List of usage examples for javax.servlet.http HttpServletRequest getHeaderNames
public Enumeration<String> getHeaderNames();
From source file:org.unitedinternet.cosmo.dav.servlet.StandardRequestHandler.java
private void dumpRequest(HttpServletRequest req) { if (!LOG.isTraceEnabled()) { return;/*from ww w . j av a 2s. c o m*/ } StringBuffer sb = new StringBuffer("\n------------------------ Dump of request -------------------\n"); try { Enumeration<String> names = req.getHeaderNames(); sb.append("Request headers:\n"); while (names.hasMoreElements()) { String key = names.nextElement(); String val = req.getHeader(key); sb.append(" ").append(key).append(" = \"").append(val).append("\"\n"); } names = req.getParameterNames(); String title = "Request parameters"; sb.append(title).append(" - global info and uris:").append("\n"); sb.append("getMethod = ").append(req.getMethod()).append("\n"); sb.append("getRemoteAddr = ").append(req.getRemoteAddr()).append("\n"); sb.append("getRequestURI = ").append(req.getRequestURI()).append("\n"); sb.append("getRemoteUser = ").append(req.getRemoteUser()).append("\n"); sb.append("getRequestedSessionId = ").append(req.getRequestedSessionId()).append("\n"); sb.append("HttpUtils.getRequestURL(req) = ").append(req.getRequestURL()).append("\n"); sb.append("contextPath=").append(req.getContextPath()).append("\n"); sb.append("query=").append(req.getQueryString()).append("\n"); sb.append("contentlen=").append(req.getContentLength()).append("\n"); sb.append("request=").append(req).append("\n"); sb.append(title).append(":\n"); while (names.hasMoreElements()) { String key = (String) names.nextElement(); String val = req.getParameter(key); sb.append(" ").append(key).append(" = \"").append(val).append("\"").append("\n"); } sb.append("Request attributes:\n"); for (Enumeration<String> e = req.getAttributeNames(); e.hasMoreElements();) { String key = (String) e.nextElement(); Object val = req.getAttribute(key); sb.append(" ").append(key).append(" = \"").append(val).append("\"").append("\n"); } } catch (Exception e) { LOG.error("Error on dumpRequest class StandardRequestHandler " + e); } sb.append("------------------------ End dump of request -------------------"); //Fix Log Forging - java fortify //Writing unvalidated user input to log files can allow an attacker to forge log entries or //inject malicious content into the logs. LOG.trace(sb.toString()); }
From source file:org.apache.solr.servlet.SolrRequestParserTest.java
License:asdf
@Test public void testAddHttpRequestToContext() throws Exception { HttpServletRequest request = getMock("/solr/select", null, -1); expect(request.getMethod()).andReturn("GET").anyTimes(); expect(request.getQueryString()).andReturn("q=title:solr").anyTimes(); Map<String, String> headers = new HashMap<>(); headers.put("X-Forwarded-For", "10.0.0.1"); expect(request.getHeaderNames()).andReturn(new Vector<>(headers.keySet()).elements()).anyTimes(); for (Map.Entry<String, String> entry : headers.entrySet()) { Vector<String> v = new Vector<>(); v.add(entry.getValue());// www . j a va 2 s.c o m expect(request.getHeaders(entry.getKey())).andReturn(v.elements()).anyTimes(); } replay(request); SolrRequestParsers parsers = new SolrRequestParsers(h.getCore().getSolrConfig()); assertFalse(parsers.isAddRequestHeadersToContext()); SolrQueryRequest solrReq = parsers.parse(h.getCore(), "/select", request); assertFalse(solrReq.getContext().containsKey("httpRequest")); parsers.setAddRequestHeadersToContext(true); solrReq = parsers.parse(h.getCore(), "/select", request); assertEquals(request, solrReq.getContext().get("httpRequest")); assertEquals("10.0.0.1", ((HttpServletRequest) solrReq.getContext().get("httpRequest")) .getHeaders("X-Forwarded-For").nextElement()); }
From source file:org.dbflute.saflute.web.servlet.filter.RequestLoggingFilter.java
protected void buildRequestHeaders(StringBuilder sb, HttpServletRequest request) { for (Iterator<?> it = toSortedSet(request.getHeaderNames()).iterator(); it.hasNext();) { String name = (String) it.next(); String value = request.getHeader(name); sb.append(IND);//w w w . ja va2s . co m sb.append("[header] ").append(name); sb.append("=").append(value); sb.append(LF); } }
From source file:org.wso2.carbon.identity.authenticator.saml2.sso.ui.SSOAssertionConsumerService.java
@Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String samlRespString = req.getParameter(SAML2SSOAuthenticatorConstants.HTTP_POST_PARAM_SAML2_RESP); if (log.isDebugEnabled()) { log.debug("Processing SAML Response"); Enumeration headerNames = req.getHeaderNames(); log.debug("[Request Headers] :"); while (headerNames.hasMoreElements()) { String headerName = (String) headerNames.nextElement(); log.debug(">> " + headerName + ":" + req.getHeader(headerName)); }//w w w. j a v a 2 s . c om Enumeration params = req.getParameterNames(); log.debug("[Request Parameters] :"); while (params.hasMoreElements()) { String paramName = (String) params.nextElement(); log.debug(">> " + paramName + ":" + req.getParameter(paramName)); } } // Handle single logout requests if (req.getParameter(SAML2SSOAuthenticatorConstants.HTTP_POST_PARAM_SAML2_AUTH_REQ) != null) { handleSingleLogoutRequest(req, resp); return; } // If SAML Response is not present in the redirected req, send the user to an error page. if (samlRespString == null) { log.error("SAML Response is not present in the request."); handleMalformedResponses(req, resp, SAML2SSOAuthenticatorConstants.ErrorMessageConstants.RESPONSE_NOT_PRESENT); return; } // // If RELAY-STATE is invalid, redirect the users to an error page. // if (!SSOSessionManager.isValidResponse(relayState)) { // handleMalformedResponses(req, resp, // SAML2SSOAuthenticatorConstants.ErrorMessageConstants.RESPONSE_INVALID); // return; // } // Handle valid messages, either SAML Responses or LogoutRequests try { XMLObject samlObject = Util.unmarshall(Util.decode(samlRespString)); if (samlObject instanceof LogoutResponse) { // if it is a logout response, redirect it to login page. String externalLogoutPage = Util.getExternalLogoutPage(); if (externalLogoutPage != null && !externalLogoutPage.isEmpty()) { handleExternalLogout(req, resp, externalLogoutPage); } else { resp.sendRedirect(getAdminConsoleURL(req) + "admin/logout_action.jsp?logoutcomplete=true"); } } else if (samlObject instanceof Response) { // if it is a SAML Response handleSAMLResponses(req, resp, samlObject); } } catch (SAML2SSOUIAuthenticatorException e) { log.error("Error when processing the SAML Assertion in the request.", e); handleMalformedResponses(req, resp, SAML2SSOAuthenticatorConstants.ErrorMessageConstants.RESPONSE_MALFORMED); } }
From source file:com.ethercis.vehr.parser.EhrScapeURIParserTest.java
@Test public void testCompositionQueryParser() throws ServiceManagerException { // Request request = client.newRequest("http://" + hostname + ":8080/rest/v1/ehr?subjectId=1234&subjectNamespace=ABCDEF"); // request.method(HttpMethod.POST); HttpServletRequest request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/composition"); Map<String, String[]> parameters = new HashMap<String, String[]>(); parameters.put("format", new String[] { "RAW" }); when(request.getParameterMap()).thenReturn(parameters); Map<String, String[]> headers = new HashMap<String, String[]>(); headers.put("Content-Type", new String[] { "application/xml" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("POST"); uriParser.parse(request);// w w w .j a v a 2 s. c o m assertEquals("POST", uriParser.identifyMethod().toUpperCase()); assertEquals("XML", uriParser.identifyParametersAsProperties().getClientProperty("format").toString()); request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/composition/123456?format=FLAT"); parameters = new HashMap<>(); parameters.put("format", new String[] { "FLAT" }); // parameters.put("templateId", new String[]{"test%20test"}); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<>(); headers.put("Accept", new String[] { "application/json" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Accept")).thenReturn("application/json"); when(request.getMethod()).thenReturn("GET"); uriParser.parse(request); assertEquals("GET", uriParser.identifyMethod().toUpperCase()); assertEquals("FLAT", uriParser.identifyParametersAsProperties().getClientProperty("format").toString()); // assertEquals("test%20test", uriParser.identifyParametersAsProperties().getClientProperty("templateId").toString()); assertEquals("123456", uriParser.identifyParametersAsProperties().getClientProperty("uid").toString()); request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/composition/123456?format=FLAT"); parameters = new HashMap<>(); parameters.put("format", new String[] { "FLAT" }); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<>(); headers.put("Content-Type", new String[] { "application/json" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/json"); when(request.getMethod()).thenReturn("PUT"); uriParser.parse(request); assertEquals("PUT", uriParser.identifyMethod().toUpperCase()); assertEquals("FLAT", uriParser.identifyParametersAsProperties().getClientProperty("format").toString()); assertEquals("123456", uriParser.identifyParametersAsProperties().getClientProperty("uid").toString()); request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/composition/8fd2bea0-9e0e-11e5-8994-feff819cdc9f"); parameters = new HashMap<>(); parameters.put("format", new String[] { "RAW" }); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<>(); headers.put("Accept", new String[] { "application/xml" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Accept")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("GET"); uriParser.parse(request); assertEquals("GET", uriParser.identifyMethod().toUpperCase()); assertEquals("8fd2bea0-9e0e-11e5-8994-feff819cdc9f", uriParser.identifyParametersAsProperties().getClientProperty("uid").toString()); assertEquals("XML", uriParser.identifyParametersAsProperties().getClientProperty("format").toString()); request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/composition/8fd2bea0-9e0e-11e5-8994-feff819cdc9f"); parameters = new HashMap<>(); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<>(); headers.put("Content-Type", new String[] { "application/json" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("DELETE"); uriParser.parse(request); assertEquals("DELETE", uriParser.identifyMethod().toUpperCase()); assertEquals("rest/v1/composition", uriParser.identifyPath()); assertEquals("8fd2bea0-9e0e-11e5-8994-feff819cdc9f", uriParser.identifyParametersAsProperties().getClientProperty("uid").toString()); }
From source file:org.gss_project.gss.server.rest.RequestHandler.java
/** * Confirms the validity of the request. * * @param request the incoming HTTP request * @return true if the request is valid, false otherwise *///from w w w . j a v a2 s .com private boolean isRequestValid(HttpServletRequest request) { if (logger.isDebugEnabled()) { Enumeration headers = request.getHeaderNames(); while (headers.hasMoreElements()) { String h = (String) headers.nextElement(); logger.debug(h + ": " + request.getHeader(h)); } } // Fetch the timestamp used to guard against replay attacks. long timestamp = 0; boolean useGssDateHeader = true; try { timestamp = request.getDateHeader(GSS_DATE_HEADER); if (timestamp == -1) { useGssDateHeader = false; timestamp = request.getDateHeader(DATE_HEADER); } } catch (IllegalArgumentException e) { return false; } // Fetch the Authorization header and find the user specified in it. String auth = request.getHeader(AUTHORIZATION_HEADER); if (auth == null) return false; String[] authParts = auth.split(" "); if (authParts.length != 2) return false; String username = authParts[0]; String signature = authParts[1]; User user = null; try { user = getService().findUser(username); } catch (RpcException e) { return false; } if (user == null) return false; request.setAttribute(USER_ATTRIBUTE, user); // Validate the signature in the Authorization header. String dateHeader = useGssDateHeader ? request.getHeader(GSS_DATE_HEADER) : request.getHeader(DATE_HEADER); String data; // Remove the servlet path from the request URI. String p = request.getRequestURI(); String servletPath = request.getContextPath() + request.getServletPath(); p = p.substring(servletPath.length()); data = request.getMethod() + dateHeader + p; return isSignatureValid(signature, user, data); }
From source file:com.sourcesense.confluence.servlets.CMISProxyServlet.java
/** * Retrieves all of the headers from the servlet request and sets them on * the proxy request// w w w.java2s. c o m * * @param httpServletRequest The request object representing the client's * request to the servlet engine * @param httpMethodProxyRequest The request that we are about to send to * the proxy host */ @SuppressWarnings("unchecked") private void setProxyRequestHeaders(HttpServletRequest httpServletRequest, HttpMethod httpMethodProxyRequest) { // Get an Enumeration of all of the header names sent by the client Enumeration enumerationOfHeaderNames = httpServletRequest.getHeaderNames(); while (enumerationOfHeaderNames.hasMoreElements()) { String stringHeaderName = (String) enumerationOfHeaderNames.nextElement(); if (stringHeaderName.equalsIgnoreCase(STRING_CONTENT_LENGTH_HEADER_NAME)) { continue; } // As per the Java Servlet API 2.5 documentation: // Some headers, such as Accept-Language can be sent by clients // as several headers each with a different value rather than // sending the header as a comma separated list. // Thus, we get an Enumeration of the header values sent by the client Enumeration enumerationOfHeaderValues = httpServletRequest.getHeaders(stringHeaderName); while (enumerationOfHeaderValues.hasMoreElements()) { String stringHeaderValue = (String) enumerationOfHeaderValues.nextElement(); // In case the proxy host is running multiple virtual servers, // rewrite the Host header to ensure that we get content from // the correct virtual server if (stringHeaderName.equalsIgnoreCase(STRING_HOST_HEADER_NAME)) { stringHeaderValue = getProxyHostAndPort(httpServletRequest); } Header header = new Header(stringHeaderName, stringHeaderValue); // Set the same header on the proxy request httpMethodProxyRequest.setRequestHeader(header); } } }
From source file:com.ethercis.vehr.parser.EhrScapeURIParserTest.java
@Test public void testTemplateQueryParser() throws ServiceManagerException { // get a template with templateId = 'template_id' HttpServletRequest request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/template/template_id"); Map<String, String[]> parameters = new HashMap<String, String[]>(); parameters.put("format", new String[] { "XML" }); when(request.getParameterMap()).thenReturn(parameters); Map<String, String[]> headers = new HashMap<String, String[]>(); headers.put("Content-Type", new String[] { "application/xml" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("GET"); uriParser.parse(request);/*from w ww . jav a2 s .c o m*/ assertEquals("GET", uriParser.identifyMethod().toUpperCase()); assertEquals("rest/v1/template", uriParser.identifyPath()); assertEquals("template_id", uriParser.identifyParametersAsProperties().getClientProperty("templateId").toString()); //get an example for a templateId = 'template_id' request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/template/template_id/example"); parameters = new HashMap<String, String[]>(); parameters.put("format", new String[] { "XML" }); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<String, String[]>(); headers.put("Content-Type", new String[] { "application/xml" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("GET"); uriParser.parse(request); assertEquals("GET", uriParser.identifyMethod().toUpperCase()); assertEquals("rest/v1/template/example", uriParser.identifyPath()); assertEquals("template_id", uriParser.identifyParametersAsProperties().getClientProperty("templateId").toString()); //get the list of templates request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/template"); parameters = new HashMap<String, String[]>(); parameters.put("format", new String[] { "XML" }); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<String, String[]>(); headers.put("Content-Type", new String[] { "application/xml" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("GET"); uriParser.parse(request); assertEquals("GET", uriParser.identifyMethod().toUpperCase()); assertEquals("rest/v1/template", uriParser.identifyPath()); //delete a template request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/template/template_id"); parameters = new HashMap<String, String[]>(); parameters.put("format", new String[] { "XML" }); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<String, String[]>(); headers.put("Content-Type", new String[] { "application/xml" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("DELETE"); uriParser.parse(request); assertEquals("DELETE", uriParser.identifyMethod().toUpperCase()); assertEquals("rest/v1/template", uriParser.identifyPath()); assertEquals("template_id", uriParser.identifyParametersAsProperties().getClientProperty("templateId").toString()); //post a template request = mock(HttpServletRequest.class); when(request.getRequestURI()).thenReturn("/rest/v1/template"); parameters = new HashMap<String, String[]>(); parameters.put("format", new String[] { "XML" }); when(request.getParameterMap()).thenReturn(parameters); headers = new HashMap<String, String[]>(); headers.put("Content-Type", new String[] { "application/xml" }); when(request.getHeaderNames()).thenReturn(new IteratorEnumeration<String>(headers.keySet().iterator())); when(request.getHeader("Content-Type")).thenReturn("application/xml"); when(request.getMethod()).thenReturn("POST"); uriParser.parse(request); assertEquals("POST", uriParser.identifyMethod().toUpperCase()); assertEquals("rest/v1/template", uriParser.identifyPath()); }
From source file:org.jkcsoft.web.struts.http.controllers.HttpHelper.java
public static void logRequest(HttpServletRequest request, Object logCategory) { // quick reject if (!LogHelper.getLogger(logCategory).isDebugEnabled()) return;//from ww w . java2s .c o m StringBuilder sbMsg = new StringBuilder(100); appendLine(sbMsg, ""); appendLine(sbMsg, "---------- Start Request Dump:"); appendLine(sbMsg, "Query String = " + request.getQueryString()); appendLine(sbMsg, "Path Info " + request.getPathInfo()); appendLine(sbMsg, "getServletPath " + request.getServletPath()); Enumeration e; String name; appendLine(sbMsg, "-------------- Header Information"); e = request.getAttributeNames(); while (e.hasMoreElements()) { name = (String) e.nextElement(); appendLine(sbMsg, name + "=" + request.getAttribute(name).toString()); } e = request.getHeaderNames(); String header; while (e.hasMoreElements()) { header = (String) e.nextElement(); appendLine(sbMsg, header + "=" + request.getHeader(header)); } appendLine(sbMsg, "-------------- Parameter Information"); e = request.getParameterNames(); while (e.hasMoreElements()) { name = (String) e.nextElement(); String[] values = request.getParameterValues(name); String value = ""; for (int inx = 0; inx < values.length; inx++) { value = value + values[inx] + ","; } appendLine(sbMsg, name + "=" + value); } appendLine(sbMsg, "-------------- Attribute Information"); appendLine(sbMsg, "---------- End Request Dump:"); LogHelper.debug(logCategory, sbMsg); }
From source file:org.codeartisans.proxilet.Proxilet.java
/** * Retreives all of the headers from the servlet request and sets them on the proxy request. * * @param httpServletRequest The request object representing the client's request to the servlet engine * @param httpMethodProxyRequest The request that we are about to send to the proxy host *//* ww w . jav a 2 s .c o m*/ @SuppressWarnings("unchecked") private void setProxyRequestHeaders(HttpServletRequest httpServletRequest, HttpMethod httpMethodProxyRequest) { // Get an Enumeration of all of the header names sent by the client Enumeration<String> enumerationOfHeaderNames = httpServletRequest.getHeaderNames(); while (enumerationOfHeaderNames.hasMoreElements()) { String stringHeaderName = enumerationOfHeaderNames.nextElement(); if (stringHeaderName.equalsIgnoreCase(HEADER_CONTENT_LENGTH)) { continue; } // As per the Java Servlet API 2.5 documentation: // Some headers, such as Accept-Language can be sent by clients // as several headers each with a different value rather than // sending the header as a comma separated list. // Thus, we get an Enumeration of the header values sent by the client Enumeration<String> enumerationOfHeaderValues = httpServletRequest.getHeaders(stringHeaderName); while (enumerationOfHeaderValues.hasMoreElements()) { String stringHeaderValue = enumerationOfHeaderValues.nextElement(); // In case the proxy host is running multiple virtual servers, // rewrite the Host header to ensure that we get content from // the correct virtual server if (stringHeaderName.equalsIgnoreCase(HEADER_HOST)) { stringHeaderValue = getProxyHostAndPort(); } Header header = new Header(stringHeaderName, stringHeaderValue); // Set the same header on the proxy request httpMethodProxyRequest.setRequestHeader(header); } } }