r);
}
return new SecurityConstraint[] { s };
}
return sc;
}
Example #11
| Source File: AccessLogValve.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public void addElement(StringBuilder buf, Date date, Request request,
Response response, long time) {
if (request == null) {
buf.append('-');
} else {
Session session = request.getSessionInternal(false);
if (session == null) {
buf.append('-');
} else {
buf.append(session.getIdInternal());
}
}
}
Example #12
| Source File: AbstractAccessLogValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void addElement(CharArrayWriter buf, Date date, Request request,
Response response, long time) {
if (request != null) {
String value = request.getRemoteUser();
if (value != null) {
buf.append(value);
} else {
buf.append('-');
}
} else {
buf.append('-');
}
}
Example #13
| Source File: OpenEJBSecurityListener.java From tomee with Apache License 2.0 | 5 votes |
|
@Override
public void invoke(final Request request, final Response response) throws IOException, ServletException {
requests.set(request);
try {
getNext().invoke(request, response);
} finally {
requests.remove();
}
}
Example #14
| Source File: TestRemoteIpValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Test
public void testInvokeUntrustedProxyInTheChain() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for")
.setString("140.211.11.130, proxy1, untrusted-proxy, proxy2");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
String actualXForwardedFor = remoteAddrAndHostTrackerValve.getForwardedFor();
Assert.assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130, proxy1", actualXForwardedFor);
String actualXForwardedBy = remoteAddrAndHostTrackerValve.getForwardedBy();
Assert.assertEquals("ip/host after untrusted-proxy must appear in x-forwarded-by", "proxy2", actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
Assert.assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);
String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
Assert.assertEquals("remoteHost", "untrusted-proxy", actualRemoteHost);
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
Assert.assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);
String actualPostInvokeRemoteHost = request.getRemoteHost();
Assert.assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
Example #15
| Source File: AccessLogValve.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public void addElement(StringBuilder buf, Date date, Request request,
Response response, long time) {
if (requestAttributesEnabled) {
Object addr = request.getAttribute(REMOTE_ADDR_ATTRIBUTE);
if (addr == null) {
buf.append(request.getRemoteAddr());
} else {
buf.append(addr);
}
} else {
buf.append(request.getRemoteAddr());
}
}
Example #16
| Source File: AuthenticatorBase.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Attempts reauthentication to the <code>Realm</code> using
* the credentials included in argument <code>entry</code>.
*
* @param ssoId identifier of SingleSignOn session with which the
* caller is associated
* @param request the request that needs to be authenticated
*/
protected boolean reauthenticateFromSSO(String ssoId, Request request) {
if (sso == null || ssoId == null)
return false;
boolean reauthenticated = false;
Container parent = getContainer();
if (parent != null) {
Realm realm = parent.getRealm();
if (realm != null) {
reauthenticated = sso.reauthenticate(ssoId, realm, request);
}
}
if (reauthenticated) {
associate(ssoId, request.getSessionInternal(true));
if (log.isDebugEnabled()) {
log.debug(" Reauthenticated cached principal '" +
request.getUserPrincipal().getName() +
"' with auth type '" + request.getAuthType() + "'");
}
}
return reauthenticated;
}
Example #17
| Source File: TestCometProcessor.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public void invoke(Request request, Response response)
throws IOException, ServletException {
CometEventImpl event = new CometEventImpl(request, response);
getNext().invoke(request, response);
if (request.isComet()) {
Thread t = new AsyncCometCloseThread(event);
t.start();
}
}
Example #18
| Source File: DigestAuthenticator.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Generate a unique token. The token is generated according to the
* following pattern. NOnceToken = Base64 ( MD5 ( client-IP ":"
* time-stamp ":" private-key ) ).
*
* @param request HTTP Servlet request
*/
protected String generateNonce(Request request) {
long currentTime = System.currentTimeMillis();
synchronized (lastTimestampLock) {
if (currentTime > lastTimestamp) {
lastTimestamp = currentTime;
} else {
currentTime = ++lastTimestamp;
}
}
String ipTimeKey =
request.getRemoteAddr() + ":" + currentTime + ":" + getKey();
byte[] buffer = ConcurrentMessageDigest.digestMD5(
ipTimeKey.getBytes(B2CConverter.ISO_8859_1));
String nonce = currentTime + ":" + MD5Encoder.encode(buffer);
NonceInfo info = new NonceInfo(currentTime, getNonceCountWindowSize());
synchronized (nonces) {
nonces.put(nonce, info);
}
return nonce;
}
Example #19
| Source File: AccessLogValve.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public void addElement(StringBuilder buf, Date date, Request request,
Response response, long time) {
long commitTime = response.getCoyoteResponse().getCommitTime();
if (commitTime == -1) {
buf.append('-');
} else {
long delta =
commitTime - request.getCoyoteRequest().getStartTime();
buf.append(Long.toString(delta));
}
}
Example #20
| Source File: TestMimeHeadersIntegration.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void log(Request request, Response response, long time) {
super.log(request, response, time);
try {
MimeHeaders mh = request.getCoyoteRequest().getMimeHeaders();
Field headersArrayField = MimeHeaders.class
.getDeclaredField("headers");
headersArrayField.setAccessible(true);
arraySize = ((Object[]) headersArrayField.get(mh)).length;
} catch (Exception ex) {
Assert.assertNull(ex.getMessage(), ex);
}
}
Example #21
| Source File: AccessLogValve.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public void addElement(StringBuilder buf, Date date, Request request,
Response response, long time) {
if (request != null) {
String value = request.getRemoteUser();
if (value != null) {
buf.append(value);
} else {
buf.append('-');
}
} else {
buf.append('-');
}
}
Example #22
| Source File: JvmRouteBinderValve.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Change Request Session id
* @param request current request
* @param sessionId
* original session id
* @param newSessionID
* new session id for node migration
*/
protected void changeRequestSessionID(Request request, String sessionId, String newSessionID) {
request.changeSessionId(newSessionID);
// set original sessionid at request, to allow application detect the
// change
if (sessionIdAttribute != null && !"".equals(sessionIdAttribute)) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("jvmRoute.set.orignalsessionid",sessionIdAttribute,sessionId));
}
request.setAttribute(sessionIdAttribute, sessionId);
}
}
Example #23
| Source File: AbstractAccessLogValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void addElement(CharArrayWriter buf, Date date, Request request,
Response response, long time) {
if (requestAttributesEnabled) {
Object proto = request.getAttribute(PROTOCOL_ATTRIBUTE);
if (proto == null) {
buf.append(request.getProtocol());
} else {
buf.append(proto.toString());
}
} else {
buf.append(request.getProtocol());
}
}
Example #24
| Source File: BSTAuthenticatorTest.java From carbon-device-mgt with Apache License 2.0 | 5 votes |
|
@Test(description = "This test case tests the canHandle method of the BSTAuthenticator under missing soap headers")
public void testCanHandleWithMissingHeaders() throws IOException, IllegalAccessException {
Request request = createSoapRequest("WrongBST1.xml");
Assert.assertFalse(bstAuthenticator.canHandle(request),
"BST Authenticator can handle a request with missing headers ");
request = createSoapRequest("WrongBST2.xml");
Assert.assertFalse(bstAuthenticator.canHandle(request),
"BST Authenticator can handle a request with missing headers ");
}
Example #25
| Source File: TestRemoteIpValve.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Test
public void testInvokeAllProxiesAreTrusted() throws Exception {
// PREPARE
RemoteIpValve remoteIpValve = new RemoteIpValve();
remoteIpValve.setInternalProxies("192\\.168\\.0\\.10|192\\.168\\.0\\.11");
remoteIpValve.setTrustedProxies("proxy1|proxy2|proxy3");
remoteIpValve.setRemoteIpHeader("x-forwarded-for");
remoteIpValve.setProxiesHeader("x-forwarded-by");
RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
Request request = new MockRequest();
request.setCoyoteRequest(new org.apache.coyote.Request());
request.setRemoteAddr("192.168.0.10");
request.setRemoteHost("remote-host-original-value");
request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-for").setString("140.211.11.130, proxy1, proxy2");
// TEST
remoteIpValve.invoke(request, null);
// VERIFY
String actualXForwardedFor = request.getHeader("x-forwarded-for");
assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
String actualXForwardedBy = request.getHeader("x-forwarded-by");
assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
String actualRemoteAddr = remoteAddrAndHostTrackerValve.getRemoteAddr();
assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
String actualRemoteHost = remoteAddrAndHostTrackerValve.getRemoteHost();
assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
String actualPostInvokeRemoteAddr = request.getRemoteAddr();
assertEquals("postInvoke remoteAddr", "192.168.0.10", actualPostInvokeRemoteAddr);
String actualPostInvokeRemoteHost = request.getRemoteHost();
assertEquals("postInvoke remoteAddr", "remote-host-original-value", actualPostInvokeRemoteHost);
}
Example #26
| Source File: AccessLogValve.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public void addElement(StringBuilder buf, Date date, Request request,
Response response, long time) {
if (requestAttributesEnabled) {
Object addr = request.getAttribute(REMOTE_ADDR_ATTRIBUTE);
if (addr == null) {
buf.append(request.getRemoteAddr());
} else {
buf.append(addr);
}
} else {
buf.append(request.getRemoteAddr());
}
}
Example #27
| Source File: SemaphoreValve.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Do concurrency control on the request using the semaphore.
*
* @param request The servlet request to be processed
* @param response The servlet response to be created
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
@Override
public void invoke(Request request, Response response)
throws IOException, ServletException {
if (controlConcurrency(request, response)) {
boolean shouldRelease = true;
try {
if (block) {
if (interruptible) {
try {
semaphore.acquire();
} catch (InterruptedException e) {
shouldRelease = false;
permitDenied(request, response);
return;
}
} else {
semaphore.acquireUninterruptibly();
}
} else {
if (!semaphore.tryAcquire()) {
shouldRelease = false;
permitDenied(request, response);
return;
}
}
getNext().invoke(request, response);
} finally {
if (shouldRelease) {
semaphore.release();
}
}
} else {
getNext().invoke(request, response);
}
}
Example #28
| Source File: ApplicationDispatcher.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Unwrap the request if we have wrapped it.
*/
private void unwrapRequest(State state) {
if (state.wrapRequest == null)
return;
if (state.outerRequest.isAsyncStarted()) {
if (!state.outerRequest.getAsyncContext().hasOriginalRequestAndResponse()) {
return;
}
}
ServletRequest previous = null;
ServletRequest current = state.outerRequest;
while (current != null) {
// If we run into the container request we are done
if ((current instanceof Request)
|| (current instanceof RequestFacade))
break;
// Remove the current request if it is our wrapper
if (current == state.wrapRequest) {
ServletRequest next =
((ServletRequestWrapper) current).getRequest();
if (previous == null)
state.outerRequest = next;
else
((ServletRequestWrapper) previous).setRequest(next);
break;
}
// Advance to the next request in the chain
previous = current;
current = ((ServletRequestWrapper) current).getRequest();
}
}
Example #29
| Source File: RemoteHostValve.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
String property;
if (getAddConnectorPort()) {
property = request.getRequest().getRemoteHost() + ";" + request.getConnector().getPort();
} else {
property = request.getRequest().getRemoteHost();
}
process(property, request, response);
}
Example #30
| Source File: AbstractSamlAuthenticatorValve.java From keycloak with Apache License 2.0 | 5 votes |
|
protected boolean authenticateInternal(Request request, HttpServletResponse response, Object loginConfig) throws IOException {
log.trace("authenticateInternal");
CatalinaHttpFacade facade = new CatalinaHttpFacade(response, request);
SamlDeployment deployment = deploymentContext.resolveDeployment(facade);
if (deployment == null || !deployment.isConfigured()) {
log.trace("deployment not configured");
return false;
}
SamlSessionStore tokenStore = getSessionStore(request, facade, deployment);
SamlAuthenticator authenticator = new CatalinaSamlAuthenticator(facade, deployment, tokenStore);
return executeAuthenticator(request, response, facade, deployment, authenticator);
}
