Example usage for javax.servlet.http HttpServletRequest getHeader

List of usage examples for javax.servlet.http HttpServletRequest getHeader

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletRequest getHeader.

Prototype

public String getHeader(String name);

Source Link

Document

Returns the value of the specified request header as a String.

Usage

From source file:com.googlesource.gerrit.plugins.gitblit.auth.GerritAuthenticationFilter.java

public boolean doFilter(final DynamicItem<WebSession> webSession, ServletRequest request,
        ServletResponse response, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    String hdr = httpRequest.getHeader("Authorization");
    if (hdr != null) {
        return filterBasicAuth((HttpServletRequest) request, (HttpServletResponse) response, hdr);
    } else if (webSession.get().isSignedIn()) {
        return filterSessionAuth(webSession, (HttpServletRequest) request);
    } else {/*from  w  ww  .  j  a va 2  s.  c o  m*/
        return true;
    }
}

From source file:nanshen.service.impl.SpringSecureChannelProcessor.java

@Override
public void decide(FilterInvocation invocation, Collection<ConfigAttribute> config)
        throws IOException, ServletException {
    Assert.isTrue((invocation != null) && (config != null), "Nulls cannot be provided");

    for (ConfigAttribute attribute : config) {
        if (supports(attribute)) {
            HttpServletRequest httpRequest = invocation.getHttpRequest();
            if (!httpRequest.isSecure() && StringUtils.isBlank(httpRequest.getHeader("HTTPS"))) {
                getEntryPoint().commence(invocation.getRequest(), invocation.getResponse());
            }/*from   w w  w . j  a  v a 2 s.  c  o  m*/
        }
    }
}

From source file:com.boxedfolder.carrot.config.security.filter.XAuthTokenFilter.java

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
        throws IOException, ServletException {
    try {/*  w ww.  j  a va2s  . co  m*/
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        String authToken = httpServletRequest.getHeader("x-auth-token");

        if (StringUtils.hasText(authToken)) {
            String username = tokenUtils.getUserNameFromToken(authToken);
            UserDetails details = detailsService.loadUserByUsername(username);

            if (tokenUtils.validateToken(authToken, details)) {
                UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(details,
                        details.getPassword(), details.getAuthorities());
                SecurityContextHolder.getContext().setAuthentication(token);
            }
        }
        filterChain.doFilter(request, response);
    } catch (Exception exception) {
        throw new RuntimeException(exception);
    }
}

From source file:cherry.foundation.springmvc.RefererRequestMatcher.java

@Override
public boolean matches(HttpServletRequest request) {
    String ref = request.getHeader("referer");
    if (StringUtils.isEmpty(ref)) {
        return matchesIfEmpty;
    }//from www  .j  a v  a  2 s .  c  om
    Matcher m = uriPattern.matcher(ref);
    if (!m.matches()) {
        return matchesIfInvalid;
    }
    if (!verify(referer, ref)) {
        return false;
    }
    if (!verify(scheme, m.group(2))) {
        return false;
    }
    if (!verify(authority, m.group(4))) {
        return false;
    }
    if (!verify(path, m.group(5))) {
        return false;
    }
    if (!verify(query, m.group(7))) {
        return false;
    }
    if (!verify(fragment, m.group(9))) {
        return false;
    }
    return true;
}

From source file:cltestgrid.GetBlob2.java

public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
    String userAgent = req.getHeader("User-Agent");
    if (userAgent != null && userAgent.contains("Baiduspider")) {
        resp.setStatus(SC_MOVED_PERMANENTLY);
        resp.setHeader("Location", "http://www.baidu.com/search/spider.html");
        resp.setHeader("X-READ-ME",
                "Please honor robots.txt and don't waste our resources. http://cl-test-grid.appspot.com/robots.txt");
        return;/*from w ww .j  av a2  s  .  c o m*/
    }

    final String key = req.getParameter("key");
    GcsFilename filename = new GcsFilename("cl-test-grid-logs", key);
    GcsInputChannel readChannel = null;
    InputStream inputStream = null;
    try {
        final boolean lock = false;
        //readChannel = FileServiceFactory.getFileService().openReadChannel(file, lock);
        readChannel = GcsServiceFactory.createGcsService().openReadChannel(filename, 0);
        inputStream = Channels.newInputStream(readChannel);
        resp.setContentType("text/plain");
        // The log files are gzipped, but the Cloud Storage Client Library ungzips them automatically.
        // After we return this data, GAE gzips our output in case client accepts 'gzip' contect encoding.
        IOUtils.copy(new BufferedInputStream(inputStream, 100 * 1024), resp.getOutputStream());
        resp.getOutputStream().flush();
    } finally {
        IOUtils.closeQuietly(inputStream);
        IOUtils.closeQuietly(readChannel);
    }
}

From source file:com.mycompany.springrest.token.JwtAuthenticationFilter.java

@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
        throws AuthenticationException {

    String header = request.getHeader("Authorization");

    if (header == null || !header.startsWith("Bearer ")) {
        throw new JwtTokenMissingException("No JWT token found in request headers");
    }/*from   w ww.  j a v  a  2s  .  c om*/

    String authToken = header.substring(7);

    JwtAuthenticationToken authRequest = new JwtAuthenticationToken(authToken);

    return getAuthenticationManager().authenticate(authRequest);
}

From source file:com.telefonica.euro_iaas.sdc.puppetwrapper.aspects.MdcInterceptor.java

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
        throws Exception {

    String txId = request.getHeader("txId");
    if (txId != null) {
        MDC.put("txId", txId);
    } else {/*w w w. ja v  a2  s. c  o  m*/
        MDC.put("txId", ((HttpServletRequest) request).getSession().getId());
    }

    return true;
}

From source file:org.oncoblocks.centromere.web.security.AuthenticationTokenProcessingFilter.java

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {

    if (!(request instanceof HttpServletRequest)) {
        throw new RuntimeException("Expecting an HTTP request.");
    }/*w w w .ja v a  2  s  .  com*/
    HttpServletRequest httpRequest = (HttpServletRequest) request;

    String authToken = httpRequest.getHeader("X-Auth-Token");
    if (authToken == null) {
        authToken = httpRequest.getParameter("token");
    }

    String username = tokenOperations.getUserNameFromToken(authToken);

    if (username != null) {
        UserDetails userDetails = userDetailsService.loadUserByUsername(username);
        if (tokenOperations.validateToken(authToken, userDetails)) {
            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
                    userDetails, null, userDetails.getAuthorities());
            authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpRequest));
            SecurityContextHolder.getContext().setAuthentication(authentication);
        }
    }

    chain.doFilter(request, response);

}

From source file:cltestgrid.GetBlob.java

public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
    String userAgent = req.getHeader("User-Agent");
    if (userAgent != null && userAgent.contains("Baiduspider")) {
        resp.setStatus(SC_MOVED_PERMANENTLY);
        resp.setHeader("Location", "http://www.baidu.com/search/spider.html");
        resp.setHeader("X-READ-ME",
                "Please honor robots.txt and don't waste our resources. http://cl-test-grid.appspot.com/robots.txt");
        return;/*from  www  .j a  v a2  s .c om*/
    }

    final String key = req.getParameter("key");
    String filename = "/gs/cl-test-grid-logs/" + key;
    AppEngineFile file = new AppEngineFile(filename);
    FileReadChannel readChannel = null;
    InputStream inputStream = null;
    try {
        final boolean lock = false;
        readChannel = FileServiceFactory.getFileService().openReadChannel(file, lock);
        inputStream = Channels.newInputStream(readChannel);
        resp.setContentType("text/plain");
        // The log files are gzipped, but we can't serve gzipped content,
        // because GAE gzips servlet output itlself and so logs would end-up gzipped twice.
        // Therefore we need to ungzip the log.
        InputStream ungzipper = new GZIPInputStream(new BufferedInputStream(inputStream, 100 * 1024));
        IOUtils.copy(ungzipper, resp.getOutputStream());
        resp.getOutputStream().flush();
    } finally {
        IOUtils.closeQuietly(inputStream);
        IOUtils.closeQuietly(readChannel);
    }
}

From source file:nl.knmi.adaguc.services.oauth2.OAuth2Handler.java

public static UserInfo verifyAndReturnUserIdentifier(HttpServletRequest request)
        throws JSONException, WebRequestBadStatusException, IOException, ElementNotFoundException {

    // 1) Find the Authorization header containing the access_token
    String access_token = request.getHeader("Authorization");
    if (access_token == null) {
        // No access token, probably not an OAuth2 request, skip.
        return null;
    }//from w  w  w. j a va2  s .co m
    Debug.println("Authorization    : " + access_token);

    // 2) Find the Discovery service, it might have been passed in the
    // request headers:
    String discoveryURL = request.getHeader("Discovery");
    if (discoveryURL == null) {
        discoveryURL = "https://accounts.google.com/.well-known/openid-configuration";
    }
    Debug.println("Discovery        : " + discoveryURL);

    // 3 Retrieve the Discovery service, so we get all service endpoints
    String discoveryData = HTTPTools.makeHTTPGetRequest(discoveryURL);
    JSONObject jsonObject = (JSONObject) new JSONTokener(discoveryData).nextValue();

    // 4) Retrieve userinfo endpoint
    String userInfoEndpoint = jsonObject.getString("userinfo_endpoint");
    Debug.println("userInfoEndpoint:" + userInfoEndpoint);

    // 5) Make a get request with Authorization headers set, the
    // access_token is used here as Bearer.
    KVPKey key = new KVPKey();
    key.addKVP("Authorization", access_token);
    Debug.println("Starting request");
    String id_token = HTTPTools.makeHTTPGetRequestWithHeaders(userInfoEndpoint, key);// ,"Authorization:
    // Bearer
    // "+access_token);
    Debug.println("Finished request");

    // 6) The ID token is retrieved, now return the identifier from this
    // token.
    Debug.println("Retrieved id_token=" + id_token);
    return getIdentifierFromJWTPayload(id_token);
}