List of usage examples for javax.servlet.http HttpServletRequest getHeaderNames
public Enumeration<String> getHeaderNames();
From source file:lux.solr.XQueryComponent.java
private XdmValue buildEXPathRequest(Compiler compiler, Evaluator evaluator, SolrQueryRequest req) throws XPathException { LinkedTreeBuilder builder = new LinkedTreeBuilder( compiler.getProcessor().getUnderlyingConfiguration().makePipelineConfiguration()); builder.startDocument(0);//from w ww .j av a2s . c om builder.startElement(fQNameFor("http", EXPATH_HTTP_NS, "request"), AnyType.getInstance(), 0, 0); builder.namespace(new NamespaceBinding("http", EXPATH_HTTP_NS), 0); Request requestWrapper = (Request) req.getContext().get(SolrQueryContext.LUX_HTTP_SERVLET_REQUEST); addAttribute(builder, "method", requestWrapper.getMethod()); addAttribute(builder, "servlet", requestWrapper.getServletPath()); HttpServletRequest httpReq = (HttpServletRequest) requestWrapper.getRequest(); addAttribute(builder, "path", httpReq.getServletPath()); String pathInfo = requestWrapper.getPathInfo(); if (pathInfo != null) { addAttribute(builder, "path-info", pathInfo); } builder.startContent(); // child elements StringBuilder buf = new StringBuilder(); // authority buf.append(requestWrapper.getScheme()).append("://").append(requestWrapper.getServerName()).append(':') .append(requestWrapper.getServerPort()); String authority = buf.toString(); addSimpleElement(builder, "authority", authority); // url buf.append(httpReq.getServletPath()); if (httpReq.getQueryString() != null) { buf.append('?').append(httpReq.getQueryString()); } String url = buf.toString(); addSimpleElement(builder, "url", url); // context-root addSimpleElement(builder, "context-root", httpReq.getContextPath()); // path - just one part: we don't do any parsing of the path builder.startElement(fQNameFor("http", EXPATH_HTTP_NS, "path"), BuiltInAtomicType.UNTYPED_ATOMIC, 0, 0); builder.startContent(); addSimpleElement(builder, "part", httpReq.getServletPath()); builder.endElement(); // params Iterator<String> paramNames = req.getParams().getParameterNamesIterator(); while (paramNames.hasNext()) { String param = paramNames.next(); String[] values = req.getParams().getParams(param); for (String value : values) { builder.startElement(fQNameFor("http", EXPATH_HTTP_NS, "param"), BuiltInAtomicType.UNTYPED_ATOMIC, 0, 0); addAttribute(builder, "name", param); addAttribute(builder, "value", value); builder.startContent(); builder.endElement(); } } // headers Enumeration<String> headerNames = httpReq.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = headerNames.nextElement(); Enumeration<String> headerValues = httpReq.getHeaders(headerName); while (headerValues.hasMoreElements()) { String value = headerValues.nextElement(); builder.startElement(fQNameFor("http", EXPATH_HTTP_NS, "header"), BuiltInAtomicType.UNTYPED_ATOMIC, 0, 0); addAttribute(builder, "name", headerName); addAttribute(builder, "value", value); builder.startContent(); builder.endElement(); } } ArrayList<XdmItem> resultSequence = null; if (req.getContentStreams() != null) { resultSequence = new ArrayList<XdmItem>(); handleContentStreams(builder, req, resultSequence, evaluator); } builder.endElement(); // end request builder.endDocument(); XdmNode expathReq = new XdmNode(builder.getCurrentRoot()); if (resultSequence == null) { return expathReq; } resultSequence.add(0, expathReq); return new XdmValue(resultSequence); }
From source file:org.sakaiproject.portal.util.ErrorReporter.java
@SuppressWarnings("rawtypes") private String requestDisplay(HttpServletRequest request) { ResourceBundle rb = rbDefault; StringBuilder sb = new StringBuilder(); try {// w ww . j av a 2 s . c o m sb.append(rb.getString("bugreport.request")).append("\n"); sb.append(rb.getString("bugreport.request.authtype")).append(request.getAuthType()).append("\n"); sb.append(rb.getString("bugreport.request.charencoding")).append(request.getCharacterEncoding()) .append("\n"); sb.append(rb.getString("bugreport.request.contentlength")).append(request.getContentLength()) .append("\n"); sb.append(rb.getString("bugreport.request.contenttype")).append(request.getContentType()).append("\n"); sb.append(rb.getString("bugreport.request.contextpath")).append(request.getContextPath()).append("\n"); sb.append(rb.getString("bugreport.request.localaddr")).append(request.getLocalAddr()).append("\n"); sb.append(rb.getString("bugreport.request.localname")).append(request.getLocalName()).append("\n"); sb.append(rb.getString("bugreport.request.localport")).append(request.getLocalPort()).append("\n"); sb.append(rb.getString("bugreport.request.method")).append(request.getMethod()).append("\n"); sb.append(rb.getString("bugreport.request.pathinfo")).append(request.getPathInfo()).append("\n"); sb.append(rb.getString("bugreport.request.protocol")).append(request.getProtocol()).append("\n"); sb.append(rb.getString("bugreport.request.querystring")).append(request.getQueryString()).append("\n"); sb.append(rb.getString("bugreport.request.remoteaddr")).append(request.getRemoteAddr()).append("\n"); sb.append(rb.getString("bugreport.request.remotehost")).append(request.getRemoteHost()).append("\n"); sb.append(rb.getString("bugreport.request.remoteport")).append(request.getRemotePort()).append("\n"); sb.append(rb.getString("bugreport.request.requesturl")).append(request.getRequestURL()).append("\n"); sb.append(rb.getString("bugreport.request.scheme")).append(request.getScheme()).append("\n"); sb.append(rb.getString("bugreport.request.servername")).append(request.getServerName()).append("\n"); sb.append(rb.getString("bugreport.request.headers")).append("\n"); for (Enumeration e = request.getHeaderNames(); e.hasMoreElements();) { String headerName = (String) e.nextElement(); boolean censor = (censoredHeaders.get(headerName) != null); for (Enumeration he = request.getHeaders(headerName); he.hasMoreElements();) { String headerValue = (String) he.nextElement(); sb.append(rb.getString("bugreport.request.header")).append(headerName).append(":") .append(censor ? "---censored---" : headerValue).append("\n"); } } sb.append(rb.getString("bugreport.request.parameters")).append("\n"); for (Enumeration e = request.getParameterNames(); e.hasMoreElements();) { String parameterName = (String) e.nextElement(); boolean censor = (censoredParameters.get(parameterName) != null); String[] paramvalues = request.getParameterValues(parameterName); for (int i = 0; i < paramvalues.length; i++) { sb.append(rb.getString("bugreport.request.parameter")).append(parameterName).append(":") .append(i).append(":").append(censor ? "----censored----" : paramvalues[i]) .append("\n"); } } sb.append(rb.getString("bugreport.request.attributes")).append("\n"); for (Enumeration e = request.getAttributeNames(); e.hasMoreElements();) { String attributeName = (String) e.nextElement(); Object attribute = request.getAttribute(attributeName); boolean censor = (censoredAttributes.get(attributeName) != null); sb.append(rb.getString("bugreport.request.attribute")).append(attributeName).append(":") .append(censor ? "----censored----" : attribute).append("\n"); } HttpSession session = request.getSession(false); if (session != null) { DateFormat serverLocaleDateFormat = DateFormat.getDateInstance(DateFormat.FULL, Locale.getDefault()); sb.append(rb.getString("bugreport.session")).append("\n"); sb.append(rb.getString("bugreport.session.creation")).append(session.getCreationTime()) .append("\n"); sb.append(rb.getString("bugreport.session.lastaccess")).append(session.getLastAccessedTime()) .append("\n"); sb.append(rb.getString("bugreport.session.creationdatetime")) .append(serverLocaleDateFormat.format(session.getCreationTime())).append("\n"); sb.append(rb.getString("bugreport.session.lastaccessdatetime")) .append(serverLocaleDateFormat.format(session.getLastAccessedTime())).append("\n"); sb.append(rb.getString("bugreport.session.maxinactive")).append(session.getMaxInactiveInterval()) .append("\n"); sb.append(rb.getString("bugreport.session.attributes")).append("\n"); for (Enumeration e = session.getAttributeNames(); e.hasMoreElements();) { String attributeName = (String) e.nextElement(); Object attribute = session.getAttribute(attributeName); boolean censor = (censoredAttributes.get(attributeName) != null); sb.append(rb.getString("bugreport.session.attribute")).append(attributeName).append(":") .append(censor ? "----censored----" : attribute).append("\n"); } } } catch (Exception ex) { M_log.error("Failed to generate request display", ex); sb.append("Error " + ex.getMessage()); } return sb.toString(); }
From source file:org.apache.axis.transport.http.AxisServlet.java
/** * Process a POST to the servlet by handing it off to the Axis Engine. * Here is where SOAP messages are received * @param req posted request/*from www . java2s .c om*/ * @param res respose * @throws ServletException trouble * @throws IOException different trouble */ public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { long t0 = 0, t1 = 0, t2 = 0, t3 = 0, t4 = 0; String soapAction = null; MessageContext msgContext = null; if (isDebug) { log.debug("Enter: doPost()"); } if (tlog.isDebugEnabled()) { t0 = System.currentTimeMillis(); } Message responseMsg = null; String contentType = null; try { AxisEngine engine = getEngine(); if (engine == null) { // !!! should return a SOAP fault... ServletException se = new ServletException(Messages.getMessage("noEngine00")); log.debug("No Engine!", se); throw se; } res.setBufferSize(1024 * 8); // provide performance boost. /** get message context w/ various properties set */ msgContext = createMessageContext(engine, req, res); // ? OK to move this to 'getMessageContext', // ? where it would also be picked up for 'doGet()' ? if (securityProvider != null) { if (isDebug) { log.debug("securityProvider:" + securityProvider); } msgContext.setProperty(MessageContext.SECURITY_PROVIDER, securityProvider); } /* Get request message */ Message requestMsg = new Message(req.getInputStream(), false, req.getHeader(HTTPConstants.HEADER_CONTENT_TYPE), req.getHeader(HTTPConstants.HEADER_CONTENT_LOCATION)); // Transfer HTTP headers to MIME headers for request message. MimeHeaders requestMimeHeaders = requestMsg.getMimeHeaders(); for (Enumeration e = req.getHeaderNames(); e.hasMoreElements();) { String headerName = (String) e.nextElement(); for (Enumeration f = req.getHeaders(headerName); f.hasMoreElements();) { String headerValue = (String) f.nextElement(); requestMimeHeaders.addHeader(headerName, headerValue); } } if (isDebug) { log.debug("Request Message:" + requestMsg); /* Set the request(incoming) message field in the context */ /**********************************************************/ } msgContext.setRequestMessage(requestMsg); String url = HttpUtils.getRequestURL(req).toString(); msgContext.setProperty(MessageContext.TRANS_URL, url); // put character encoding of request to message context // in order to reuse it during the whole process. String requestEncoding; try { requestEncoding = (String) requestMsg.getProperty(SOAPMessage.CHARACTER_SET_ENCODING); if (requestEncoding != null) { msgContext.setProperty(SOAPMessage.CHARACTER_SET_ENCODING, requestEncoding); } } catch (SOAPException e1) { } try { /** * Save the SOAPAction header in the MessageContext bag. * This will be used to tell the Axis Engine which service * is being invoked. This will save us the trouble of * having to parse the Request message - although we will * need to double-check later on that the SOAPAction header * does in fact match the URI in the body. */ // (is this last stmt true??? (I don't think so - Glen)) /********************************************************/ soapAction = getSoapAction(req); if (soapAction != null) { msgContext.setUseSOAPAction(true); msgContext.setSOAPActionURI(soapAction); } // Create a Session wrapper for the HTTP session. // These can/should be pooled at some point. // (Sam is Watching! :-) msgContext.setSession(new AxisHttpSession(req)); if (tlog.isDebugEnabled()) { t1 = System.currentTimeMillis(); } /* Invoke the Axis engine... */ /*****************************/ if (isDebug) { log.debug("Invoking Axis Engine."); //here we run the message by the engine } engine.invoke(msgContext); if (isDebug) { log.debug("Return from Axis Engine."); } if (tlog.isDebugEnabled()) { t2 = System.currentTimeMillis(); } responseMsg = msgContext.getResponseMessage(); // We used to throw exceptions on null response messages. // They are actually OK in certain situations (asynchronous // services), so fall through here and return an ACCEPTED // status code below. Might want to install a configurable // error check for this later. } catch (AxisFault fault) { //log and sanitize processAxisFault(fault); configureResponseFromAxisFault(res, fault); responseMsg = msgContext.getResponseMessage(); if (responseMsg == null) { responseMsg = new Message(fault); ((org.apache.axis.SOAPPart) responseMsg.getSOAPPart()).getMessage() .setMessageContext(msgContext); } } catch (Exception e) { //other exceptions are internal trouble responseMsg = msgContext.getResponseMessage(); res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); responseMsg = convertExceptionToAxisFault(e, responseMsg); ((org.apache.axis.SOAPPart) responseMsg.getSOAPPart()).getMessage().setMessageContext(msgContext); } catch (Throwable t) { logException(t); //other exceptions are internal trouble responseMsg = msgContext.getResponseMessage(); res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); responseMsg = new Message(new AxisFault(t.toString(), t)); ((org.apache.axis.SOAPPart) responseMsg.getSOAPPart()).getMessage().setMessageContext(msgContext); } } catch (AxisFault fault) { processAxisFault(fault); configureResponseFromAxisFault(res, fault); responseMsg = msgContext.getResponseMessage(); if (responseMsg == null) { responseMsg = new Message(fault); ((org.apache.axis.SOAPPart) responseMsg.getSOAPPart()).getMessage().setMessageContext(msgContext); } } if (tlog.isDebugEnabled()) { t3 = System.currentTimeMillis(); } /* Send response back along the wire... */ /***********************************/ if (responseMsg != null) { // Transfer MIME headers to HTTP headers for response message. MimeHeaders responseMimeHeaders = responseMsg.getMimeHeaders(); for (Iterator i = responseMimeHeaders.getAllHeaders(); i.hasNext();) { MimeHeader responseMimeHeader = (MimeHeader) i.next(); res.addHeader(responseMimeHeader.getName(), responseMimeHeader.getValue()); } // synchronize the character encoding of request and response String responseEncoding = (String) msgContext.getProperty(SOAPMessage.CHARACTER_SET_ENCODING); if (responseEncoding != null) { try { responseMsg.setProperty(SOAPMessage.CHARACTER_SET_ENCODING, responseEncoding); } catch (SOAPException e) { } } //determine content type from message response contentType = responseMsg.getContentType(msgContext.getSOAPConstants()); sendResponse(contentType, res, responseMsg); } else { // No content, so just indicate accepted res.setStatus(202); } if (isDebug) { log.debug("Response sent."); log.debug("Exit: doPost()"); } if (tlog.isDebugEnabled()) { t4 = System.currentTimeMillis(); tlog.debug("axisServlet.doPost: " + soapAction + " pre=" + (t1 - t0) + " invoke=" + (t2 - t1) + " post=" + (t3 - t2) + " send=" + (t4 - t3) + " " + msgContext.getTargetService() + "." + ((msgContext.getOperation() == null) ? "" : msgContext.getOperation().getName())); } }
From source file:com.tremolosecurity.proxy.ProxyRequest.java
public ProxyRequest(HttpServletRequest req, HttpSession session) throws Exception { super(req);//from ww w .j a v a2s.c o m this.session = session; ServletRequestContext reqCtx = new ServletRequestContext(req); this.isMultiPart = "POST".equalsIgnoreCase(req.getMethod()) && reqCtx.getContentType() != null && reqCtx.getContentType().toLowerCase(Locale.ENGLISH).startsWith("multipart/form-data"); this.isParamsInBody = true; this.isPush = false; this.paramList = new ArrayList<String>(); this.reqParams = new HashMap<String, ArrayList<String>>(); this.queryString = new ArrayList<NVP>(); HttpServletRequest request = (HttpServletRequest) super.getRequest(); if (request.getQueryString() != null && !request.getQueryString().isEmpty()) { StringTokenizer toker = new StringTokenizer(request.getQueryString(), "&"); while (toker.hasMoreTokens()) { String qp = toker.nextToken(); int index = qp.indexOf('='); if (index > 0) { String name = qp.substring(0, qp.indexOf('=')); String val = URLDecoder.decode(qp.substring(qp.indexOf('=') + 1), "UTf-8"); this.queryString.add(new NVP(name, val)); } } } if (this.isMultiPart) { this.isPush = true; // Create a factory for disk-based file items FileItemFactory factory = new DiskFileItemFactory(); // Create a new file upload handler ServletFileUpload upload = new ServletFileUpload(factory); List<FileItem> items = upload.parseRequest(req); this.reqFiles = new HashMap<String, ArrayList<FileItem>>(); for (FileItem item : items) { //this.paramList.add(item.getName()); if (item.isFormField()) { ArrayList<String> vals = this.reqParams.get(item.getFieldName()); if (vals == null) { vals = new ArrayList<String>(); this.reqParams.put(item.getFieldName(), vals); } this.paramList.add(item.getFieldName()); vals.add(item.getString()); } else { ArrayList<FileItem> vals = this.reqFiles.get(item.getFieldName()); if (vals == null) { vals = new ArrayList<FileItem>(); this.reqFiles.put(item.getFieldName(), vals); } vals.add(item); } } } else { Enumeration enumer = req.getHeaderNames(); String contentType = null; while (enumer.hasMoreElements()) { String name = (String) enumer.nextElement(); if (name.equalsIgnoreCase("content-type") || name.equalsIgnoreCase("content-length")) { this.isPush = true; if (name.equalsIgnoreCase("content-type")) { contentType = req.getHeader(name); } } } if (this.isPush) { if (contentType == null || !contentType.startsWith("application/x-www-form-urlencoded")) { this.isParamsInBody = false; ByteArrayOutputStream baos = new ByteArrayOutputStream(); InputStream in = req.getInputStream(); int len; byte[] buffer = new byte[1024]; while ((len = in.read(buffer)) > 0) { baos.write(buffer, 0, len); } req.setAttribute(ProxySys.MSG_BODY, baos.toByteArray()); } else if (contentType.startsWith("application/x-www-form-urlencoded")) { ByteArrayOutputStream baos = new ByteArrayOutputStream(); InputStream in = req.getInputStream(); int len; byte[] buffer = new byte[1024]; while ((len = in.read(buffer)) > 0) { baos.write(buffer, 0, len); } StringTokenizer toker = new StringTokenizer(new String(baos.toByteArray()), "&"); this.orderedList = new ArrayList<NVP>(); while (toker.hasMoreTokens()) { String token = toker.nextToken(); int index = token.indexOf('='); String name = token.substring(0, index); if (name.indexOf('%') != -1) { name = URLDecoder.decode(name, "UTF-8"); } String val = ""; if (index < (token.length() - 1)) { val = URLDecoder.decode(token.substring(token.indexOf('=') + 1), "UTF-8"); } this.orderedList.add(new NVP(name, val)); this.paramList.add(name); ArrayList<String> params = this.reqParams.get(name); if (params == null) { params = new ArrayList<String>(); this.reqParams.put(name, params); } params.add(val); } } } } }
From source file:de.tu_dortmund.ub.api.paaa.PaaaEndpoint.java
protected void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException { ObjectMapper mapper = new ObjectMapper(); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "PathInfo = " + httpServletRequest.getPathInfo()); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "QueryString = " + httpServletRequest.getQueryString()); String patronid = ""; String service = ""; String accept = ""; String authorization = ""; String format = "json"; String path = httpServletRequest.getPathInfo(); String[] params = path.substring(1, path.length()).split("/"); if (params.length == 1) { patronid = params[0];/*from ww w. j a v a 2 s .c o m*/ service = "deletepatron"; } else if (params.length == 2) { patronid = params[0]; service = params[1]; } this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "Patron: " + patronid); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "Service: " + service); if (httpServletRequest.getParameter("format") != null && !httpServletRequest.getParameter("format").equals("")) { format = httpServletRequest.getParameter("format"); } else { Enumeration<String> headerNames = httpServletRequest.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerNameKey = headerNames.nextElement(); if (headerNameKey.equals("Accept")) { this.logger.debug("headerNameKey = " + httpServletRequest.getHeader(headerNameKey)); if (httpServletRequest.getHeader(headerNameKey).contains("text/html")) { format = "html"; } else if (httpServletRequest.getHeader(headerNameKey).contains("application/xml")) { format = "xml"; } else if (httpServletRequest.getHeader(headerNameKey).contains("application/json")) { format = "json"; } } } } this.logger.info("format = " + format); if (!format.equals("json") && !format.equals("xml")) { this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_BAD_REQUEST + ": " + format + " not implemented!"); // Error handling mit suppress_response_codes=true if (httpServletRequest.getParameter("suppress_response_codes") != null) { httpServletResponse.setStatus(HttpServletResponse.SC_OK); } // Error handling mit suppress_response_codes=false (=default) else { httpServletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST); } // Json fr Response body RequestError requestError = new RequestError(); requestError.setError( this.config.getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST))); requestError.setCode(HttpServletResponse.SC_BAD_REQUEST); requestError.setDescription(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST) + ".description")); requestError.setErrorUri(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST) + ".uri")); this.sendRequestError(httpServletResponse, requestError, format); } else { // PAAA - function if (service.equals("deletepatron")) { // get 'Accept' and 'Authorization' from Header; Enumeration<String> headerNames = httpServletRequest.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerNameKey = (String) headerNames.nextElement(); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "headerNameKey = " + headerNameKey + " / headerNameValue = " + httpServletRequest.getHeader(headerNameKey)); if (headerNameKey.equals("Accept")) { accept = httpServletRequest.getHeader(headerNameKey); } if (headerNameKey.equals("Authorization")) { authorization = httpServletRequest.getHeader(headerNameKey); } } this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "Accept: " + accept); this.logger.debug( "[" + this.config.getProperty("service.name") + "] " + "Authorization: " + authorization); // if not exists token: read request parameter if (authorization.equals("") && httpServletRequest.getParameter("access_token") != null && !httpServletRequest.getParameter("access_token").equals("")) { authorization = httpServletRequest.getParameter("access_token"); } // if not exists token if (authorization.equals("")) { // if exists PaiaService-Cookie: read content Cookie[] cookies = httpServletRequest.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (cookie.getName().equals("PaaaService")) { String value = URLDecoder.decode(cookie.getValue(), "UTF-8"); this.logger.info(value); LoginResponse loginResponse = mapper.readValue(value, LoginResponse.class); // A C H T U N G: ggf. andere patronID im Cookie als in Request (UniAccount vs. BibAccount) if (loginResponse.getPatron().equals(patronid)) { authorization = loginResponse.getAccess_token(); } break; } } } } httpServletResponse.setHeader("Access-Control-Allow-Origin", "*"); // check token ... boolean isAuthorized = false; if (!authorization.equals("")) { if (Lookup.lookupAll(AuthorizationInterface.class).size() > 0) { AuthorizationInterface authorizationInterface = Lookup.lookup(AuthorizationInterface.class); // init Authorization Service authorizationInterface.init(this.config); try { isAuthorized = authorizationInterface.isTokenValid(httpServletResponse, service, patronid, authorization); } catch (AuthorizationException e) { // TODO correct error handling this.logger.error("[" + config.getProperty("service.name") + "] " + HttpServletResponse.SC_UNAUTHORIZED + "!"); } } else { // TODO correct error handling this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_INTERNAL_SERVER_ERROR + ": " + "Authorization Interface not implemented!"); } } this.logger.debug("[" + config.getProperty("service.name") + "] " + "Authorization: " + authorization + " - " + isAuthorized); // ... - if not is authorized - against DFN-AAI service if (!isAuthorized) { // TODO if exists OpenAM-Session-Cookie: read content this.logger.debug("[" + config.getProperty("service.name") + "] " + "Authorization: " + authorization + " - " + isAuthorized); } if (isAuthorized) { // execute query this.provideService(httpServletRequest, httpServletResponse, format, patronid, authorization, service); } else { // Authorization this.authorize(httpServletRequest, httpServletResponse, format); } } else { this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_METHOD_NOT_ALLOWED + ": " + "DELETE for '" + service + "' not allowed!"); httpServletResponse.setHeader("WWW-Authentificate", "Bearer"); httpServletResponse.setHeader("WWW-Authentificate", "Bearer realm=\"PAAA\""); httpServletResponse.setContentType("application/json"); httpServletResponse.setHeader("Access-Control-Allow-Origin", "*"); // Error handling mit suppress_response_codes=true if (httpServletRequest.getParameter("suppress_response_codes") != null && !httpServletRequest.getParameter("suppress_response_codes").equals("")) { httpServletResponse.setStatus(HttpServletResponse.SC_OK); } // Error handling mit suppress_response_codes=false (=default) else { httpServletResponse.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED); } // Json fr Response body RequestError requestError = new RequestError(); requestError.setError(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED))); requestError.setCode(HttpServletResponse.SC_METHOD_NOT_ALLOWED); requestError.setDescription(this.config.getProperty( "error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED) + ".description")); requestError.setErrorUri(this.config.getProperty( "error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED) + ".uri")); StringWriter json = new StringWriter(); mapper.writeValue(json, requestError); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + json); // send response httpServletResponse.getWriter().println(json); } } }
From source file:org.apache.cocoon.servlet.DebugFilter.java
/** * Log debug information about the current environment. * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) *//*ww w .jav a 2s . c om*/ public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException { // we don't do debug msgs if this is not a http servlet request if (!(req instanceof HttpServletRequest)) { filterChain.doFilter(req, res); return; } try { ++activeRequestCount; final HttpServletRequest request = (HttpServletRequest) req; if (getLogger().isDebugEnabled()) { final StringBuffer msg = new StringBuffer(); msg.append("DEBUGGING INFORMATION:").append(lineSeparator); msg.append("REQUEST: ").append(request.getRequestURI()).append(lineSeparator).append(lineSeparator); msg.append("CONTEXT PATH: ").append(request.getContextPath()).append(lineSeparator); msg.append("SERVLET PATH: ").append(request.getServletPath()).append(lineSeparator); msg.append("PATH INFO: ").append(request.getPathInfo()).append(lineSeparator).append(lineSeparator); msg.append("REMOTE HOST: ").append(request.getRemoteHost()).append(lineSeparator); msg.append("REMOTE ADDRESS: ").append(request.getRemoteAddr()).append(lineSeparator); msg.append("REMOTE USER: ").append(request.getRemoteUser()).append(lineSeparator); msg.append("REQUEST SESSION ID: ").append(request.getRequestedSessionId()).append(lineSeparator); msg.append("REQUEST PREFERRED LOCALE: ").append(request.getLocale().toString()) .append(lineSeparator); msg.append("SERVER HOST: ").append(request.getServerName()).append(lineSeparator); msg.append("SERVER PORT: ").append(request.getServerPort()).append(lineSeparator) .append(lineSeparator); msg.append("METHOD: ").append(request.getMethod()).append(lineSeparator); msg.append("CONTENT LENGTH: ").append(request.getContentLength()).append(lineSeparator); msg.append("PROTOCOL: ").append(request.getProtocol()).append(lineSeparator); msg.append("SCHEME: ").append(request.getScheme()).append(lineSeparator); msg.append("AUTH TYPE: ").append(request.getAuthType()).append(lineSeparator).append(lineSeparator); msg.append("CURRENT ACTIVE REQUESTS: ").append(activeRequestCount).append(lineSeparator); // log all of the request parameters final Enumeration e = request.getParameterNames(); msg.append("REQUEST PARAMETERS:").append(lineSeparator).append(lineSeparator); while (e.hasMoreElements()) { String p = (String) e.nextElement(); msg.append("PARAM: '").append(p).append("' ").append("VALUES: '"); String[] params = request.getParameterValues(p); for (int i = 0; i < params.length; i++) { msg.append("[" + params[i] + "]"); if (i != (params.length - 1)) { msg.append(", "); } } msg.append("'").append(lineSeparator); } // log all of the header parameters final Enumeration e2 = request.getHeaderNames(); msg.append("HEADER PARAMETERS:").append(lineSeparator).append(lineSeparator); while (e2.hasMoreElements()) { String p = (String) e2.nextElement(); msg.append("PARAM: '").append(p).append("' ").append("VALUES: '"); Enumeration e3 = request.getHeaders(p); while (e3.hasMoreElements()) { msg.append("[" + e3.nextElement() + "]"); if (e3.hasMoreElements()) { msg.append(", "); } } msg.append("'").append(lineSeparator); } msg.append(lineSeparator).append("SESSION ATTRIBUTES:").append(lineSeparator).append(lineSeparator); // log all of the session attributes final HttpSession session = ((HttpServletRequest) req).getSession(false); if (session != null) { // Fix bug #12139: Session can be modified while still // being enumerated here synchronized (session) { final Enumeration se = session.getAttributeNames(); while (se.hasMoreElements()) { String p = (String) se.nextElement(); msg.append("PARAM: '").append(p).append("' ").append("VALUE: '") .append(session.getAttribute(p)).append("'").append(lineSeparator); } } } getLogger().debug(msg.toString()); } // Delegate filterChain.doFilter(request, res); } finally { --activeRequestCount; } }
From source file:de.tu_dortmund.ub.api.paaa.PaaaEndpoint.java
/** * @param httpServletRequest// w w w . jav a 2 s. co m * @param httpServletResponse * @throws ServletException * @throws java.io.IOException */ protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException { ObjectMapper mapper = new ObjectMapper(); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "PathInfo = " + httpServletRequest.getPathInfo()); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "QueryString = " + httpServletRequest.getQueryString()); String patronid = ""; String service = ""; String accept = ""; String authorization = ""; String format = "json"; String path = httpServletRequest.getPathInfo(); String[] params = path.substring(1, path.length()).split("/"); if (params.length == 1) { patronid = params[0]; service = "patron"; } else if (params.length == 2) { patronid = params[0]; service = params[1]; } if (patronid.equals("patronid")) { patronid = ""; } this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "Patron: " + patronid); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "Service: " + service); if (httpServletRequest.getParameter("format") != null && !httpServletRequest.getParameter("format").equals("")) { format = httpServletRequest.getParameter("format"); } else { Enumeration<String> headerNames = httpServletRequest.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerNameKey = headerNames.nextElement(); if (headerNameKey.equals("Accept")) { this.logger.debug("headerNameKey = " + httpServletRequest.getHeader(headerNameKey)); if (httpServletRequest.getHeader(headerNameKey).contains("text/html")) { format = "html"; } else if (httpServletRequest.getHeader(headerNameKey).contains("application/xml")) { format = "xml"; } else if (httpServletRequest.getHeader(headerNameKey).contains("application/json")) { format = "json"; } } } } this.logger.info("format = " + format); if (!format.equals("json") && !format.equals("xml")) { this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_BAD_REQUEST + ": " + format + " not implemented!"); // Error handling mit suppress_response_codes=true if (httpServletRequest.getParameter("suppress_response_codes") != null) { httpServletResponse.setStatus(HttpServletResponse.SC_OK); } // Error handling mit suppress_response_codes=false (=default) else { httpServletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST); } // Json fr Response body RequestError requestError = new RequestError(); requestError.setError( this.config.getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST))); requestError.setCode(HttpServletResponse.SC_BAD_REQUEST); requestError.setDescription(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST) + ".description")); requestError.setErrorUri(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST) + ".uri")); this.sendRequestError(httpServletResponse, requestError, format); } else { // PAAA - function if (service.equals("signup") || service.equals("newpatron") || service.equals("updatepatron") || service.equals("blockpatron") || service.equals("unblockpatron") || service.equals("newfee")) { // get 'Accept' and 'Authorization' from Header; Enumeration<String> headerNames = httpServletRequest.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerNameKey = (String) headerNames.nextElement(); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "headerNameKey = " + headerNameKey + " / headerNameValue = " + httpServletRequest.getHeader(headerNameKey)); if (headerNameKey.equals("Accept")) { accept = httpServletRequest.getHeader(headerNameKey); } if (headerNameKey.equals("Authorization")) { authorization = httpServletRequest.getHeader(headerNameKey); } } this.logger.debug("[" + this.config.getProperty("service.name") + "] " + "Accept: " + accept); this.logger.debug( "[" + this.config.getProperty("service.name") + "] " + "Authorization: " + authorization); // if not exists token: read request parameter if (authorization.equals("") && httpServletRequest.getParameter("access_token") != null && !httpServletRequest.getParameter("access_token").equals("")) { authorization = httpServletRequest.getParameter("access_token"); } // if not exists token if (authorization.equals("")) { // if exists PaiaService-Cookie: read content Cookie[] cookies = httpServletRequest.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (cookie.getName().equals("PaaaService")) { String value = URLDecoder.decode(cookie.getValue(), "UTF-8"); this.logger.info(value); LoginResponse loginResponse = mapper.readValue(value, LoginResponse.class); // A C H T U N G: ggf. andere patronID im Cookie als in Request (UniAccount vs. BibAccount) if (loginResponse.getPatron().equals(patronid)) { authorization = loginResponse.getAccess_token(); } break; } } } } httpServletResponse.setHeader("Access-Control-Allow-Origin", "*"); // check token ... boolean isAuthorized = false; if (!authorization.equals("")) { if (Lookup.lookupAll(AuthorizationInterface.class).size() > 0) { AuthorizationInterface authorizationInterface = Lookup.lookup(AuthorizationInterface.class); // init Authorization Service authorizationInterface.init(this.config); try { isAuthorized = authorizationInterface.isTokenValid(httpServletResponse, service, patronid, authorization); } catch (AuthorizationException e) { // TODO correct error handling this.logger.error("[" + config.getProperty("service.name") + "] " + HttpServletResponse.SC_UNAUTHORIZED + "!"); } } else { // TODO correct error handling this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_INTERNAL_SERVER_ERROR + ": " + "Authorization Interface not implemented!"); } } this.logger.debug("[" + config.getProperty("service.name") + "] " + "Authorization: " + authorization + " - " + isAuthorized); // ... - if not is authorized - against DFN-AAI service if (!isAuthorized) { // TODO if exists OpenAM-Session-Cookie: read content this.logger.debug("[" + config.getProperty("service.name") + "] " + "Authorization: " + authorization + " - " + isAuthorized); } if (isAuthorized) { // execute query this.provideService(httpServletRequest, httpServletResponse, format, patronid, authorization, service); } else { // Authorization this.authorize(httpServletRequest, httpServletResponse, format); } } else { this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_METHOD_NOT_ALLOWED + ": " + "POST for '" + service + "' not allowed!"); httpServletResponse.setHeader("WWW-Authentificate", "Bearer"); httpServletResponse.setHeader("WWW-Authentificate", "Bearer realm=\"PAAA\""); httpServletResponse.setContentType("application/json"); // Error handling mit suppress_response_codes=true if (httpServletRequest.getParameter("suppress_response_codes") != null && !httpServletRequest.getParameter("suppress_response_codes").equals("")) { httpServletResponse.setStatus(HttpServletResponse.SC_OK); } // Error handling mit suppress_response_codes=false (=default) else { httpServletResponse.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED); } // Json fr Response body RequestError requestError = new RequestError(); requestError.setError(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED))); requestError.setCode(HttpServletResponse.SC_METHOD_NOT_ALLOWED); requestError.setDescription(this.config.getProperty( "error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED) + ".description")); requestError.setErrorUri(this.config.getProperty( "error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED) + ".uri")); StringWriter json = new StringWriter(); mapper.writeValue(json, requestError); this.logger.debug("[" + this.config.getProperty("service.name") + "] " + json); // send response httpServletResponse.getWriter().println(json); } } }
From source file:org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.java
private void sendToFrameworkForLogout(HttpServletRequest request, HttpServletResponse response, SAMLSSOReqValidationResponseDTO signInRespDTO, String relayState, String sessionId, boolean invalid, boolean isPost) throws ServletException, IOException { SAMLSSOSessionDTO sessionDTO = new SAMLSSOSessionDTO(); sessionDTO.setHttpQueryString(request.getQueryString()); sessionDTO.setRelayState(relayState); sessionDTO.setSessionId(sessionId);// ww w . j a v a2s .c om sessionDTO.setLogoutReq(true); sessionDTO.setInvalidLogout(invalid); if (signInRespDTO != null) { sessionDTO.setDestination(signInRespDTO.getDestination()); sessionDTO.setRequestMessageString(signInRespDTO.getRequestMessageString()); sessionDTO.setIssuer(signInRespDTO.getIssuer()); sessionDTO.setRequestID(signInRespDTO.getId()); sessionDTO.setSubject(signInRespDTO.getSubject()); sessionDTO.setRelyingPartySessionId(signInRespDTO.getRpSessionId()); sessionDTO.setAssertionConsumerURL(signInRespDTO.getAssertionConsumerURL()); sessionDTO.setValidationRespDTO(signInRespDTO); } String sessionDataKey = UUIDGenerator.generateUUID(); addSessionDataToCache(sessionDataKey, sessionDTO, IdPManagementUtil .getIdleSessionTimeOut(CarbonContext.getThreadLocalCarbonContext().getTenantDomain())); String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH); String selfPath = URLEncoder.encode("/samlsso", "UTF-8"); //Add all parameters to authentication context before sending to authentication // framework AuthenticationRequest authenticationRequest = new AuthenticationRequest(); authenticationRequest.addRequestQueryParam(FrameworkConstants.RequestParams.LOGOUT, new String[] { "true" }); authenticationRequest.setRequestQueryParams(request.getParameterMap()); authenticationRequest.setCommonAuthCallerPath(selfPath); authenticationRequest.setPost(isPost); if (signInRespDTO != null) { authenticationRequest.setRelyingParty(signInRespDTO.getIssuer()); } authenticationRequest.appendRequestQueryParams(request.getParameterMap()); //Add headers to AuthenticationRequestContext for (Enumeration e = request.getHeaderNames(); e.hasMoreElements();) { String headerName = e.nextElement().toString(); authenticationRequest.addHeader(headerName, request.getHeader(headerName)); } AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest); FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest); String queryParams = "?" + SAMLSSOConstants.SESSION_DATA_KEY + "=" + sessionDataKey + "&" + "type" + "=" + "samlsso"; response.sendRedirect(commonAuthURL + queryParams); }
From source file:it.eng.spago.dispatching.httpchannel.AdapterHTTP.java
/** * Sets the http request data.// w w w.j a v a 2 s .c o m * * @param request the request * @param requestContainer the request container */ private void setHttpRequestData(HttpServletRequest request, RequestContainer requestContainer) { requestContainer.setAttribute(HTTP_REQUEST_AUTH_TYPE, request.getAuthType()); requestContainer.setAttribute(HTTP_REQUEST_CHARACTER_ENCODING, request.getCharacterEncoding()); requestContainer.setAttribute(HTTP_REQUEST_CONTENT_LENGTH, String.valueOf(request.getContentLength())); requestContainer.setAttribute(HTTP_REQUEST_CONTENT_TYPE, request.getContentType()); requestContainer.setAttribute(HTTP_REQUEST_CONTEXT_PATH, request.getContextPath()); requestContainer.setAttribute(HTTP_REQUEST_METHOD, request.getMethod()); requestContainer.setAttribute(HTTP_REQUEST_PATH_INFO, request.getPathInfo()); requestContainer.setAttribute(HTTP_REQUEST_PATH_TRANSLATED, request.getPathTranslated()); requestContainer.setAttribute(HTTP_REQUEST_PROTOCOL, request.getProtocol()); requestContainer.setAttribute(HTTP_REQUEST_QUERY_STRING, request.getQueryString()); requestContainer.setAttribute(HTTP_REQUEST_REMOTE_ADDR, request.getRemoteAddr()); requestContainer.setAttribute(HTTP_REQUEST_REMOTE_HOST, request.getRemoteHost()); requestContainer.setAttribute(HTTP_REQUEST_REMOTE_USER, request.getRemoteUser()); requestContainer.setAttribute(HTTP_REQUEST_REQUESTED_SESSION_ID, request.getRequestedSessionId()); requestContainer.setAttribute(HTTP_REQUEST_REQUEST_URI, request.getRequestURI()); requestContainer.setAttribute(HTTP_REQUEST_SCHEME, request.getScheme()); requestContainer.setAttribute(HTTP_REQUEST_SERVER_NAME, request.getServerName()); requestContainer.setAttribute(HTTP_REQUEST_SERVER_PORT, String.valueOf(request.getServerPort())); requestContainer.setAttribute(HTTP_REQUEST_SERVLET_PATH, request.getServletPath()); if (request.getUserPrincipal() != null) requestContainer.setAttribute(HTTP_REQUEST_USER_PRINCIPAL, request.getUserPrincipal()); requestContainer.setAttribute(HTTP_REQUEST_REQUESTED_SESSION_ID_FROM_COOKIE, String.valueOf(request.isRequestedSessionIdFromCookie())); requestContainer.setAttribute(HTTP_REQUEST_REQUESTED_SESSION_ID_FROM_URL, String.valueOf(request.isRequestedSessionIdFromURL())); requestContainer.setAttribute(HTTP_REQUEST_REQUESTED_SESSION_ID_VALID, String.valueOf(request.isRequestedSessionIdValid())); requestContainer.setAttribute(HTTP_REQUEST_SECURE, String.valueOf(request.isSecure())); Enumeration headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = (String) headerNames.nextElement(); String headerValue = request.getHeader(headerName); requestContainer.setAttribute(headerName, headerValue); } // while (headerNames.hasMoreElements()) requestContainer.setAttribute(HTTP_SESSION_ID, request.getSession().getId()); requestContainer.setAttribute(Constants.HTTP_IS_XML_REQUEST, "FALSE"); }
From source file:org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet.java
/** * Sends the user for authentication to the login page * * @param req//ww w.j a va 2 s .co m * @param resp * @param signInRespDTO * @param relayState * @throws ServletException * @throws IOException */ private void sendToFrameworkForAuthentication(HttpServletRequest req, HttpServletResponse resp, SAMLSSOReqValidationResponseDTO signInRespDTO, String relayState, boolean isPost) throws ServletException, IOException, UserStoreException, IdentityException { SAMLSSOSessionDTO sessionDTO = new SAMLSSOSessionDTO(); sessionDTO.setHttpQueryString(req.getQueryString()); sessionDTO.setDestination(signInRespDTO.getDestination()); sessionDTO.setRelayState(relayState); sessionDTO.setRequestMessageString(signInRespDTO.getRequestMessageString()); sessionDTO.setIssuer(signInRespDTO.getIssuer()); sessionDTO.setRequestID(signInRespDTO.getId()); sessionDTO.setSubject(signInRespDTO.getSubject()); sessionDTO.setRelyingPartySessionId(signInRespDTO.getRpSessionId()); sessionDTO.setAssertionConsumerURL(signInRespDTO.getAssertionConsumerURL()); sessionDTO.setTenantDomain(SAMLSSOUtil.getTenantDomainFromThreadLocal()); if (sessionDTO.getTenantDomain() == null) { String[] splitIssuer = sessionDTO.getIssuer().split("@"); if (splitIssuer != null && splitIssuer.length == 2 && !splitIssuer[0].trim().isEmpty() && !splitIssuer[1].trim().isEmpty()) { sessionDTO.setTenantDomain(splitIssuer[1]); } else { sessionDTO.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME); } } SAMLSSOUtil.setTenantDomainInThreadLocal(sessionDTO.getTenantDomain()); sessionDTO.setForceAuth(signInRespDTO.isForceAuthn()); sessionDTO.setPassiveAuth(signInRespDTO.isPassive()); sessionDTO.setValidationRespDTO(signInRespDTO); sessionDTO.setIdPInitSSO(signInRespDTO.isIdPInitSSO()); String sessionDataKey = UUIDGenerator.generateUUID(); addSessionDataToCache(sessionDataKey, sessionDTO, IdPManagementUtil.getIdleSessionTimeOut(sessionDTO.getTenantDomain())); String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH); String selfPath = URLEncoder.encode("/" + FrameworkConstants.RequestType.CLAIM_TYPE_SAML_SSO, "UTF-8"); // Setting authentication request context AuthenticationRequest authenticationRequest = new AuthenticationRequest(); // Adding query parameters authenticationRequest.appendRequestQueryParams(req.getParameterMap()); for (Enumeration headerNames = req.getHeaderNames(); headerNames.hasMoreElements();) { String headerName = headerNames.nextElement().toString(); authenticationRequest.addHeader(headerName, req.getHeader(headerName)); } authenticationRequest.setRelyingParty(signInRespDTO.getIssuer()); authenticationRequest.setCommonAuthCallerPath(selfPath); authenticationRequest.setForceAuth(signInRespDTO.isForceAuthn()); if (!authenticationRequest.getForceAuth() && authenticationRequest.getRequestQueryParam("forceAuth") != null) { String[] forceAuth = authenticationRequest.getRequestQueryParam("forceAuth"); if (!forceAuth[0].trim().isEmpty() && Boolean.parseBoolean(forceAuth[0].trim())) { authenticationRequest.setForceAuth(Boolean.parseBoolean(forceAuth[0].trim())); } } authenticationRequest.setPassiveAuth(signInRespDTO.isPassive()); authenticationRequest.setTenantDomain(sessionDTO.getTenantDomain()); authenticationRequest.setPost(isPost); // Creating cache entry and adding entry to the cache before calling to commonauth AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest); FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest); StringBuilder queryStringBuilder = new StringBuilder(); queryStringBuilder.append(commonAuthURL).append("?").append(SAMLSSOConstants.SESSION_DATA_KEY).append("=") .append(sessionDataKey).append("&").append(FrameworkConstants.RequestParams.TYPE).append("=") .append(FrameworkConstants.RequestType.CLAIM_TYPE_SAML_SSO); FrameworkUtils.setRequestPathCredentials(req); resp.sendRedirect(queryStringBuilder.toString()); }