List of usage examples for javax.servlet.http Cookie setSecure
public void setSecure(boolean flag)
From source file:com.acc.storefront.security.cookie.EnhancedCookieGeneratorTest.java
@Test public void testServerSideCookieDefaultPath() { cookieGenerator.setCookieName("guid"); cookieGenerator.setHttpOnly(true);//server side BDDMockito.given(request.getContextPath()).willReturn("/some_path"); cookieGenerator.addCookie(response, "cookie_monster"); final Cookie expectedCookie = new Cookie("guid", "cookie_monster"); expectedCookie.setPath("/"); expectedCookie.setSecure(false); expectedCookie.setMaxAge(NEVER_EXPIRES); expectedCookie.setDomain("what a domain"); Mockito.verify(response).addCookie(Mockito.argThat(new CookieArgumentMatcher(expectedCookie))); Mockito.verify(response).addHeader(EnhancedCookieGenerator.HEADER_COOKIE, "guid=cookie_monster; Domain=\"what a domain\"; Path=/; HttpOnly"); }
From source file:com.acc.storefront.security.cookie.EnhancedCookieGeneratorTest.java
@Test public void testClientSideCookieDefaultPath() { cookieGenerator.setCookieName(JSESSIONID); cookieGenerator.setHttpOnly(false);//client side cookieGenerator.addCookie(response, "cookie_monster"); final Cookie expectedCookie = new Cookie(JSESSIONID, "cookie_monster"); expectedCookie.setPath("/"); expectedCookie.setSecure(false); expectedCookie.setMaxAge(NEVER_EXPIRES); expectedCookie.setDomain("what a domain"); Mockito.verify(response).addCookie(Mockito.argThat(new CookieArgumentMatcher(expectedCookie))); assertNoHeaderAdjustments();// w w w . j av a 2 s . c o m }
From source file:cec.easyshop.storefront.security.cookie.EnhancedCookieGeneratorTest.java
@Test public void testClientSideCookieDynamicPath() { cookieGenerator.setCookieName(JSESSIONID); cookieGenerator.setHttpOnly(false);//client side cookieGenerator.setCookieSecure(true); cookieGenerator.setUseDefaultPath(false); BDDMockito.given(request.getContextPath()).willReturn("/some_path"); cookieGenerator.addCookie(response, "cookie_monster"); final Cookie expectedCookie = new Cookie(JSESSIONID, "cookie_monster"); expectedCookie.setPath("/some_path"); expectedCookie.setSecure(true); expectedCookie.setMaxAge(NEVER_EXPIRES); expectedCookie.setDomain("what a domain"); Mockito.verify(response).addCookie(Mockito.argThat(new CookieArgumentMatcher(expectedCookie))); assertNoHeaderAdjustments();//from ww w . j a va2 s .co m }
From source file:org.owasp.benchmark.testcode.BenchmarkTest01846.java
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { javax.servlet.http.Cookie userCookie = new javax.servlet.http.Cookie("BenchmarkTest01846", "someSecret"); userCookie.setMaxAge(60 * 3); //Store cookie for 3 minutes userCookie.setSecure(true); userCookie.setPath(request.getRequestURI()); response.addCookie(userCookie);//w w w . ja v a2s. c o m javax.servlet.RequestDispatcher rd = request.getRequestDispatcher("/hash-02/BenchmarkTest01846.html"); rd.include(request, response); }
From source file:org.owasp.benchmark.testcode.BenchmarkTest01869.java
@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { javax.servlet.http.Cookie userCookie = new javax.servlet.http.Cookie("BenchmarkTest01869", "whatever"); userCookie.setMaxAge(60 * 3); //Store cookie for 3 minutes userCookie.setSecure(true); userCookie.setPath(request.getRequestURI()); response.addCookie(userCookie);/*from w w w.jav a 2s. c om*/ javax.servlet.RequestDispatcher rd = request.getRequestDispatcher("/weakrand-04/BenchmarkTest01869.html"); rd.include(request, response); }
From source file:org.owasp.benchmark.testcode.BenchmarkTest01699.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String queryString = request.getQueryString(); String paramval = "BenchmarkTest01699" + "="; int paramLoc = -1; if (queryString != null) paramLoc = queryString.indexOf(paramval); if (paramLoc == -1) { response.getWriter().println("getQueryString() couldn't find expected parameter '" + "BenchmarkTest01699" + "' in query string."); return;/* w ww . j a v a 2 s .c om*/ } String param = queryString.substring(paramLoc + paramval.length()); // 1st assume "BenchmarkTest01699" param is last parameter in query string. // And then check to see if its in the middle of the query string and if so, trim off what comes after. int ampersandLoc = queryString.indexOf("&", paramLoc); if (ampersandLoc != -1) { param = queryString.substring(paramLoc + paramval.length(), ampersandLoc); } param = java.net.URLDecoder.decode(param, "UTF-8"); String bar = new Test().doSomething(request, param); try { java.util.Random numGen = java.security.SecureRandom.getInstance("SHA1PRNG"); double rand = getNextNumber(numGen); String rememberMeKey = Double.toString(rand).substring(2); // Trim off the 0. at the front. String user = "SafeDonatella"; String fullClassName = this.getClass().getName(); String testCaseNumber = fullClassName .substring(fullClassName.lastIndexOf('.') + 1 + "BenchmarkTest".length()); user += testCaseNumber; String cookieName = "rememberMe" + testCaseNumber; boolean foundUser = false; javax.servlet.http.Cookie[] cookies = request.getCookies(); if (cookies != null) { for (int i = 0; !foundUser && i < cookies.length; i++) { javax.servlet.http.Cookie cookie = cookies[i]; if (cookieName.equals(cookie.getName())) { if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) { foundUser = true; } } } } if (foundUser) { response.getWriter().println("Welcome back: " + user + "<br/>"); } else { javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey); rememberMe.setSecure(true); // rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName()); rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet // e.g., /benchmark/sql-01/BenchmarkTest01001 request.getSession().setAttribute(cookieName, rememberMeKey); response.addCookie(rememberMe); response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() + " whose value is: " + rememberMe.getValue() + "<br/>"); } } catch (java.security.NoSuchAlgorithmException e) { System.out.println("Problem executing SecureRandom.nextDouble() - TestCase"); throw new ServletException(e); } response.getWriter().println("Weak Randomness Test java.security.SecureRandom.nextDouble() executed"); }
From source file:com.epam.cme.storefront.security.cookie.EnhancedCookieGeneratorTest.java
@Test public void testServerSideCookieDefaultPath() { cookieGenerator.setCookieName("guid"); cookieGenerator.setHttpOnly(true);// server side BDDMockito.given(request.getContextPath()).willReturn("/some_path"); cookieGenerator.addCookie(request, response, "cookie_monster"); final Cookie expectedCookie = new Cookie("guid", "cookie_monster"); expectedCookie.setPath("/"); expectedCookie.setSecure(false); expectedCookie.setMaxAge(NEVER_EXPIRES); expectedCookie.setDomain("what a domain"); Mockito.verify(response).addCookie(Mockito.argThat(new CookieArgumentMatcher(expectedCookie))); Mockito.verify(response).addHeader(EnhancedCookieGenerator.HEADER_COOKIE, "guid=cookie_monster; Domain=\"what a domain\"; Path=/; HttpOnly"); }
From source file:com.epam.cme.storefront.security.cookie.EnhancedCookieGeneratorTest.java
@Test public void testClientSideCookieDefaultPath() { cookieGenerator.setCookieName(JSESSIONID); cookieGenerator.setHttpOnly(false);// client side cookieGenerator.addCookie(request, response, "cookie_monster"); final Cookie expectedCookie = new Cookie(JSESSIONID, "cookie_monster"); expectedCookie.setPath("/"); expectedCookie.setSecure(false); expectedCookie.setMaxAge(NEVER_EXPIRES); expectedCookie.setDomain("what a domain"); Mockito.verify(response).addCookie(Mockito.argThat(new CookieArgumentMatcher(expectedCookie))); assertNoHeaderAdjustments();/* ww w . j a v a2s . c o m*/ }
From source file:de.hybris.platform.ytelcoacceleratorstorefront.security.cookie.EnhancedCookieGeneratorTest.java
@Test public void testServerSideCookieDefaultPath() { cookieGenerator.setCookieName("guid"); cookieGenerator.setHttpOnly(true);//server side BDDMockito.given(request.getContextPath()).willReturn("/some_path"); cookieGenerator.addCookie(request, response, "cookie_monster"); final Cookie expectedCookie = new Cookie("guid", "cookie_monster"); expectedCookie.setPath("/"); expectedCookie.setSecure(false); expectedCookie.setMaxAge(NEVER_EXPIRES); expectedCookie.setDomain("what a domain"); Mockito.verify(response).addCookie(Mockito.argThat(new CookieArgumentMatcher(expectedCookie))); Mockito.verify(response).addHeader(EnhancedCookieGenerator.HEADER_COOKIE, "guid=cookie_monster; Domain=\"what a domain\"; Path=/; HttpOnly"); }
From source file:de.hybris.platform.ytelcoacceleratorstorefront.security.cookie.EnhancedCookieGeneratorTest.java
@Test public void testClientSideCookieDefaultPath() { cookieGenerator.setCookieName(JSESSIONID); cookieGenerator.setHttpOnly(false);//client side cookieGenerator.addCookie(request, response, "cookie_monster"); final Cookie expectedCookie = new Cookie(JSESSIONID, "cookie_monster"); expectedCookie.setPath("/"); expectedCookie.setSecure(false); expectedCookie.setMaxAge(NEVER_EXPIRES); expectedCookie.setDomain("what a domain"); Mockito.verify(response).addCookie(Mockito.argThat(new CookieArgumentMatcher(expectedCookie))); assertNoHeaderAdjustments();/*from w w w. j av a 2 s . c o m*/ }