List of usage examples for javax.servlet.http Cookie getDomain
public String getDomain()
From source file:gr.abiss.calipso.web.filters.RestRequestNormalizerFilter.java
protected String getCookieToken(HttpServletRequest httpRequest) { String authToken = null;//from w w w. j a v a 2 s .c o m Cookie[] cookies = httpRequest.getCookies(); String ssoCookieName = userDetailsConfig.getCookiesBasicAuthTokenName(); if (cookies != null) { for (int i = 0; i < cookies.length; i++) { Cookie cookie = cookies[i]; if (LOGGER.isDebugEnabled()) { LOGGER.debug("Found cookie '" + cookie.getName() + "', secure: " + cookie.getSecure() + ", comment: " + cookie.getComment() + ", domain: " + cookie.getDomain() + ", value: " + cookie.getValue()); } if (cookie.getName().equalsIgnoreCase(ssoCookieName)) { if (LOGGER.isDebugEnabled()) { LOGGER.debug("Matched calipso SSO cookie'" + cookie.getName() + "', secure: " + cookie.getSecure() + ", comment: " + cookie.getComment() + ", domain: " + cookie.getDomain() + ", value: " + cookie.getValue()); } authToken = cookie.getValue(); break; } } if (LOGGER.isDebugEnabled() && authToken == null) { LOGGER.debug("Found no calipso SSO cookie with name: " + ssoCookieName); } } return authToken; }
From source file:m.c.m.proxyma.rewrite.CookieRewriteEngineTest.java
public void testMasquerade_Unmasquerade_Cookie() throws NullArgumentException, IllegalArgumentException, UnsupportedEncodingException { System.out.println("masquerade/unmasqueradeCookie"); ProxymaFacade proxyma = new ProxymaFacade(); ProxymaContext context = proxyma.getContextByName("default"); ProxyFolderBean folder1 = proxyma.createNewProxyFolder("host1", "http://www.google.com/it", context); ProxyFolderBean folder2 = proxyma.createNewProxyFolder("host2", "https://www.apple.com/en", context); ProxymaResource aResource = proxyma.createNewResource(request, response, context); aResource.setProxymaRootURI("http://localhost:8080/proxyma"); aResource.setProxyFolder(folder1);//w ww . j a v a2s . c o m CookieRewriteEngine instance = new CookieRewriteEngine(context); Cookie theCookie = new Cookie("cookie1", "Value1"); theCookie.setDomain("google.com"); theCookie.setPath("/it/pippo"); instance.masqueradeCookie(theCookie, aResource); String expected = "localhost"; assertEquals(expected, theCookie.getDomain()); expected = "/proxyma/host1/pippo"; assertEquals(expected, theCookie.getPath()); expected = CookieRewriteEngine.PROXYMA_REWRITTEN_HEADER + "Value1"; assertEquals(expected, theCookie.getValue()); instance.unmasqueradeCookie(theCookie); expected = "Value1"; assertEquals(expected, theCookie.getValue()); theCookie = new Cookie("cookie2", "Value2"); instance.masqueradeCookie(theCookie, aResource); expected = "localhost"; assertEquals(expected, theCookie.getDomain()); expected = "/proxyma/host1"; assertEquals(expected, theCookie.getPath()); expected = CookieRewriteEngine.PROXYMA_REWRITTEN_HEADER + "Value2"; assertEquals(expected, theCookie.getValue()); instance.unmasqueradeCookie(theCookie); expected = "Value2"; assertEquals(expected, theCookie.getValue()); proxyma.removeProxyFolder(folder2, context); proxyma.removeProxyFolder(folder1, context); }
From source file:com.versatus.jwebshield.filter.SecurityTokenFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpReq = (HttpServletRequest) request; HttpServletResponse httpRes = (HttpServletResponse) response; UrlExclusionList exclList = (UrlExclusionList) request.getServletContext() .getAttribute(SecurityConstant.CSRF_CHECK_URL_EXCL_LIST_ATTR_NAME); logger.debug("doFilter: request from IP address=" + httpReq.getRemoteAddr()); if (httpReq.getSession(false) == null) { chain.doFilter(request, response); return;//from w w w. j a v a 2s. com } logger.debug("doFilter: matching " + httpReq.getRequestURI() + " to exclusions list " + exclList.getExclusionMap()); try { if (!exclList.isEmpty() && exclList.isMatch(httpReq.getRequestURI())) { chain.doFilter(request, response); return; } } catch (Exception e) { logger.error("doFilter", e); } // Check the user session for the salt cache, if none is present we // create one Cache<SecurityInfo, SecurityInfo> csrfPreventionSaltCache = (Cache<SecurityInfo, SecurityInfo>) httpReq .getSession().getAttribute(SecurityConstant.SALT_CACHE_ATTR_NAME); if (csrfPreventionSaltCache == null) { if (tokenTimeout == -1) { csrfPreventionSaltCache = CacheBuilder.newBuilder().maximumSize(1000).build(); } else { csrfPreventionSaltCache = CacheBuilder.newBuilder().maximumSize(1000) .expireAfterAccess(tokenTimeout, TimeUnit.SECONDS).build(); } httpReq.getSession().setAttribute(SecurityConstant.SALT_CACHE_ATTR_NAME, csrfPreventionSaltCache); String nameSalt = RandomStringUtils.random(10, 0, 0, true, true, null, new SecureRandom()); httpReq.getSession().setAttribute(SecurityConstant.SALT_PARAM_NAME, nameSalt); } // Generate the salt and store it in the users cache String salt = RandomStringUtils.random(20, 0, 0, true, true, null, new SecureRandom()); String saltNameAttr = (String) httpReq.getSession().getAttribute(SecurityConstant.SALT_PARAM_NAME); SecurityInfo si = new SecurityInfo(saltNameAttr, salt); if (SecurityTokenFilter.checkReferer) { String refHeader = StringUtils.defaultString(httpReq.getHeader("Referer")); logger.debug("doFilter: refHeader=" + refHeader); if (StringUtils.isNotBlank(refHeader)) { try { URL refUrl = new URL(refHeader); refHeader = refUrl.getHost(); } catch (MalformedURLException mex) { logger.debug("doFilter: parsing referer header failed", mex); } } si.setRefererHost(refHeader); } logger.debug("doFilter: si=" + si.toString()); csrfPreventionSaltCache.put(si, si); // Add the salt to the current request so it can be used // by the page rendered in this request httpReq.setAttribute(SecurityConstant.SALT_ATTR_NAME, si); // set CSRF cookie HttpSession session = httpReq.getSession(false); if (session != null && StringUtils.isNotBlank(csrfCookieName)) { if (logger.isDebugEnabled()) { Cookie[] cookies = httpReq.getCookies(); // boolean cookiePresent = false; for (Cookie c : cookies) { String name = c.getName(); logger.debug("doFilter: cookie domain=" + c.getDomain() + "|name=" + name + "|value=" + c.getValue() + "|path=" + c.getPath() + "|maxage=" + c.getMaxAge() + "|httpOnly=" + c.isHttpOnly()); // if (csrfCookieName.equals(name)) { // cookiePresent = true; // break; // } } } // if (!cookiePresent) { byte[] hashSalt = new byte[32]; SecureRandom sr = new SecureRandom(); sr.nextBytes(hashSalt); String csrfHash = RandomStringUtils.random(64, 0, 0, true, true, null, sr); Cookie c = new Cookie(csrfCookieName, csrfHash); c.setMaxAge(1800); c.setSecure(false); c.setPath(httpReq.getContextPath()); c.setHttpOnly(false); httpRes.addCookie(c); // session.setAttribute(SecurityConstant.CSRFCOOKIE_VALUE_PARAM, // hashStr); // } } chain.doFilter(request, response); }
From source file:com.acc.storefront.security.cookie.EnhancedCookieGenerator.java
@Override public void addCookie(final HttpServletResponse response, final String cookieValue) { super.addCookie(new HttpServletResponseWrapper(response) { @Override/*from w ww .j av a 2 s. com*/ public void addCookie(final Cookie cookie) { setEnhancedCookiePath(cookie); if (isHttpOnly()) { // Custom code to write the cookie including the httpOnly flag final StringBuffer headerBuffer = new StringBuffer(100); ServerCookie.appendCookieValue(headerBuffer, cookie.getVersion(), cookie.getName(), cookie.getValue(), cookie.getPath(), cookie.getDomain(), cookie.getComment(), cookie.getMaxAge(), cookie.getSecure(), true); response.addHeader(HEADER_COOKIE, headerBuffer.toString()); } else { // Write the cookie as normal super.addCookie(cookie); } } }, cookieValue); }
From source file:com.meltmedia.cadmium.servlets.jersey.StatusService.java
@GET @Path("/health") @Produces("text/plain") public String health(@Context HttpServletRequest request) { StringBuilder builder = new StringBuilder(); builder.append("Server: " + request.getServerName() + "\n"); builder.append("Scheme: " + request.getScheme() + "\n"); builder.append("Port: " + request.getServerPort() + "\n"); builder.append("ContextPath: " + request.getContextPath() + "\n"); builder.append("ServletPath: " + request.getServletPath() + "\n"); builder.append("Uri: " + request.getRequestURI() + "\n"); builder.append("Query: " + request.getQueryString() + "\n"); Enumeration<?> headerNames = request.getHeaderNames(); builder.append("Headers:\n"); while (headerNames.hasMoreElements()) { String name = (String) headerNames.nextElement(); Enumeration<?> headers = request.getHeaders(name); builder.append(" '" + name + "':\n"); while (headers.hasMoreElements()) { String headerValue = (String) headers.nextElement(); builder.append(" -" + headerValue + "\n"); }/*from w w w . ja v a 2s .co m*/ } if (request.getCookies() != null) { builder.append("Cookies:\n"); for (Cookie cookie : request.getCookies()) { builder.append(" '" + cookie.getName() + "':\n"); builder.append(" value: " + cookie.getValue() + "\n"); builder.append(" domain: " + cookie.getDomain() + "\n"); builder.append(" path: " + cookie.getPath() + "\n"); builder.append(" maxAge: " + cookie.getMaxAge() + "\n"); builder.append(" version: " + cookie.getVersion() + "\n"); builder.append(" comment: " + cookie.getComment() + "\n"); builder.append(" secure: " + cookie.getSecure() + "\n"); } } return builder.toString(); }
From source file:com.versatus.jwebshield.filter.SecurityFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // Assume its HTTP HttpServletRequest httpReq = (HttpServletRequest) request; String reqInfo = "J-WebShield Alert: CSRF attack detected! request URL=" + httpReq.getRequestURL().toString() + "| from IP address=" + httpReq.getRemoteAddr(); logger.debug("doFilter: IP address=" + httpReq.getRemoteAddr()); logger.debug("doFilter: pathInfo=" + httpReq.getPathInfo()); logger.debug("doFilter: queryString=" + httpReq.getQueryString()); logger.debug("doFilter: requestURL=" + httpReq.getRequestURL().toString()); logger.debug("doFilter: method=" + httpReq.getMethod()); logger.debug("doFilter: Origin=" + httpReq.getHeader("Origin")); logger.info("doFilter: Referer=" + httpReq.getHeader("Referer")); logger.info("doFilter: " + csrfHeaderName + "=" + httpReq.getHeader(csrfHeaderName)); UrlExclusionList exclList = (UrlExclusionList) request.getServletContext() .getAttribute(SecurityConstant.CSRF_CHECK_URL_EXCL_LIST_ATTR_NAME); HttpSession session = httpReq.getSession(false); if (session == null) { chain.doFilter(request, response); return;//from w w w .ja v a 2s . c o m } logger.debug("doFilter: matching " + httpReq.getRequestURI() + " to exclusions list " + exclList.getExclusionMap()); try { if (!exclList.isEmpty() && exclList.isMatch(httpReq.getRequestURI())) { chain.doFilter(request, response); return; } } catch (Exception e) { logger.error("doFilter", e); } // check CSRF cookie/header boolean csrfHeaderPassed = false; String rawCsrfHeaderVal = httpReq.getHeader(csrfHeaderName); if (useCsrfToken && StringUtils.isNotBlank(rawCsrfHeaderVal)) { String csrfHeader = StringUtils.strip(httpReq.getHeader(csrfHeaderName), "\""); logger.debug("doFilter: csrfHeader after decoding" + csrfHeader); Cookie[] cookies = httpReq.getCookies(); for (Cookie c : cookies) { String name = c.getName(); if (StringUtils.isNotBlank(csrfCookieName) && csrfCookieName.equals(name)) { logger.debug("doFilter: cookie domain=" + c.getDomain() + "|name=" + name + "|value=" + c.getValue() + "|path=" + c.getPath() + "|maxage=" + c.getMaxAge() + "|httpOnly=" + c.isHttpOnly()); logger.debug("doFilter: string comp:" + StringUtils.difference(csrfHeader, c.getValue())); if (StringUtils.isNotBlank(csrfHeader) && csrfHeader.equals(c.getValue())) { csrfHeaderPassed = true; logger.info("Header " + csrfHeaderName + " value matches the cookie " + csrfCookieName); break; } else { logger.info( "Header " + csrfHeaderName + " value does not match the cookie " + csrfCookieName); } } } // String csrfCookieVal = (String) session // .getAttribute(SecurityConstant.CSRFCOOKIE_VALUE_PARAM); // if (csrfCookieVal != null && csrfCookieVal.equals(csrfHeader)) { // // chain.doFilter(request, response); // // return; // csrfHeaderPassed = true; // } else { // // logger.info(reqInfo); // // sendSecurityReject(response); // } } if (useCsrfToken && csrfHeaderPassed) { chain.doFilter(request, response); return; } // Validate that the salt is in the cache Cache<SecurityInfo, SecurityInfo> csrfPreventionSaltCache = (Cache<SecurityInfo, SecurityInfo>) httpReq .getSession().getAttribute(SecurityConstant.SALT_CACHE_ATTR_NAME); if (csrfPreventionSaltCache != null) { // Get the salt sent with the request String saltName = (String) httpReq.getSession().getAttribute(SecurityConstant.SALT_PARAM_NAME); logger.debug("doFilter: csrf saltName=" + saltName); if (saltName != null) { String salt = httpReq.getParameter(saltName); logger.debug("doFilter: csrf salt=" + salt); if (salt != null) { SecurityInfo si = new SecurityInfo(saltName, salt); logger.debug("doFilter: csrf token=" + csrfPreventionSaltCache.getIfPresent(si)); SecurityInfo cachedSi = csrfPreventionSaltCache.getIfPresent(si); if (cachedSi != null) { // csrfPreventionSaltCache.invalidate(si); if (SecurityTokenFilter.checkReferer) { String refHeader = StringUtils.defaultString(httpReq.getHeader("Referer")); logger.debug("doFilter: refHeader=" + refHeader); if (StringUtils.isNotBlank(refHeader)) { try { URL refUrl = new URL(refHeader); refHeader = refUrl.getHost(); } catch (MalformedURLException mex) { logger.debug("doFilter: parsing referer header failed", mex); } } if (!cachedSi.getRefererHost().isEmpty() && !refHeader.equalsIgnoreCase(cachedSi.getRefererHost())) { logger.info("Potential CSRF detected - Referer host does not match orignal! " + refHeader + " != " + cachedSi.getRefererHost()); sendSecurityReject(response); } } chain.doFilter(request, response); } else { logger.info(reqInfo); sendSecurityReject(response); } } else if (httpMethodMatch(httpReq.getMethod())) { // let flow through chain.doFilter(request, response); } else { logger.info(reqInfo); sendSecurityReject(response); } } } else { chain.doFilter(request, response); } }
From source file:AIR.Common.Web.Session.MultiValueCookie.java
public MultiValueCookie(Cookie cookie) { this._name = cookie.getName(); //Shiva: we can limit the code to the else part rather than have //the "if" part as well. The if part is there just for safety. if (StringUtils.isEmpty(cookie.getPath())) this._path = Server.getContextPath(); else/*www. j a va 2s.co m*/ this._path = cookie.getPath(); this._comment = cookie.getComment(); this._domain = cookie.getDomain(); this._isSecure = cookie.getSecure(); this._encodedValue = cookie.getValue(); this._cookie = cookie; deserializeCookieValue(); }
From source file:com.hypersocket.netty.HttpResponseServletWrapper.java
@Override public void addCookie(Cookie cookie) { StringBuffer cookieHeader = new StringBuffer(); cookieHeader.append(cookie.getName()); cookieHeader.append("="); cookieHeader.append(cookie.getValue()); if (cookie.getPath() != null) { cookieHeader.append("; Path="); cookieHeader.append(cookie.getPath()); }/* w w w . j a v a2s. c om*/ if (cookie.getDomain() != null) { cookieHeader.append("; Domain="); cookieHeader.append(cookie.getDomain()); } if (cookie.getMaxAge() > 0) { cookieHeader.append("; Max-Age="); cookieHeader.append(cookie.getMaxAge()); /** * This breaks IE when date of server and browser do not match */ cookieHeader.append("; Expires="); if (cookie.getMaxAge() == 0) { cookieHeader.append(DateUtils.formatDate(new Date(10000), DateUtils.PATTERN_RFC1036)); } else { cookieHeader.append( DateUtils.formatDate(new Date(System.currentTimeMillis() + cookie.getMaxAge() * 1000L), DateUtils.PATTERN_RFC1036)); } } if (cookie.getSecure()) { cookieHeader.append("; Secure"); } /** * Make sure we are not adding duplicate cookies */ for (Entry<String, String> entry : response.getHeaders()) { if (entry.getKey().equals("Set-Cookie") && entry.getValue().equals(cookieHeader.toString())) { return; } } addHeader("Set-Cookie", cookieHeader.toString()); }
From source file:com.junly.service.helper.TicketHelper.java
/** <p class="detail"> * ???ticket//w ww.j a va 2 s. co m * </p> * @author junly * @date 2017324 * @param request * @param httpChannelType * @return */ public String getTicket(HttpServletRequest request, HttpChannelType httpChannelType) { Cookie cookies[] = request.getCookies(); String ticket = null; if (null != cookies) { for (Cookie cookie : cookies) { if (StringUtils.equals(ViewContants.LOGIN_TICKET_KEY, cookie.getName())) { ticket = StringUtils.trim(cookie.getValue()); StringBuilder builder = new StringBuilder(httpChannelType.name()); builder.append("?cookieticket=").append(ticket); builder.append("?=").append(request.getServerName()).append("===="); builder.append(cookie.getDomain()); logger.info(builder.toString()); break; } } } // java??cookieheader???, // ???cookie? ?? if (StringUtils.isBlank(ticket)) { ticket = customHeadTicket(request, httpChannelType); } if (StringUtils.isBlank(ticket)) { ticket = StringUtils.trim(request.getParameter(ViewContants.LOGIN_TICKET_KEY)); } return ticket; }
From source file:com.xpn.xwiki.stats.impl.StatsUtil.java
/** * Create a new visit cookie and return it. * //from w ww . ja v a2s .c o m * @param context the XWiki context. * @return the newly created cookie. * @since 1.4M1 */ protected static Cookie addCookie(XWikiContext context) { Cookie cookie = new Cookie(COOKPROP_VISITID, RandomStringUtils.randomAlphanumeric(32).toUpperCase()); cookie.setPath("/"); int time = (int) (getCookieExpirationDate().getTime() - (new Date()).getTime()) / 1000; cookie.setMaxAge(time); String cookieDomain = null; getCookieDomains(context); if (cookieDomains != null) { String servername = context.getRequest().getServerName(); for (int i = 0; i < cookieDomains.length; i++) { if (servername.indexOf(cookieDomains[i]) != -1) { cookieDomain = cookieDomains[i]; break; } } } if (cookieDomain != null) { cookie.setDomain(cookieDomain); } if (LOGGER.isDebugEnabled()) { LOGGER.debug("Setting cookie " + cookie.getValue() + " for name " + cookie.getName() + " with domain " + cookie.getDomain() + " and path " + cookie.getPath() + " and maxage " + cookie.getMaxAge()); } context.getResponse().addCookie(cookie); return cookie; }