List of usage examples for java.util Vector toString
public synchronized String toString()
From source file:org.zaproxy.zap.extension.ascanrulesAlpha.ProxyDisclosureScanner.java
/** * scans for Proxy Disclosure issues, using the TRACE and OPTIONS method with 'Max-Forwards', * and the TRACK method. The code attempts to enumerate and identify all proxies identified * between the Zap instance and the origin web server. *///from ww w . ja v a 2 s . c o m @Override public void scan() { try { // where's what we're going to do (roughly): // 1: If TRACE is enabled on the origin web server, we're going to use it, and the // "Max-Forwards" header to verify // if *no* proxy exists between Zap and the origin web server. // 2: If we can't do that, because TRACE is not supported, or because there appears to // be a proxy between Zap // and the origin web server, we use the "Max-Forwards" compatible methods (TRACE and // OPTIONS) to // iterate through each of the proxies between Zap and the origin web server. // We will attempt to fingerprint each proxy / web server along the way, using various // techniques. // 3: At this point, depending on the proxies and their configurations, there is a // possibility that we have not // identified *all* of the nodes (proxies / web servers) that the request/response // traverses. We will use // other HTTP methods, such as "TRACK" to obtain an error-type response. In all of the // cases we have tested so far, // such an error response comes from the origin web server, rather than an // intermediate proxy. We then fingerprint // the origin web server. If the origin web server's signature is not the same as the // final node that we have // already identified, we consider the origin web server to be an additional node in // the path. // 4: Report the results. // Step 1: Using TRACE, identify if *no* proxies are used between the Zap instance and // the origin web server // int maxForwardsMaximum = 7; //Anonymous only use 7 proxies, so that's good enough // for us too.. :) int step1numberOfProxies = 0; // this variable is to track proxies that set cookies, but are otherwise complete // invisible, and do not // respond per spec (RFC2616, RFC2965) to OPTIONS/TRACE with Max-Forwards. // They do not set headers that can be identified. // They are also inherently un-ordered, because we do not, and cannot be sure at what // point they fit into the topology // that we can otherwise document using OPTIONS/TRACE + Max-Forwards. Set<String> silentProxySet = new HashSet<String>(); boolean endToEndTraceEnabled = false; boolean proxyTraceEnabled = false; URI traceURI = getBaseMsg().getRequestHeader().getURI(); HttpRequestHeader traceRequestHeader = new HttpRequestHeader(); traceRequestHeader.setMethod(HttpRequestHeader.TRACE); // go to the URL requested, in case the proxy is configured on a per-URL basis.. // traceRequestHeader.setURI(new URI(traceURI.getScheme() + "://" + // traceURI.getAuthority()+ "/",true)); traceRequestHeader.setURI(traceURI); traceRequestHeader.setVersion(HttpRequestHeader.HTTP11); // or 1.1? traceRequestHeader.setSecure(traceRequestHeader.isSecure()); traceRequestHeader.setHeader("Max-Forwards", String.valueOf(MAX_FORWARDS_MAXIMUM)); traceRequestHeader.setHeader("Cache-Control", "no-cache"); // we do not want cached content. we want content from the origin // server traceRequestHeader.setHeader("Pragma", "no-cache"); // similarly, for HTTP/1.0 HttpMessage tracemsg = getNewMsg(); tracemsg.setRequestHeader(traceRequestHeader); // create a random cookie, and set it up, so we can detect if the TRACE is enabled (in // which case, it should echo it back in the response) String randomcookiename = RandomStringUtils.random(15, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); String randomcookievalue = RandomStringUtils.random(40, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); TreeSet<HtmlParameter> cookies = tracemsg.getCookieParams(); cookies.add(new HtmlParameter(HtmlParameter.Type.cookie, randomcookiename, randomcookievalue)); tracemsg.setCookieParams(cookies); sendAndReceive(tracemsg, false); // do not follow redirects. // is TRACE enabled? String traceResponseBody = tracemsg.getResponseBody().toString(); if (traceResponseBody.contains(randomcookievalue)) { // TRACE is enabled. Look at the Max-Forwards in the response, to see if it was // decremented // if it was decremented, there is definitely a proxy.. // if not, it *suggests* there is no proxy (or any proxies present are not compliant // --> all bets are off) boolean proxyActuallyFound = false; // found a TRACE from Zap all the way through to the Origin server.. not good!! endToEndTraceEnabled = true; // this will raise the risk from Medium to High if a Proxy Disclosure // was found! // TODO: raise a "TRACE" type alert (if no proxy disclosure is found, but TRACE // enabled?) Matcher matcher = MAX_FORWARDS_RESPONSE_PATTERN.matcher(traceResponseBody); if (matcher.find()) { String maxForwardsResponseValue = matcher.group(1); if (log.isDebugEnabled()) log.debug("TRACE with \"Max-Forwards: " + MAX_FORWARDS_MAXIMUM + "\" causes response body Max-Forwards value '" + maxForwardsResponseValue + "'"); if (maxForwardsResponseValue.equals(String.valueOf(MAX_FORWARDS_MAXIMUM))) { // (probably) no proxy! if (log.isDebugEnabled()) log.debug("TRACE with \"Max-Forwards: " + MAX_FORWARDS_MAXIMUM + "\" indicates that there is *NO* proxy in place. Note: the TRACE method is supported.. that's an issue in itself! :)"); // To be absolutely certain, check that the cookie info in the response // header, // and proxy request headers in the response body (via TRACE) do not leak // the presence of a proxy // This would indicate a non-RFC2606 compliant proxy, since these are // supposed to decrement the Max-Forwards. // it does happen in the wild.. String traceResponseHeader = tracemsg.getResponseHeader().toString(); // look for cookies set by the proxy, which will be in the response header Iterator<Pattern> cookiePatternIterator = PROXY_COOKIES.keySet().iterator(); while (cookiePatternIterator.hasNext() && !proxyActuallyFound) { Pattern cookiePattern = cookiePatternIterator.next(); String proxyServer = PROXY_COOKIES.get(cookiePattern); Matcher cookieMatcher = cookiePattern.matcher(traceResponseHeader); if (cookieMatcher.find()) { String cookieDetails = cookieMatcher.group(1); if (log.isDebugEnabled()) { proxyActuallyFound = true; if (!proxyServer.equals("") && !silentProxySet.contains(proxyServer)) silentProxySet.add(proxyServer); if (log.isDebugEnabled()) log.debug("TRACE with \"Max-Forwards: " + MAX_FORWARDS_MAXIMUM + "\" indicates that there is *NO* proxy in place, but a known proxy cookie (" + cookieDetails + ", which indicates proxy server '" + proxyServer + "') in the response header contradicts this.."); } } } // look for request headers set by the proxy, which will end up in the // response body if the TRACE succeeded Iterator<Pattern> requestHeaderPatternIterator = PROXY_REQUEST_HEADERS.keySet().iterator(); while (requestHeaderPatternIterator.hasNext() && !proxyActuallyFound) { Pattern proxyHeaderPattern = requestHeaderPatternIterator.next(); String proxyServer = PROXY_REQUEST_HEADERS.get(proxyHeaderPattern); Matcher proxyHeaderMatcher = proxyHeaderPattern.matcher(traceResponseBody); if (proxyHeaderMatcher.find()) { String proxyHeaderName = proxyHeaderMatcher.group(1); if (log.isDebugEnabled()) { proxyActuallyFound = true; if (log.isDebugEnabled()) log.debug("TRACE with \"Max-Forwards: " + MAX_FORWARDS_MAXIMUM + "\" indicates that there is *NO* proxy in place, but a known proxy request header (" + proxyHeaderName + ", which indicates proxy server '" + proxyServer + "') in the response body contradicts this.."); } } } } else { // Trace indicates there is a proxy in place.. (or multiple proxies) // Note: this number cannot really be trusted :( we don't use it, other than // for informational purposes step1numberOfProxies = MAX_FORWARDS_MAXIMUM - Integer.parseInt(maxForwardsResponseValue); if (log.isDebugEnabled()) log.debug("TRACE with \"Max-Forwards: " + MAX_FORWARDS_MAXIMUM + "\" indicates that there *IS* at least one proxy in place (Likely number: " + step1numberOfProxies + "). Note: the TRACE method is also supported!"); proxyActuallyFound = true; } } else { // The Max-Forwards does not appear in the response body, even though the cookie // value appeared in the response body, using TRACE.. Why? if (log.isDebugEnabled()) log.debug( "TRACE support is indicated via an echoed cookie, but the Max-Forwards value from the request is not echoed in the response. Why? Load balancer? WAF?"); proxyActuallyFound = true; } // no conflicting evidence (ie, no proxy indicated) ==> return if (!proxyActuallyFound) return; } else { // TRACE is NOT enabled, so we can't use this technique to tell if there is *no* // proxy between Zap and the origin server if (log.isDebugEnabled()) log.debug( "TRACE is not supported, so we cannot quickly check for *no* proxies. Falling back to the hard way"); } // bale out if we were asked nicely. it's nice to be nice. if (isStop()) { if (log.isDebugEnabled()) log.debug("Stopping the scan due to a user request (after step 1)"); return; } // Step 2: Use Max-Forwards with OPTIONS and TRACE to iterate through each of the // proxies HttpRequestHeader baseRequestHeader = getBaseMsg().getRequestHeader(); URI baseRequestURI = baseRequestHeader.getURI(); int step2numberOfNodes = 0; String[] nodeServers = new String[MAX_FORWARDS_MAXIMUM + 2]; // up to n proxies, and an origin server. // for each of the methods for (String httpMethod : MAX_FORWARD_METHODS) { // for each method, increment the Max-Forwards, and look closely at the response // TODO: loop from 0 to numberOfProxies -1???? int step2numberOfNodesForMethod = 0; String[] nodeServersForMethod = new String[MAX_FORWARDS_MAXIMUM + 2]; String previousServerDetails = RandomStringUtils.random(15, "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"); int previousResponseStatusCode = 0; int responseStatusCode = 0; boolean httpHandled = false; // a flag to handle an extra HTTP request for this method, if the URL // is HTTPS // if the TRACE worked in step 1, and we know how many proxies there are, do that // number + 1, else just do the maximum defined on the attack strength for (int maxForwards = 0; maxForwards < (step1numberOfProxies > 0 ? step1numberOfProxies + 1 : MAX_FORWARDS_MAXIMUM); maxForwards++) { HttpMessage testMsg = getNewMsg(); // get a new message, with the request attributes cloned // from the base message HttpRequestHeader origRequestHeader = testMsg.getRequestHeader(); if (log.isDebugEnabled()) log.debug("Trying method " + httpMethod + " with MAX-FORWARDS: " + Integer.toString(maxForwards)); // if we're on the right iteration (Max-Forwards=0, ie first proxy, and a HTTPS // request, then // then prepare to try an additional HTTP request.. boolean tryHttp = (!httpHandled && maxForwards == 0 && baseRequestHeader.isSecure()); HttpRequestHeader requestHeader = new HttpRequestHeader(); requestHeader.setMethod(httpMethod); // requestHeader.setURI(new URI(origURI.getScheme() + "://" + // origURI.getAuthority()+ "/",true)); requestHeader.setURI(baseRequestURI); requestHeader.setVersion(HttpRequestHeader.HTTP11); // OPTIONS and TRACE are supported under 1.0, but for // multi-homing, we need to use 1.1 if (tryHttp) { if (log.isDebugEnabled()) log.debug( "Blind-spot testing, using a HTTP connection, to try detect an initial proxy, which we might not see via HTTPS"); requestHeader.setSecure(false); requestHeader.setHeader("Max-Forwards", "0"); } else { requestHeader.setSecure(origRequestHeader.isSecure()); requestHeader.setHeader("Max-Forwards", Integer.toString(maxForwards)); } requestHeader.setHeader("Cache-Control", "no-cache"); // we do not want cached content. we want content from the // origin server requestHeader.setHeader("Pragma", "no-cache"); // similarly, for HTTP/1.0 HttpMessage mfMethodMsg = getNewMsg(); mfMethodMsg.setRequestHeader(requestHeader); // create a random cookie, and set it up, so we can detect if the TRACE is // enabled (in which case, it should echo it back in the response) String randomcookiename2 = RandomStringUtils.random(15, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); String randomcookievalue2 = RandomStringUtils.random(40, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"); TreeSet<HtmlParameter> cookies2 = mfMethodMsg.getCookieParams(); cookies2.add( new HtmlParameter(HtmlParameter.Type.cookie, randomcookiename2, randomcookievalue2)); mfMethodMsg.setCookieParams(cookies2); try { sendAndReceive(mfMethodMsg, false); // do not follow redirects. } catch (Exception e) { log.error( "Failed to send a request in step 2 with method " + httpMethod + ", Max-Forwards: " + requestHeader.getHeader("Max-Forwards") + ": " + e.getMessage()); break; // to the next method } // if the response from the proxy/origin server echoes back the cookie (TRACE, // or other method), that's serious, so we need to check. String methodResponseBody = mfMethodMsg.getResponseBody().toString(); if (methodResponseBody.contains(randomcookievalue2)) { proxyTraceEnabled = true; // this will raise the risk from Medium to High if a Proxy // Disclosure was found! // TODO: raise a "TRACE" type alert (if no proxy disclosure is found, but // TRACE enabled?) } // check if the Server response header differs // the server header + powered by list is what we will record if a key attribute // changes between requests. HttpResponseHeader responseHeader = mfMethodMsg.getResponseHeader(); String serverHeader = responseHeader.getHeader("Server"); if (serverHeader == null) serverHeader = ""; String poweredBy; Vector<String> poweredByList = responseHeader.getHeaders("X-Powered-By"); if (poweredByList != null) poweredBy = poweredByList.toString(); // uses format: "[a,b,c]" else poweredBy = ""; String serverDetails = serverHeader + (poweredBy.equals("") || poweredBy.equals("[]") ? "" : poweredBy); responseStatusCode = responseHeader.getStatusCode(); if (!serverDetails.equals(previousServerDetails)) { // it's a new node that we don't appear to have previously seen (for this // HTTP method). nodeServersForMethod[step2numberOfNodesForMethod] = serverDetails; step2numberOfNodesForMethod++; if (log.isDebugEnabled()) log.debug("Identified a new node for method " + httpMethod + ", by server details: " + serverDetails + ". That makes " + step2numberOfNodesForMethod + " nodes so far"); } else { // else check if the HTTP status code differs if (responseStatusCode != previousResponseStatusCode) { // if the status code is different, this likely indicates a different // node nodeServersForMethod[step2numberOfNodesForMethod] = serverDetails; step2numberOfNodesForMethod++; if (log.isDebugEnabled()) log.debug("Identified a new node for method " + httpMethod + ", by response status : " + responseStatusCode + ". That makes " + step2numberOfNodesForMethod + " nodes so far"); } } previousServerDetails = serverDetails; previousResponseStatusCode = responseStatusCode; // if the base URL is HTTPS, and we just did an extra "blind spot" check for // HTTP, go into the next iteration with the same // "Max-Forwards" value that we just handled, but set the flag to false so that // we don't attempt to do the HTTP "blind spot" request again. if (tryHttp) { maxForwards--; httpHandled = true; } // bale out if we were asked nicely. it's nice to be nice. if (isStop()) { if (log.isDebugEnabled()) log.debug("Stopping the scan due to a user request"); return; } } // if the number of nodes (proxies+origin web server) detected using this HTTP // method is greater than the number detected thus far, use the data // gained using this HTTP method.. if (log.isDebugEnabled()) log.debug("The number of nodes detected using method " + httpMethod + " is " + step2numberOfNodesForMethod); if (step2numberOfNodesForMethod > step2numberOfNodes) { step2numberOfNodes = step2numberOfNodesForMethod; nodeServers = nodeServersForMethod; } } if (log.isDebugEnabled()) log.debug("The maximum number of nodes detected using any Max-Forwards method is " + step2numberOfNodes); // Step 3: For the TRACK, use a random URL, to force an error, and to bypass any cached // file. URI trackURI = getBaseMsg().getRequestHeader().getURI(); HttpRequestHeader trackRequestHeader = new HttpRequestHeader(); trackRequestHeader.setMethod("TRACK"); // There is no suitable constant on HttpRequestHeader // go to a similar (but random) URL requested // - in case a proxy is configured on a per-URL basis.. (this is the case on some of my // real world test servers) // - to try to ensure we get an error message that we can fingerprint // - to bypass caching (if it's a random filename, if won't have been seen before, and // won't be cached) // yes, I know TRACK requests should *not* be cached, but not all servers are // compliant. String randompiece = RandomStringUtils.random(5, "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"); trackRequestHeader.setURI(new URI( trackURI.getScheme() + "://" + trackURI.getAuthority() + getPath(trackURI) + randompiece, true)); trackRequestHeader.setVersion(HttpRequestHeader.HTTP11); // trackRequestHeader.setSecure(trackRequestHeader.isSecure()); trackRequestHeader.setHeader("Max-Forwards", String.valueOf(MAX_FORWARDS_MAXIMUM)); trackRequestHeader.setHeader("Cache-Control", "no-cache"); // we do not want cached content. we want content from the origin // server trackRequestHeader.setHeader("Pragma", "no-cache"); // similarly, for HTTP/1.0 HttpMessage trackmsg = getNewMsg(); trackmsg.setRequestHeader(trackRequestHeader); sendAndReceive(trackmsg, false); // do not follow redirects. // TODO: fingerprint more origin web servers response to a TRACK request for a file that // does not exist. String trackResponseBody = trackmsg.getResponseBody().toString(); Matcher unsupportedApacheMatcher = NOT_SUPPORTED_APACHE_PATTERN.matcher(trackResponseBody); if (unsupportedApacheMatcher.find()) { String originServerName = unsupportedApacheMatcher.group(1); if (log.isDebugEnabled()) log.debug("Identified the origin node using TRACK, with server header: " + originServerName); // check if this is the same as the last node we've identified, and if so, discard // it. If not, add it to to the end (as the origin server). if (!nodeServers[step2numberOfNodes - 1].equals(originServerName)) { // it's different to the last one seen.. add it. if (log.isDebugEnabled()) log.debug( "The origin node was not already recorded using the Max-Forwards method, so adding it in."); nodeServers[step2numberOfNodes] = originServerName; step2numberOfNodes++; } } // TODO: compare step2numberOfProxies and step1numberOfProxies? // log the nodes we have noted so far if (log.isDebugEnabled()) { for (int nodei = 0; nodei < step2numberOfNodes; nodei++) { log.debug("Node " + nodei + " is " + (!nodeServers[nodei].equals("") ? nodeServers[nodei] : "Unknown")); } // log the "silent" proxies that we saw. for (String silentServer : silentProxySet) { log.debug("Silent Proxy: " + (!silentServer.equals("") ? silentServer : "Unknown")); } } // Note: there will always be an origin web server, so check for >1, not <0 number of // nodes. if (step2numberOfNodes > 1 || silentProxySet.size() > 0) { // bingo with the list of nodes (proxies+origin web server) that we detected. String unknown = Constant.messages.getString(MESSAGE_PREFIX + "extrainfo.unknown"); String proxyServerHeader = Constant.messages .getString(MESSAGE_PREFIX + "extrainfo.proxyserver.header"); String webServerHeader = Constant.messages.getString(MESSAGE_PREFIX + "extrainfo.webserver.header"); String silentProxyServerHeader = Constant.messages .getString(MESSAGE_PREFIX + "extrainfo.silentproxyserver.header"); // get the proxy server information (ie, all but the last node) String proxyServerInfo = ""; if (step2numberOfNodes > 0) { StringBuilder sb = new StringBuilder(); sb.append(proxyServerHeader); sb.append("\n"); for (int nodei = 0; nodei < step2numberOfNodes - 1; nodei++) { String proxyServerNode = Constant.messages.getString( MESSAGE_PREFIX + "extrainfo.proxyserver", (!nodeServers[nodei].equals("") ? nodeServers[nodei] : unknown)); sb.append(proxyServerNode); sb.append("\n"); } proxyServerInfo = sb.toString(); } // get the origin web server information (ie, the last node) String webServerInfo = ""; if (step2numberOfNodes > 0) { StringBuilder sb = new StringBuilder(); sb.append(webServerHeader); sb.append("\n"); String webServerNode = Constant.messages.getString(MESSAGE_PREFIX + "extrainfo.webserver", (!nodeServers[step2numberOfNodes - 1].equals("") ? nodeServers[step2numberOfNodes - 1] : unknown)); sb.append(webServerNode); sb.append("\n"); webServerInfo = sb.toString(); } // get the silent proxy information String silentProxyServerInfo = ""; if (silentProxySet.size() > 0) { StringBuilder sb = new StringBuilder(); sb.append(silentProxyServerHeader); sb.append("\n"); for (String silentServer : silentProxySet) { // log.debug("Silent Proxy: // "+(!silentServer.equals("")?silentServer:"Unknown")); String silentProxyServerNode = Constant.messages.getString( MESSAGE_PREFIX + "extrainfo.silentproxyserver", (!silentServer.equals("") ? silentServer : unknown)); sb.append(silentProxyServerNode); sb.append("\n"); } silentProxyServerInfo = sb.toString(); } String traceInfo = ""; if (endToEndTraceEnabled || proxyTraceEnabled) { traceInfo = Constant.messages.getString(MESSAGE_PREFIX + "extrainfo.traceenabled"); } // all the info is collated nicely. raise the alert. String extraInfo = ""; if (!proxyServerInfo.equals("")) { extraInfo += proxyServerInfo; } if (!webServerInfo.equals("")) { extraInfo += webServerInfo; } if (!silentProxyServerInfo.equals("")) { extraInfo += silentProxyServerInfo; } if (!traceInfo.equals("")) { extraInfo += traceInfo; } // raise the alert on the original message // there are multiple messages on which the issue could have been raised, but each // individual atatck message // tells only a small part of the story. Explain it in the "extra info" instead. bingo(endToEndTraceEnabled || proxyTraceEnabled ? Alert.RISK_HIGH : getRisk(), Alert.CONFIDENCE_MEDIUM, getName(), Constant.messages.getString(MESSAGE_PREFIX + "desc", step2numberOfNodes - 1 + silentProxySet.size()), getBaseMsg().getRequestHeader().getURI().getURI(), // url "", // there is no parameter of interest getAttack(), // the attack. who'd have thunk it? extraInfo, // extra info.. all the detail of the proxy, etc. getSolution(), "", // evidence this.getCweId(), this.getWascId(), getBaseMsg() // the message on which we place the alert ); } } catch (Exception e) { // Do not try to internationalise this.. we need an error message in any event.. // if it's in English, it's still better than not having it at all. log.error("An error occurred checking for proxy disclosure", e); } }
From source file:com.dragonflow.StandardMonitor.URLMonitor.java
private static Vector finalHTTPClientlRequestPreparation(URLContext urlcontext, HTTPRequestSettings httprequestsettings, Array array, long l) throws Exception { if (httprequestsettings.getAuthUserName() == null || httprequestsettings.getAuthUserName().length() == 0) { String s = urlcontext.getMonitor().getSetting("_defaultAuthUsername"); if (s.length() > 0) { httprequestsettings.setAuthUserName(s); httprequestsettings.setAuthNTLMDomain(urlcontext.getMonitor().getSetting("_defaultAuthNTLMDomain")); httprequestsettings.setAuthPassword(urlcontext.getMonitor().getSetting("_defaultAuthPassword")); }// ww w.j av a2s.c o m } if (httprequestsettings.getAuthenticationOnFirstRequest() == null) { String s1 = urlcontext.getMonitor().getSetting("_defaultAuthWhenToAuthenticate"); if (!$assertionsDisabled && s1.length() <= 0) { throw new AssertionError( "add or set _defaultAuthWhenToAuthenticate=authOnFirst setting in master.config"); } httprequestsettings.setAuthenticationOnFirstRequest(authOnFirstRequest(s1)); } if (httprequestsettings.getAuthNTLMDomain().length() <= 0) { String as[] = splitUserDomain_If_NTChallengeInMonitor(httprequestsettings.getAuthUserName(), urlcontext.getMonitor().getSetting("_challengeResponse")); if (as != null) { httprequestsettings.setAuthNTLMDomain(as[0]); httprequestsettings.setAuthUserName(as[1]); } } long l1 = l - System.currentTimeMillis(); if (l1 <= 0L) { throw new Exception("timed out"); } httprequestsettings.setConnectionTimeoutMS((int) l1); httprequestsettings.setRequestTimeoutMS((int) l1); String s2 = urlcontext.getMonitor().getSetting("_URLMonitorProxyExceptions"); String s3 = httprequestsettings.getHost(); if (httprequestsettings.getProxy().length() != 0 && isProxyExcluded(s2, s3)) { httprequestsettings.setProxy(""); } Vector vector = new Vector(); if (urlcontext.getMonitor().getSetting("_sslKeepAlive").length() > 0) { if (httprequestsettings.getProxy().length() > 0) { vector.add(new Header("Proxy-Connection", "Keep-Alive")); } else { vector.add(new Header("Connection", "Keep-Alive")); } } String s4 = getUserAgent(array); if (s4.length() == 0) { s4 = urlcontext.getMonitor().getSetting("_URLUserAgent"); } vector.add(new Header("User-Agent", s4)); if (array != null) { Enumeration enumeration = array.elements(); do { if (!enumeration.hasMoreElements()) { break; } String s5 = (String) enumeration.nextElement(); if (TextUtils.startsWithIgnoreCase(s5, CUSTOM_HEADER)) { String s7 = s5.substring(CUSTOM_HEADER.length()); String as1[] = s7.split(":", 2); if (!$assertionsDisabled && (as1 == null || as1.length <= 0)) { throw new AssertionError(); } if (as1.length > 1) { vector.add(new Header(as1[0].trim(), as1[1].trim())); } else { vector.add(new Header(as1[0].trim(), "")); } } } while (true); } Vector vector1 = urlcontext.getCookieHeader(httprequestsettings.getUrl()); if (vector1 != null) { if (debugURL != 0) { System.out.println( "URLMonitor.checkURLRetrieveDoneHere: COOKIE ADD TO HEADERS: " + vector1.toString()); } httprequestsettings.setCookies(vector1); } else if (debugURL != 0) { System.out.println("URLMonitor.checkURLRetrieveDoneHere: COOKIE ADD TO HEADERS: NULL - NONE TO ADD "); } String s6 = urlcontext.getStreamEncoding(); if (s6.length() > 0) { vector.add(new Header("Accept-charset", s6)); } vector.add(new Header("Accept", "*/*")); Vector vector2 = prepareParametersForApache(array); if (vector2.size() > 0) { String s8 = ""; if (s6.length() > 0) { s8 = "; charset=" + s6; } String s9 = getContentType(array); vector.add(new Header("Content-Type", s9 + s8)); } checkPostFieldForRequestProtocol(array); long l2 = urlcontext.getMonitor().getSettingAsLong("_urlKeepAlive"); if (urlcontext.getMonitor().getSetting("_HTTPVersion10").length() > 0) { httprequestsettings.setHttp11(false); } if (urlcontext.getMonitor().getSetting("_sslAcceptAllUntrustedCerts").length() > 0) { httprequestsettings.setAcceptAllUntrustedCerts(true); } if (urlcontext.getMonitor().getSetting("_sslAcceptInvalidCerts").length() > 0) { httprequestsettings.setAcceptInvalidCerts(true); } httprequestsettings.setHeaders(vector); String s10 = urlcontext.getEncodePostData(); if (s10.equals(urlencodedDropDown[0]) || s10.equals("")) { Vector vector3 = httprequestsettings.getHeaders(); httprequestsettings.setEncodePostData(false); Iterator iterator = vector3.iterator(); do { if (!iterator.hasNext()) { break; } Header header = (Header) iterator.next(); if (!header.getName().equalsIgnoreCase("Content-Type") || header.getValue().toLowerCase().indexOf("urlencoded") < 0) { continue; } httprequestsettings.setEncodePostData(true); break; } while (true); String s12 = urlcontext.getMonitor().getSetting("_urlMonitorEncodePostData"); if (s12.length() > 0) { httprequestsettings.setEncodePostData(s12.equalsIgnoreCase("true")); } } else if (s10.equals(urlencodedDropDown[2])) { httprequestsettings.setEncodePostData(true); } else if (s10.equals(urlencodedDropDown[4])) { httprequestsettings.setEncodePostData(false); } else if (!$assertionsDisabled) { throw new AssertionError("_dontEncodePostData= " + s10 + ". Must be contentTypeUrlencoded, forceEncode, or forceNoEncode."); } int i = 0; String s11 = urlcontext.getMonitor().getSetting("_keepTryingForGoodStatus"); if (s11.length() > 0) { i = TextUtils.toInt(s11); } if (i > 0) { httprequestsettings.setRetries(i); } setClientSideCertSettings(urlcontext, httprequestsettings); return vector2; }
From source file:org.zaproxy.zap.extension.pscanrules.ContentSecurityPolicyScanner.java
@Override public void scanHttpResponseReceive(HttpMessage msg, int id, Source source) { boolean cspHeaderFound = false; int noticesRisk = Alert.RISK_INFO; // LOGGER.setLevel(Level.DEBUG); //Enable for debugging if (LOGGER.isDebugEnabled()) { LOGGER.debug("Start " + id + " : " + msg.getRequestHeader().getURI().toString()); }//w w w. j av a 2 s . co m long start = System.currentTimeMillis(); if (!msg.getResponseHeader().isHtml() && !AlertThreshold.LOW.equals(this.getAlertThreshold())) { // Only really applies to HTML responses, but also check everything on Low threshold return; } // Content-Security-Policy is supported by Chrome 25+, Firefox 23+, // Safari 7+, Edge but not Internet Explorer Vector<String> cspOptions = msg.getResponseHeader().getHeaders(HTTP_HEADER_CSP); if (cspOptions != null && !cspOptions.isEmpty()) { cspHeaderFound = true; } // X-Content-Security-Policy is an older header, supported by Firefox // 4.0+, and IE 10+ (in a limited fashion) Vector<String> xcspOptions = msg.getResponseHeader().getHeaders(HTTP_HEADER_XCSP); if (xcspOptions != null && !xcspOptions.isEmpty()) { raiseAlert(msg, Constant.messages.getString(MESSAGE_PREFIX + "xcsp.name"), id, Constant.messages.getString(MESSAGE_PREFIX + "xcsp.desc"), getHeaderField(msg, HTTP_HEADER_XCSP).get(0), cspHeaderFound ? Alert.RISK_INFO : Alert.RISK_LOW, xcspOptions.get(0)); } // X-WebKit-CSP is supported by Chrome 14+, and Safari 6+ Vector<String> xwkcspOptions = msg.getResponseHeader().getHeaders(HTTP_HEADER_WEBKIT_CSP); if (xwkcspOptions != null && !xwkcspOptions.isEmpty()) { raiseAlert(msg, Constant.messages.getString(MESSAGE_PREFIX + "xwkcsp.name"), id, Constant.messages.getString(MESSAGE_PREFIX + "xwkcsp.desc"), getHeaderField(msg, HTTP_HEADER_WEBKIT_CSP).get(0), cspHeaderFound ? Alert.RISK_INFO : Alert.RISK_LOW, xwkcspOptions.get(0)); } if (cspHeaderFound) { ArrayList<Notice> notices = new ArrayList<>(); Origin origin = URI.parse(msg.getRequestHeader().getURI().toString()); String policyText = cspOptions.toString().replace("[", "").replace("]", ""); Policy pol = ParserWithLocation.parse(policyText, origin, notices); // Populate notices if (!notices.isEmpty()) { String cspNoticesString = getCSPNoticesString(notices); if (cspNoticesString.contains(Constant.messages.getString(MESSAGE_PREFIX + "notices.errors")) || cspNoticesString .contains(Constant.messages.getString(MESSAGE_PREFIX + "notices.warnings"))) { noticesRisk = Alert.RISK_LOW; } else { noticesRisk = Alert.RISK_INFO; } raiseAlert(msg, Constant.messages.getString(MESSAGE_PREFIX + "notices.name"), id, cspNoticesString, getHeaderField(msg, HTTP_HEADER_CSP).get(0), noticesRisk, cspOptions.get(0)); } List<String> allowedWildcardSources = getAllowedWildcardSources(policyText, origin); if (!allowedWildcardSources.isEmpty()) { String allowedWildcardSrcs = allowedWildcardSources.toString().replace("[", "").replace("]", ""); String wildcardSrcDesc = Constant.messages.getString(MESSAGE_PREFIX + "wildcard.desc", allowedWildcardSrcs); raiseAlert(msg, Constant.messages.getString(MESSAGE_PREFIX + "wildcard.name"), id, wildcardSrcDesc, getHeaderField(msg, HTTP_HEADER_CSP).get(0), Alert.RISK_MEDIUM, cspOptions.get(0)); } if (pol.allowsUnsafeInlineScript()) { raiseAlert(msg, Constant.messages.getString(MESSAGE_PREFIX + "scriptsrc.unsafe.name"), id, Constant.messages.getString(MESSAGE_PREFIX + "scriptsrc.unsafe.desc"), getHeaderField(msg, HTTP_HEADER_CSP).get(0), Alert.RISK_MEDIUM, cspOptions.get(0)); } if (pol.allowsUnsafeInlineStyle()) { raiseAlert(msg, Constant.messages.getString(MESSAGE_PREFIX + "stylesrc.unsafe.name"), id, Constant.messages.getString(MESSAGE_PREFIX + "stylesrc.unsafe.desc"), getHeaderField(msg, HTTP_HEADER_CSP).get(0), Alert.RISK_MEDIUM, cspOptions.get(0)); } } if (LOGGER.isDebugEnabled()) { LOGGER.debug("\tScan of record " + String.valueOf(id) + " took " + (System.currentTimeMillis() - start) + " ms"); } }
From source file:edu.caltechUcla.sselCassel.projects.jMarkets.server.control.CallMarketEngine.java
/** * Calculate the price p in the given market that minimizes the difference between the number of buy * orders >= p and the number of asks <= p. Return -1 if there is no execute price found (should only * occur if there were no bids/asks on that market. If multiple minima are found, pick one at random. *///from www .j av a2s. com private int getExecutePrice(int marketId, OfferBook offerBook) { int numPrices = offerBook.getNumPrices(); int difference = 10000; Vector executePriceIds = new Vector(); for (int p = 0; p < numPrices; p++) { int numBids = offerBook.getGreaterThanOrEqualToBidOrders(marketId, p, -1); int numAsks = offerBook.getLessThanOrEqualToAskOrders(marketId, p, -1); int diff = Math.abs(numBids - numAsks); if (diff < difference && numBids != 0 && numAsks != 0) { difference = diff; executePriceIds.removeAllElements(); executePriceIds.add(new Integer(p)); } else if (diff == difference && numBids != 0 && numAsks != 0) { executePriceIds.add(new Integer(p)); } } if (executePriceIds.size() > 0) { int mid = executePriceIds.size() / 2; log.info("Found the following execute price minima on market " + marketId + ": " + executePriceIds.toString() + " -- selecting one at random"); int executePriceId = ((Integer) executePriceIds.get(mid)).intValue(); float executePrice = offerBook.getPrice(marketId, executePriceId); log.info("Execute price for market " + marketId + " is: ID=" + executePriceId + ", Value=" + executePrice); return executePriceId; } else { log.info("No possible transactions on market " + marketId + " -- no execute price found"); } return -1; }
From source file:es.emergya.ui.plugins.AdminPanel.java
@Override public void actionPerformed(ActionEvent e) { String cmd = e.getActionCommand(); if (cmd.indexOf("Seleccionar Tod") == 0) { for (int i = 0; i < table.getRowCount(); i++) { table.getModel().setValueAt(Boolean.TRUE, i, 0); }//from w w w . java 2 s.c o m } else if (cmd.indexOf("Deseleccionar Tod") == 0) { for (int i = 0; i < table.getRowCount(); i++) { table.getModel().setValueAt(Boolean.FALSE, i, 0); } } else if (cmd.indexOf("Eliminar Seleccionad") == 0) { boolean alguno = false; for (int i = table.getRowCount() - 1; i >= 0 && !alguno; i--) { if ((Boolean) table.getModel().getValueAt(i, 0)) { alguno = true; } } if (!alguno) { return; } if (JOptionPane.showConfirmDialog(this, "Buttons.delete.confirm", "Selecciona una opcin", JOptionPane.YES_NO_OPTION) != JOptionPane.YES_OPTION) { return; } Vector<Object> fail = new Vector<Object>(); int total = 0; for (int i = table.getRowCount() - 1; i >= 0; i--) { if ((Boolean) table.getModel().getValueAt(i, 0)) { DeleteAction a = (DeleteAction) ((JButton) table.getValueAt(i, table.getColumnCount() - 1)) .getAction(); total++; if (!a.delete(false)) { fail.add(table.getValueAt(i, 1)); } } } if (this.father != null) { this.father.refresh(null); PluginEventHandler.fireChange(this.father); } if (total == 0) { JOptionPane.showMessageDialog(this, "No hay elementos seleccionados para eliminar.", null, JOptionPane.ERROR_MESSAGE); } if (fail.size() > 0) { JOptionPane.showMessageDialog(this, errorString + ":\n" + fail.toString() + "\n" + errorCause, null, JOptionPane.ERROR_MESSAGE); } } else log.error("Comando no encontrado: " + cmd); }
From source file:server.MapEndpointStore.java
public Vector<Vector<String>> openMapFromLink(String mapId) throws EndpointCommunicationException { Vector<Vector<String>> allLayersInfo = new Vector<Vector<String>>(); Vector<String> results = null; int count = 0; String map = MapVocabulary.INSTANCE_NAMESPACE + mapId; String list = null;// w w w . j a v a2 s . c o m String graph = " GRAPH <http://geo.linkedopendata.gr/map/" + mapId + "> "; //construct query to get layer list for this map String queryList = "SELECT ?l WHERE {" + graph + "{<" + map + "> <" + MapVocabulary.HASORDEREDLIST + "> ?l .}}"; results = getResultFromQuery(endpoint_query, queryList, "strabon"); if (results.size() != 0) { list = new String(results.get(0)); } else { return null; } //construct query to get the number of layers String queryCount = "SELECT (COUNT(?x) as ?c) WHERE {" + graph + " {?x <" + RDF.TYPE.toString() + "> <" + MapVocabulary.LAYER.toString() + "> . <" + list + "> ?hasLayer ?x .}}"; results = getResultFromQuery(endpoint_query, queryCount, "strabon"); if (results.size() != 0) { count = Integer.parseInt(results.get(0)); } else { return null; } for (int i = 0; i < count; i++) { Vector<String> layerInfo = new Vector<String>(); allLayersInfo.add(layerInfo); results = null; String id = ((Integer) (i + 1)).toString(); String query0 = "SELECT ?x WHERE {" + graph + " {<" + list + "> <" + RDF.NAMESPACE + "_" + id + "> ?x}}"; results = getResultFromQuery(endpoint_query, query0, "strabon"); if (results.size() != 0) { String layerId = results.get(0); String query1 = "SELECT ?x WHERE { " + graph + " {<" + layerId + "> <" + MapVocabulary.HASNAME.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query1, "strabon"); String layerName = results.get(0); if (results.size() != 0) { layerInfo.add(layerName); } else { layerInfo.add(null); } String query2 = "SELECT ?x WHERE {" + graph + " {<" + layerId + "> <" + MapVocabulary.PRODUCEDBYQUERY.toString() + "> ?q." + "?q <" + MapVocabulary.HASVALUE.toString() + "> ?x.}}"; results = getResultFromQuery(endpoint_query, query2, "strabon"); if (results.size() != 0) layerInfo.add(results.get(0)); else layerInfo.add(null); String query3 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.HASKMLFILE.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query3, "strabon"); if (results.size() != 0) layerInfo.add(results.get(0)); else layerInfo.add(null); String query4 = "SELECT ?x WHERE {" + graph + " {<" + layerId + "> <" + MapVocabulary.PRODUCEDBYQUERY.toString() + "> ?q." + "?q <" + MapVocabulary.DERIVEDBY.toString() + "> ?e. ?e <" + MapVocabulary.HASURI.toString() + "> ?x.}}"; results = getResultFromQuery(endpoint_query, query4, "strabon"); if (results.size() != 0) layerInfo.add(results.get(0)); else layerInfo.add(null); String query5 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.HASPOLYSTYLECOLOR.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query5, "strabon"); if (results.size() != 0) layerInfo.add(results.get(0)); else layerInfo.add(null); String query6 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.HASLINESTYLECOLOR.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query6, "strabon"); if (results.size() != 0) layerInfo.add(results.get(0)); else layerInfo.add(null); String query7 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.HASICON.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query7, "strabon"); if (results.size() != 0) layerInfo.add(results.get(0)); else layerInfo.add(null); String query8 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.HASICONSCALE.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query8, "strabon"); if (results.size() != 0) { layerInfo.add(results.get(0)); } else { layerInfo.add(null); } String query9 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.IS_TEMPORAL_LAYER.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query9, "strabon"); if (results.size() > 0) { /* * The result is a String corresponding to a Boolean value (e.g., true, True, false, False, 0, or 1) * However, in Java valid boolean values are the first two, plus "yes" and "no". * Therefore, to be on the safe side, I parse the result using the utility of Sesame to get * a Boolean Java object and then I get the corresponding String value for which I * am sure that when I construct a Boolean object on the client side (e.g., when initializing * whether a layer is temporal or not), there will not be any errors. */ layerInfo.add(String.valueOf(XMLDatatypeUtil.parseBoolean(results.get(0)))); if (logger.isDebugEnabled()) { if (XMLDatatypeUtil.parseBoolean(results.get(0))) { logger.debug("[{}] Layer '{}' is temporal.", moduleName, layerName); } } } else { // for compatibility with maps that have been produced with the // older version of Sextant in which there is no RDF property // inserted to mark a layer whether is temporal or not layerInfo.add(String.valueOf(false)); } String query10 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.HASIMAGEBOX.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query10, "strabon"); if (results.size() != 0) { layerInfo.add(results.get(0)); } else { layerInfo.add(null); } String query11 = "SELECT ?x WHERE { " + graph + "{<" + layerId + "> <" + MapVocabulary.HASLAYERTYPE.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query11, "strabon"); if (results.size() != 0) { layerInfo.add(results.get(0)); } else { layerInfo.add(null); } } else { return null; } } //construct query to get the number of charts String queryCountCharts = "SELECT (COUNT(?x) as ?c) WHERE {" + graph + " {?x <" + RDF.TYPE.toString() + "> <" + MapVocabulary.CHART.toString() + "> . }}"; results = getResultFromQuery(endpoint_query, queryCountCharts, "strabon"); if (results.size() != 0) { count = Integer.parseInt(results.get(0)); //Add to allLayersInfo a Vector<String> to separate layers' info from charts' info Vector<String> separate = new Vector<String>(); separate.add("@@@"); allLayersInfo.add(separate); //Get the charts' information for (int i = 0; i < count; i++) { Vector<String> chartInfo = new Vector<String>(); allLayersInfo.add(chartInfo); results = null; String id = ((Integer) (i)).toString(); String chartId = map.concat("ch" + id); String query11 = "SELECT ?x WHERE { " + graph + "{<" + chartId + "> <" + RDF.TYPE.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query11, "strabon"); if (results.size() != 0) { chartInfo.add(results.get(0)); } else { chartInfo.add(null); } String query12 = "SELECT ?x WHERE { " + graph + "{<" + chartId + "> <" + MapVocabulary.HASCHARTTYPE.toString() + "> ?x}}"; results = getResultFromQuery(endpoint_query, query12, "strabon"); if (results.size() != 0) { chartInfo.add(results.get(0)); } else { chartInfo.add(null); } String query13 = "SELECT ?x WHERE { " + graph + "{<" + chartId + "> <" + MapVocabulary.PRODUCEDBYQUERY.toString() + "> ?q . " + "?q <" + MapVocabulary.HASVALUE.toString() + "> ?x . }}"; results = getResultFromQuery(endpoint_query, query13, "strabon"); if (results.size() != 0) { chartInfo.add(results.get(0)); } else { chartInfo.add(null); } String query14 = "SELECT ?x WHERE {" + graph + " {<" + chartId + "> <" + MapVocabulary.PRODUCEDBYQUERY.toString() + "> ?q." + "?q <" + MapVocabulary.DERIVEDBY.toString() + "> ?e. ?e <" + MapVocabulary.HASURI.toString() + "> ?x.}}"; results = getResultFromQuery(endpoint_query, query14, "strabon"); if (results.size() != 0) { chartInfo.add(results.get(0)); } else { chartInfo.add(null); } //construct query to get the number of measures in the chart String queryCountMeasures = "SELECT (COUNT(?x) as ?c) WHERE {" + graph + " { <" + map + "listMeasures" + id + "> ?p ?x . FILTER(?p != <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> ) . }}"; results = getResultFromQuery(endpoint_query, queryCountMeasures, "strabon"); Vector<String> m = new Vector<String>(); if (results.size() != 0) { int counter = Integer.parseInt(results.get(0)); for (int j = 0; j < counter; j++) { String query15 = "SELECT ?x WHERE { " + graph + "{<" + chartId + "> <" + MapVocabulary.HASMEASURES.toString() + "> <" + map + "listMeasures" + id + "> . " + "<" + map + "listMeasures" + id + "> <" + RDF.NAMESPACE + "Measure_" + id + "_" + new Integer(j).toString() + "> ?m . " + "?m <" + MapVocabulary.HASNAME.toString() + "> ?x . }}"; results = getResultFromQuery(endpoint_query, query15, "strabon"); if (results.size() != 0) { m.add(results.get(0)); } else { m.add(null); } } chartInfo.add(m.toString()); } //construct query to get the number of freeDims in the chart String queryCountFreeDims = "SELECT (COUNT(?x) as ?c) WHERE {" + graph + " { <" + map + "listFreeDims" + id + "> ?p ?x . FILTER(?p != <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> ) . }}"; results = getResultFromQuery(endpoint_query, queryCountFreeDims, "strabon"); Vector<String> dims = new Vector<String>(); if (results.size() != 0) { int counter = Integer.parseInt(results.get(0)); for (int j = 0; j < counter; j++) { String query16 = "SELECT ?x ?order ?ref WHERE { " + graph + "{<" + chartId + "> <" + MapVocabulary.HASFREEDIMS.toString() + "> <" + map + "listFreeDims" + id + "> . " + "<" + map + "listFreeDims" + id + "> <" + RDF.NAMESPACE + "FreeDim_" + id + "_" + new Integer(j).toString() + "> ?fd . " + "?fd <" + MapVocabulary.HASNAME.toString() + "> ?x . " + "?fd <" + StatisticsVocabulary.ORDER.toString() + "> ?order . " + "?fd <" + MapVocabulary.REFERS.toString() + "> ?ref . }}"; results = getResultFromQuery(endpoint_query, query16, "strabon"); if (results.size() != 0) { for (int k = 0; k < results.size(); k++) { dims.add(results.get(k)); } } else { dims.add(null); } } chartInfo.add(dims.toString()); } //construct query to get the number of instances in the chart String queryCountInstances = "SELECT (COUNT(?x) as ?c) WHERE {" + graph + " { <" + map + "listInstances" + id + "> ?p ?x . FILTER(?p != <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> ) . }}"; results = getResultFromQuery(endpoint_query, queryCountInstances, "strabon"); Vector<String> inst = new Vector<String>(); if (results.size() != 0) { int counter = Integer.parseInt(results.get(0)); for (int j = 0; j < counter; j++) { String query17 = "SELECT ?x WHERE { " + graph + "{<" + chartId + "> <" + MapVocabulary.HASINSTANCES.toString() + "> <" + map + "listInstances" + id + "> . " + "<" + map + "listInstances" + id + "> <" + RDF.NAMESPACE + "Instance_" + id + "_" + new Integer(j).toString() + "> ?inst . " + "?inst <" + MapVocabulary.HASNAME.toString() + "> ?x . }}"; results = getResultFromQuery(endpoint_query, query17, "strabon"); if (results.size() != 0) { inst.add(results.get(0)); } else { inst.add(null); } } chartInfo.add(inst.toString()); } } } return allLayersInfo; }
From source file:org.powertac.officecomplexcustomer.customers.OfficeComplex.java
/** * This function is utilized in order to reschedule the consumption load for * the next day of the competition according to the tariff rates of the * subscriptions under contract.// ww w .ja va 2 s. c o m */ void rescheduleNextDay(String type) { int serial = service.getTimeslotRepo().currentSerialNumber(); int day = (int) (serial / OfficeComplexConstants.HOURS_OF_DAY) + 1; int dayTemp = day % (OfficeComplexConstants.DAYS_OF_BOOTSTRAP + OfficeComplexConstants.DAYS_OF_COMPETITION); double[] nonDominantUsage = getNonDominantUsage(dayTemp, type); Vector<Long> controllableVector = new Vector<Long>(); CustomerInfo customer = service.getCustomerRepo() .findByNameAndPowerType(name + " " + type + " Controllable", PowerType.INTERRUPTIBLE_CONSUMPTION); TariffSubscription sub = service.getTariffSubscriptionRepo().findActiveSubscriptionsForCustomer(customer) .get(0); log.debug("Old Consumption for day " + day + ": " + getControllableConsumptions(dayTemp, type).toString()); double[] newControllableLoad = dailyShifting(sub.getTariff(), nonDominantUsage, dayTemp, type); for (int i = 0; i < OfficeComplexConstants.HOURS_OF_DAY; i++) { String newControllableLoadString = Double.toString(newControllableLoad[i]); newControllableLoadString = newControllableLoadString.replace(".0", ""); controllableVector.add(Long.parseLong(newControllableLoadString)); } log.debug("New Consumption for day " + day + ": " + controllableVector.toString()); aggDailyControllableLoadInHoursSS.set(dayTemp, controllableVector); }
From source file:org.powertac.householdcustomer.customers.Village.java
/** * This function is utilized in order to reschedule the consumption load for * the next day of the competition according to the tariff rates of the * subscriptions under contract./*from w w w . j a va 2 s.com*/ */ void rescheduleNextDay(String type) { int serial = service.getTimeslotRepo().currentSerialNumber(); int day = (int) (serial / VillageConstants.HOURS_OF_DAY) + 1; int dayTemp = day % (VillageConstants.DAYS_OF_BOOTSTRAP + VillageConstants.DAYS_OF_COMPETITION); double[] nonDominantUsage = getNonDominantUsage(dayTemp, type); Vector<Long> controllableVector = new Vector<Long>(); CustomerInfo customer = service.getCustomerRepo() .findByNameAndPowerType(name + " " + type + " Controllable", PowerType.INTERRUPTIBLE_CONSUMPTION); TariffSubscription sub = service.getTariffSubscriptionRepo().findActiveSubscriptionsForCustomer(customer) .get(0); log.debug("Old Consumption for day " + day + ": " + getControllableConsumptions(dayTemp, type).toString()); double[] newControllableLoad = dailyShifting(sub.getTariff(), nonDominantUsage, dayTemp, type); for (int i = 0; i < VillageConstants.HOURS_OF_DAY; i++) { String newControllableLoadString = Double.toString(newControllableLoad[i]); newControllableLoadString = newControllableLoadString.replace(".0", ""); controllableVector.add(Long.parseLong(newControllableLoadString)); } log.debug("New Consumption for day " + day + ": " + controllableVector.toString()); if (type.equals("RaS")) { aggDailyControllableLoadInHoursRaS.set(dayTemp, controllableVector); } else if (type.equals("ReS")) { aggDailyControllableLoadInHoursReS.set(dayTemp, controllableVector); } else { aggDailyControllableLoadInHoursSS.set(dayTemp, controllableVector); } }
From source file:eionet.gdem.qa.XQueryService.java
/** * */// w w w. j av a 2 s . c o m public Vector analyzeXMLFiles(String schema, String origFile, Vector result) throws GDEMException { LOGGER.info("XML/RPC call for analyze xml: " + origFile); if (result == null) { result = new Vector(); } Vector outputTypes = null; // get all possible xqueries from db String newId = "-1"; // should not be returned with value -1; String file = origFile; Vector queries = listQueries(schema); try { outputTypes = convTypeDao.getConvTypes(); } catch (SQLException sqe) { throw new GDEMException("DB operation failed: " + sqe.toString()); } try { // get the trusted URL from source file adapter file = SourceFileManager.getSourceFileAdapterURL(getTicket(), file, isTrustedMode()); } catch (Exception e) { String err_mess = "File URL is incorrect"; LOGGER.error(err_mess + "; " + e.toString()); throw new GDEMException(err_mess, e); } if (!Utils.isNullVector(queries)) { for (int j = 0; j < queries.size(); j++) { Hashtable query = (Hashtable) queries.get(j); String query_id = String.valueOf(query.get("query_id")); String queryFile = (String) query.get("query"); String contentType = (String) query.get("content_type_id"); String fileExtension = getExtension(outputTypes, contentType); String resultFile = Properties.tmpFolder + File.separatorChar + "gdem_q" + query_id + "_" + System.currentTimeMillis() + "." + fileExtension; try { int queryId = 0; try { queryId = Integer.parseInt(query_id); } catch (NumberFormatException n) { queryId = 0; } // if it is a XQuery script, then append the system folder if (queryId != Constants.JOB_VALIDATION && queryFile.startsWith(Properties.gdemURL + "/" + Constants.QUERIES_FOLDER)) { queryFile = Utils.Replace(queryFile, Properties.gdemURL + "/" + Constants.QUERIES_FOLDER, Properties.queriesFolder + File.separator); } newId = xqJobDao.startXQJob(file, queryFile, resultFile, queryId); } catch (SQLException sqe) { throw new GDEMException("DB operation failed: " + sqe.toString()); } Vector queryResult = new Vector(); queryResult.add(newId); queryResult.add(origFile); result.add(queryResult); } } LOGGER.info("Analyze xml result: " + result.toString()); return result; }
From source file:webServices.RestServiceImpl.java
@GET @Path("/findTwittsRest") @Produces({ MediaType.TEXT_PLAIN })// w w w . ja va 2 s . c o m public String twitterSearchRest(@QueryParam("keys") String searchKeys, @QueryParam("sinceId") long sinceId, @QueryParam("maxId") long maxId, @QueryParam("update") boolean update, @QueryParam("location") String location) { final Vector<String> results = new Vector<String>(); String output = ""; long higherStatusId = Long.MIN_VALUE; long lowerStatusId = Long.MAX_VALUE; Query searchQuery = new Query(searchKeys); searchQuery.setCount(50); searchQuery.setResultType(Query.ResultType.recent); if (sinceId != 0) { if (update) { searchQuery.setSinceId(sinceId); } higherStatusId = sinceId; } if (maxId != 0) { if (!update) { searchQuery.setMaxId(maxId); } lowerStatusId = maxId; } if (location != null) { double lat = Double.parseDouble(location.substring(0, location.indexOf(","))); double lon = Double.parseDouble(location.substring(location.indexOf(",") + 1, location.length())); searchQuery.setGeoCode(new GeoLocation(lat, lon), 10, Query.KILOMETERS); } try { QueryResult qResult = twitter.search(searchQuery); for (Status status : qResult.getTweets()) { //System.out.println(Long.toString(status.getId())+" *** "+Long.toString(status.getUser().getId())+" *** "+status.isRetweet()+" *** "+status.isRetweeted()); higherStatusId = Math.max(status.getId(), higherStatusId); lowerStatusId = Math.min(status.getId(), lowerStatusId); if (!status.isRetweet()) { if (status.getGeoLocation() != null) { System.out.println(Long.toString(status.getId()) + "@" + Double.toString(status.getGeoLocation().getLatitude()) + "," + Double.toString(status.getGeoLocation().getLongitude())); results.add(Long.toString(status.getId()) + "@" + Double.toString(status.getGeoLocation().getLatitude()) + "," + Double.toString(status.getGeoLocation().getLongitude())); } else { results.add(Long.toString(status.getId()) + "@null"); } } } } catch (TwitterException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } TwitterResults resultsObj = new TwitterResults(results.toString(), higherStatusId, lowerStatusId); ObjectMapper mapper = new ObjectMapper(); try { output = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(resultsObj); } catch (JsonProcessingException e) { // TODO Auto-generated catch block e.printStackTrace(); } return output; }