List of usage examples for javax.servlet.http HttpServletRequest getHeaderNames
public Enumeration<String> getHeaderNames();
From source file:com.meadowhawk.homepi.service.UserRESTService.java
@GET @Path("/googleauth") @PublicRESTDocMethod(endPointName = "Google Auth Request", description = "Initiates the OAuth requests for authentication with google doing redirect to google account accept page.", sampleLinks = { "/user/googleauth" }) public Response makeGoogleAuthRequest(@Context HttpServletRequest request) { URI location;//from ww w. j a va2s . c o m try { request.getHeaderNames(); location = new URI(getFirstAuthReqURIui()); return Response.temporaryRedirect(location).build(); } catch (URISyntaxException e) { throw new HomePiAppException(Status.BAD_REQUEST, "Unable to authenticate.", e); } }
From source file:org.apache.hadoop.gateway.AuditLoggingTest.java
@Test /**/*w ww .j a v a 2 s. c o m*/ * Dispatching outbound request. Remote host is unreachable. Two log events is expected: * * action=dispatch request_type=uri outcome=FAILED * action=dispatch request_type=uri outcome=unavailable */ public void testHttpClientOutboundException() throws IOException, URISyntaxException { String uri = "http://outbound-host:port/path"; HttpServletRequest inboundRequest = EasyMock.createNiceMock(HttpServletRequest.class); EasyMock.expect(inboundRequest.getHeaderNames()).andReturn(Collections.enumeration(new ArrayList<String>())) .anyTimes(); EasyMock.replay(inboundRequest); HttpServletResponse outboundResponse = EasyMock.createNiceMock(HttpServletResponse.class); EasyMock.replay(outboundResponse); DefaultDispatch dispatch = new DefaultDispatch(); dispatch.setHttpClient(new DefaultHttpClient()); try { dispatch.doGet(new URI(uri), inboundRequest, outboundResponse); fail("Expected exception while accessing to unreachable host"); } catch (IOException e) { Iterator<LoggingEvent> iterator = CollectAppender.queue.iterator(); LoggingEvent unavailableEvent = iterator.next(); verifyValue((String) unavailableEvent.getMDC(AuditConstants.MDC_RESOURCE_NAME_KEY), uri); verifyValue((String) unavailableEvent.getMDC(AuditConstants.MDC_RESOURCE_TYPE_KEY), ResourceType.URI); verifyValue((String) unavailableEvent.getMDC(AuditConstants.MDC_ACTION_KEY), Action.DISPATCH); verifyValue((String) unavailableEvent.getMDC(AuditConstants.MDC_OUTCOME_KEY), ActionOutcome.UNAVAILABLE); LoggingEvent failureEvent = iterator.next(); verifyValue((String) failureEvent.getMDC(AuditConstants.MDC_RESOURCE_NAME_KEY), uri); verifyValue((String) failureEvent.getMDC(AuditConstants.MDC_RESOURCE_TYPE_KEY), ResourceType.URI); verifyValue((String) failureEvent.getMDC(AuditConstants.MDC_ACTION_KEY), Action.DISPATCH); verifyValue((String) failureEvent.getMDC(AuditConstants.MDC_OUTCOME_KEY), ActionOutcome.FAILURE); } }
From source file:org.kuali.kra.web.filter.RequestLoggingFilter.java
/** * Constructs a log message that displays HTTP header information belonging to the given * {@link HttpServletRequest} instance. This method uses two nested loops to iterate headers * and then iterate through header values because a header may have one or more values. * * @param request//from w w w . j a va2s . com * @return Log message */ private String getRequestHeadersMessage(HttpServletRequest request) { StringBuilder retval = new StringBuilder(); for (Enumeration<String> headerNames = request.getHeaderNames(); headerNames.hasMoreElements();) { String headerName = headerNames.nextElement(); retval.append(headerName).append(": {").toString(); for (Enumeration<String> headerValues = request.getHeaders(headerName); headerValues .hasMoreElements();) { String headerValue = headerValues.nextElement(); retval.append(headerValue); if (headerValues.hasMoreElements()) { retval.append(","); } } retval.append("}\n"); } return retval.toString(); }
From source file:org.owasp.benchmark.testcode.BenchmarkTest02001.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String param = ""; java.util.Enumeration<String> names = request.getHeaderNames(); while (names.hasMoreElements()) { String name = (String) names.nextElement(); if (org.owasp.benchmark.helpers.Utils.commonHeaders.contains(name)) { continue; }/* w ww.java2s.co m*/ java.util.Enumeration<String> values = request.getHeaders(name); if (values != null && values.hasMoreElements()) { param = name; break; } } // Note: We don't URL decode header names because people don't normally do that String bar = doSomething(request, param); float rand = new java.util.Random().nextFloat(); String rememberMeKey = Float.toString(rand).substring(2); // Trim off the 0. at the front. String user = "Floyd"; String fullClassName = this.getClass().getName(); String testCaseNumber = fullClassName .substring(fullClassName.lastIndexOf('.') + 1 + "BenchmarkTest".length()); user += testCaseNumber; String cookieName = "rememberMe" + testCaseNumber; boolean foundUser = false; javax.servlet.http.Cookie[] cookies = request.getCookies(); if (cookies != null) { for (int i = 0; !foundUser && i < cookies.length; i++) { javax.servlet.http.Cookie cookie = cookies[i]; if (cookieName.equals(cookie.getName())) { if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) { foundUser = true; } } } } if (foundUser) { response.getWriter().println("Welcome back: " + user + "<br/>"); } else { javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey); rememberMe.setSecure(true); // rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName()); rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet // e.g., /benchmark/sql-01/BenchmarkTest01001 request.getSession().setAttribute(cookieName, rememberMeKey); response.addCookie(rememberMe); response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() + " whose value is: " + rememberMe.getValue() + "<br/>"); } response.getWriter().println("Weak Randomness Test java.util.Random.nextFloat() executed"); }
From source file:com.aurel.track.prop.actions.LogonAction.java
private String getApacheRemoteUser(HttpServletRequest request) { Enumeration<String> headerNames = request.getHeaderNames(); String userName = null;// ww w . j a v a2s .c o m while (headerNames.hasMoreElements()) { String key = (String) headerNames.nextElement(); String value = request.getHeader(key); LOGGER.debug(key + ": " + value); if (key.equals("authorization")) { String decodedString = null; value = value.replaceAll("Basic ", ""); decodedString = new String(Base64.decodeBase64(value), StandardCharsets.UTF_8); if (decodedString != null && decodedString.split(":").length > 0) { String[] userPassArr = decodedString.split(":"); userName = userPassArr[0]; } } } if ("".equals(userName) || userName == null) { try { Binding binding = new Binding(); binding.setProperty("request", request); Map<String, Object> map = GroovyScriptExecuter.executeGroovyScript("UserAuthentication", binding); if (map.get("error") != null) { LOGGER.error((String) map.get("error")); } else { userName = (String) map.get(BINDING_PARAMS.USER); } } catch (Exception e) { LOGGER.debug(e); } } return userName; }
From source file:com.qperior.gsa.oneboxprovider.QPOneBoxProviderServlet.java
/** * Convenience method for logging the HTTP headers sent in the request. This * will log to the application server's log channel set up for this servlet * and is purely meant for use during debugging. * // w w w .j av a 2 s . c om * @param request HttpServletRequest */ private void logHeaders(HttpServletRequest request) { this.log.info("--------------------------"); this.log.info("Request-Headers:"); @SuppressWarnings("unchecked") Enumeration<String> headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = (String) headerNames.nextElement(); String headerValue = request.getHeader(headerName); this.log.info("[" + headerName + " = " + headerValue + "]"); } this.log.info("--------------------------"); }
From source file:org.owasp.benchmark.testcode.BenchmarkTest00248.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); String param = ""; boolean flag = true; java.util.Enumeration<String> names = request.getHeaderNames(); while (names.hasMoreElements() && flag) { String name = (String) names.nextElement(); java.util.Enumeration<String> values = request.getHeaders(name); if (values != null) { while (values.hasMoreElements() && flag) { String value = (String) values.nextElement(); if (value.equals("vector")) { param = name;//from www .j a v a 2 s . c o m flag = false; } } } } String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param); try { java.util.Properties benchmarkprops = new java.util.Properties(); benchmarkprops.load(this.getClass().getClassLoader().getResourceAsStream("benchmark.properties")); String algorithm = benchmarkprops.getProperty("hashAlg2", "SHA5"); java.security.MessageDigest md = java.security.MessageDigest.getInstance(algorithm); byte[] input = { (byte) '?' }; Object inputParam = bar; if (inputParam instanceof String) input = ((String) inputParam).getBytes(); if (inputParam instanceof java.io.InputStream) { byte[] strInput = new byte[1000]; int i = ((java.io.InputStream) inputParam).read(strInput); if (i == -1) { response.getWriter().println( "This input source requires a POST, not a GET. Incompatible UI for the InputStream source."); return; } input = java.util.Arrays.copyOf(strInput, i); } md.update(input); byte[] result = md.digest(); java.io.File fileTarget = new java.io.File( new java.io.File(org.owasp.benchmark.helpers.Utils.testfileDir), "passwordFile.txt"); java.io.FileWriter fw = new java.io.FileWriter(fileTarget, true); //the true will append the new data fw.write("hash_value=" + org.owasp.esapi.ESAPI.encoder().encodeForBase64(result, true) + "\n"); fw.close(); response.getWriter() .println("Sensitive value '" + org.owasp.esapi.ESAPI.encoder().encodeForHTML(new String(input)) + "' hashed and stored<br/>"); } catch (java.security.NoSuchAlgorithmException e) { System.out.println("Problem executing hash - TestCase"); throw new ServletException(e); } response.getWriter() .println("Hash Test java.security.MessageDigest.getInstance(java.lang.String) executed"); }
From source file:org.owasp.benchmark.testcode.BenchmarkTest00249.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String param = ""; java.util.Enumeration<String> names = request.getHeaderNames(); while (names.hasMoreElements()) { String name = (String) names.nextElement(); if (org.owasp.benchmark.helpers.Utils.commonHeaders.contains(name)) { continue; }// w w w . ja va 2 s .c o m java.util.Enumeration<String> values = request.getHeaders(name); if (values != null && values.hasMoreElements()) { param = name; break; } } // Note: We don't URL decode header names because people don't normally do that String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param); try { long l = java.security.SecureRandom.getInstance("SHA1PRNG").nextLong(); String rememberMeKey = Long.toString(l); String user = "SafeLogan"; String fullClassName = this.getClass().getName(); String testCaseNumber = fullClassName .substring(fullClassName.lastIndexOf('.') + 1 + "BenchmarkTest".length()); user += testCaseNumber; String cookieName = "rememberMe" + testCaseNumber; boolean foundUser = false; javax.servlet.http.Cookie[] cookies = request.getCookies(); if (cookies != null) { for (int i = 0; !foundUser && i < cookies.length; i++) { javax.servlet.http.Cookie cookie = cookies[i]; if (cookieName.equals(cookie.getName())) { if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) { foundUser = true; } } } } if (foundUser) { response.getWriter().println("Welcome back: " + user + "<br/>"); } else { javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey); rememberMe.setSecure(true); // rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName()); rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet // e.g., /benchmark/sql-01/BenchmarkTest01001 request.getSession().setAttribute(cookieName, rememberMeKey); response.addCookie(rememberMe); response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() + " whose value is: " + rememberMe.getValue() + "<br/>"); } } catch (java.security.NoSuchAlgorithmException e) { System.out.println("Problem executing SecureRandom.nextLong() - TestCase"); throw new ServletException(e); } response.getWriter().println("Weak Randomness Test java.security.SecureRandom.nextLong() executed"); }
From source file:org.owasp.benchmark.testcode.BenchmarkTest02056.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); String param = ""; boolean flag = true; java.util.Enumeration<String> names = request.getHeaderNames(); while (names.hasMoreElements() && flag) { String name = (String) names.nextElement(); java.util.Enumeration<String> values = request.getHeaders(name); if (values != null) { while (values.hasMoreElements() && flag) { String value = (String) values.nextElement(); if (value.equals("vector")) { param = name;/*from ww w . j ava 2s . co m*/ flag = false; } } } } String bar = doSomething(param); long l = new java.util.Random().nextLong(); String rememberMeKey = Long.toString(l); String user = "Logan"; String fullClassName = this.getClass().getName(); String testCaseNumber = fullClassName .substring(fullClassName.lastIndexOf('.') + 1 + "BenchmarkTest".length()); user += testCaseNumber; String cookieName = "rememberMe" + testCaseNumber; boolean foundUser = false; javax.servlet.http.Cookie[] cookies = request.getCookies(); for (int i = 0; cookies != null && ++i < cookies.length && !foundUser;) { javax.servlet.http.Cookie cookie = cookies[i]; if (cookieName.equals(cookie.getName())) { if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) { foundUser = true; } } } if (foundUser) { response.getWriter().println("Welcome back: " + user + "<br/>"); } else { javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey); rememberMe.setSecure(true); request.getSession().setAttribute(cookieName, rememberMeKey); response.addCookie(rememberMe); response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() + " whose value is: " + rememberMe.getValue() + "<br/>"); } response.getWriter().println("Weak Randomness Test java.util.Random.nextLong() executed"); }
From source file:com.aurel.track.user.LogoffAction.java
private String getApacheRemoteUser(HttpServletRequest request) { Enumeration headerNames = request.getHeaderNames(); String userName = null;//w ww . jav a 2 s .c o m while (headerNames.hasMoreElements()) { String key = (String) headerNames.nextElement(); String value = request.getHeader(key); if (key.equals("authorization")) { String decodedString = null; value = value.replaceAll("Basic ", ""); decodedString = new String(Base64.decodeBase64(value), StandardCharsets.UTF_8); if (decodedString != null && decodedString.split(":").length > 0) { String[] userPassArr = decodedString.split(":"); userName = userPassArr[0]; } } } return userName; }