List of usage examples for javax.servlet.http HttpServletRequest getRemoteHost
public String getRemoteHost();
From source file:net.wastl.webmail.server.AdminSession.java
public AdminSession(WebMailServer parent, Object parm, HTTPRequestHeader h) throws InvalidPasswordException, WebMailException { try {/*from w w w . j ava2s .c o m*/ Class srvltreq = Class.forName("javax.servlet.http.HttpServletRequest"); if (srvltreq.isInstance(parm)) { running_as_servlet = true; javax.servlet.http.HttpServletRequest req = (javax.servlet.http.HttpServletRequest) parm; this.sess = req.getSession(false); session_code = ((javax.servlet.http.HttpSession) sess).getId(); try { remote = InetAddress.getByName(req.getRemoteHost()); } catch (UnknownHostException e) { try { remote = InetAddress.getByName(req.getRemoteAddr()); } catch (Exception ex) { try { remote = InetAddress.getByName("localhost"); } catch (Exception ex2) { } } } } else { throw new Exception("Running as Servlet but not a valid ServletRequest"); } } catch (Throwable t) { this.remote = (InetAddress) parm; session_code = Helper.calcSessionCode(remote, h); } doInit(parent, h); }
From source file:org.apache.ivory.resource.AbstractEntityManager.java
protected void audit(HttpServletRequest request, String entity, String type, String action) { if (request == null) { return; // this must be internal call from Ivory }//from www . ja v a 2 s .c om AUDIT.info("Performed " + action + " on " + entity + "(" + type + ") :: " + request.getRemoteHost() + "/" + CurrentUser.getUser()); }
From source file:org.apache.hadoop.hdfsproxy.ProxyFilter.java
/** {@inheritDoc} */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest rqst = (HttpServletRequest) request; HttpServletResponse rsp = (HttpServletResponse) response; if (LOG.isDebugEnabled()) { StringBuilder b = new StringBuilder("Request from ").append(rqst.getRemoteHost()).append("/") .append(rqst.getRemoteAddr()).append(":").append(rqst.getRemotePort()); @SuppressWarnings("unchecked") Enumeration<String> e = rqst.getAttributeNames(); for (; e.hasMoreElements();) { String attribute = e.nextElement(); b.append("\n " + attribute + " => " + rqst.getAttribute(attribute)); }//from w w w . j a v a 2s . c o m X509Certificate[] userCerts = (X509Certificate[]) rqst .getAttribute("javax.servlet.request.X509Certificate"); if (userCerts != null) for (X509Certificate cert : userCerts) b.append("\n Client certificate Subject Name is " + cert.getSubjectX500Principal().getName()); b.append("\n The Scheme is " + rqst.getScheme()); b.append("\n The Auth Type is " + rqst.getAuthType()); b.append("\n The Path Info is " + rqst.getPathInfo()); b.append("\n The Translated Path Info is " + rqst.getPathTranslated()); b.append("\n The Context Path is " + rqst.getContextPath()); b.append("\n The Query String is " + rqst.getQueryString()); b.append("\n The Remote User is " + rqst.getRemoteUser()); b.append("\n The User Principal is " + rqst.getUserPrincipal()); b.append("\n The Request URI is " + rqst.getRequestURI()); b.append("\n The Request URL is " + rqst.getRequestURL()); b.append("\n The Servlet Path is " + rqst.getServletPath()); LOG.debug(b.toString()); } boolean unitTest = false; if (rqst.getScheme().equalsIgnoreCase("http") && rqst.getParameter("UnitTest") != null) unitTest = true; if (rqst.getScheme().equalsIgnoreCase("https") || unitTest) { boolean isAuthorized = false; X509Certificate[] certs = (X509Certificate[]) rqst .getAttribute("javax.servlet.request.X509Certificate"); if (unitTest) { try { LOG.debug("==> Entering https unit test"); String SslPath = rqst.getParameter("SslPath"); InputStream inStream = new FileInputStream(SslPath); CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate) cf.generateCertificate(inStream); inStream.close(); certs = new X509Certificate[] { cert }; } catch (Exception e) { // do nothing here } } if (certs == null || certs.length == 0) { rsp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No client SSL certificate received"); LOG.info("No Client SSL certificate received"); return; } for (X509Certificate cert : certs) { try { cert.checkValidity(); } catch (CertificateExpiredException e) { LOG.info("Received cert for " + cert.getSubjectX500Principal().getName() + " expired"); rsp.sendError(HttpServletResponse.SC_FORBIDDEN, "Certificate expired"); return; } catch (CertificateNotYetValidException e) { LOG.info("Received cert for " + cert.getSubjectX500Principal().getName() + " is not yet valid"); rsp.sendError(HttpServletResponse.SC_FORBIDDEN, "Certificate is not yet valid"); return; } } String[] tokens = certs[0].getSubjectX500Principal().getName().split("\\s*,\\s*"); String userID = null; for (String s : tokens) { if (s.startsWith("CN=")) { userID = s; break; } } if (userID == null || userID.length() < 4) { LOG.info("Can't retrieve user ID from SSL certificate"); rsp.sendError(HttpServletResponse.SC_FORBIDDEN, "Can't retrieve user ID from SSL certificate"); return; } userID = userID.substring(3); String servletPath = rqst.getServletPath(); if (unitTest) { servletPath = rqst.getParameter("TestSevletPathInfo"); LOG.info("this is for unit test purpose only"); } if (HFTP_PATTERN.matcher(servletPath).matches()) { // request is an HSFTP request if (FILEPATH_PATTERN.matcher(servletPath).matches()) { // file path as part of the URL isAuthorized = checkPath(userID, certs[0], rqst.getPathInfo() != null ? rqst.getPathInfo() : "/"); } else { // file path is stored in "filename" parameter isAuthorized = checkPath(userID, certs[0], rqst.getParameter("filename")); } } else if (RELOAD_PATTERN.matcher(servletPath).matches() && checkUser("Admin", certs[0])) { Configuration conf = new Configuration(false); conf.addResource("hdfsproxy-default.xml"); Map<String, Set<Path>> permsMap = getPermMap(conf); Map<String, Set<BigInteger>> certsMap = getCertsMap(conf); if (permsMap == null || certsMap == null) { LOG.warn("Permission files reloading failed"); rsp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Permission files reloading failed"); return; } ProxyFilter.permsMap = permsMap; ProxyFilter.certsMap = certsMap; LOG.info("User permissions and user certs files reloaded"); rsp.setStatus(HttpServletResponse.SC_OK); return; } if (!isAuthorized) { rsp.sendError(HttpServletResponse.SC_FORBIDDEN, "Unauthorized access"); return; } // request is authorized, set ugi for servlets UserGroupInformation ugi = UserGroupInformation.createRemoteUser(userID); rqst.setAttribute("authorized.ugi", ugi); rqst.setAttribute("org.apache.hadoop.hdfsproxy.authorized.userID", userID); } else if (rqst.getScheme().equalsIgnoreCase("http")) { // http request, set ugi for servlets, only for testing purposes String ugi = rqst.getParameter("ugi"); if (ugi != null) { rqst.setAttribute("authorized.ugi", UserGroupInformation.createRemoteUser(ugi)); rqst.setAttribute("org.apache.hadoop.hdfsproxy.authorized.userID", ugi.split(",")[0]); } } chain.doFilter(request, response); }
From source file:com.adito.security.actions.LogoffAction.java
public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { try {// w w w . ja v a2s . co m SessionInfo session = LogonControllerFactory.getInstance().getSessionInfo(request); if (session != null) { VFSRepository.removeRepository(session); if (DefaultAgentManager.getInstance().hasActiveAgent(session)) DefaultAgentManager.getInstance().unregisterAgent(session); String username = LogonControllerFactory.getInstance().getUser(request).getPrincipalName(); username += " [" + request.getRemoteHost() + "]"; if (log.isInfoEnabled()) log.info("Logging off " + username); try { LogonControllerFactory.getInstance().logoffSession(request, response); if (log.isInfoEnabled()) log.info(username + " has logged off"); } catch (Exception ex) { if (log.isInfoEnabled()) log.info("Logoff failed for " + username, ex); } } } catch (SecurityException ite) { // Dont care - session may have timed-out } getMessages(request).clear(); getErrors(request).clear(); return (mapping.findForward("success")); }
From source file:org.ejbca.ui.web.pub.ClearCacheServlet.java
public void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { if (log.isTraceEnabled()) { log.trace(">doGet()"); }//from w w w .j a va 2 s.c om if (StringUtils.equals(req.getParameter("command"), "clearcaches")) { boolean excludeActiveCryptoTokens = StringUtils.equalsIgnoreCase("true", req.getParameter("excludeactivects")); if (!acceptedHost(req.getRemoteHost())) { if (log.isDebugEnabled()) { log.debug("Clear cache request denied from host " + req.getRemoteHost()); } res.sendError(HttpServletResponse.SC_UNAUTHORIZED, "The remote host " + req.getRemoteHost() + " is unknown"); } else { // Clear all known global configuration caches for (final String globalConfigurationId : globalconfigurationsession.getIds()) { globalconfigurationsession.flushConfigurationCache(globalConfigurationId); if (log.isDebugEnabled()) { if (GlobalConfiguration.GLOBAL_CONFIGURATION_ID.equals(globalConfigurationId)) { log.debug("Global Configuration cache cleared."); } else if (CmpConfiguration.CMP_CONFIGURATION_ID.equals(globalConfigurationId)) { log.debug("CMP Configuration cache cleared."); } else if (ScepConfiguration.SCEP_CONFIGURATION_ID.equals(globalConfigurationId)) { log.debug("SCEP Configuration cache cleared."); } else { log.debug(globalConfigurationId + " Configuration cache cleared."); } } } endentitysession.flushProfileCache(); if (log.isDebugEnabled()) { log.debug("RA Profile cache cleared"); } certificateprofilesession.flushProfileCache(); if (log.isDebugEnabled()) { log.debug("Cert Profile cache cleared"); } accessControlSession.forceCacheExpire(); if (log.isDebugEnabled()) { log.debug("Authorization Rule cache cleared"); } caSession.flushCACache(); if (log.isDebugEnabled()) { log.debug("CA cache cleared"); } flushCryptoTokenCache(excludeActiveCryptoTokens); publisherSession.flushPublisherCache(); if (log.isDebugEnabled()) { log.debug("Publisher cache cleared"); } internalKeyBindingDataSession.flushCache(); if (log.isDebugEnabled()) { log.debug("InternalKeyBinding cache cleared"); } ocspResponseGeneratorSession.reloadOcspSigningCache(); if (log.isDebugEnabled()) { log.debug("OCSP signing cache cleared."); } ocspResponseGeneratorSession.reloadOcspExtensionsCache(); // clear CT OCSP response extension cache log.debug("OCSP extensions cache cleared."); if (CertificateTransparencyFactory.isCTAvailable()) { ocspResponseGeneratorSession.clearCTFailFastCache(); log.debug("CT caches cleared"); } certificateStoreSession.reloadCaCertificateCache(); if (log.isDebugEnabled()) { log.debug("Certificate Store cache cleared and reloaded."); } } } else { if (log.isDebugEnabled()) { log.debug("No clearcaches command (?command=clearcaches) received, returning bad request."); } res.sendError(HttpServletResponse.SC_BAD_REQUEST, "No command."); } if (log.isTraceEnabled()) { log.trace("<doGet()"); } }
From source file:cn.bc.web.util.DebugUtils.java
public static StringBuffer getDebugInfo(HttpServletRequest request, HttpServletResponse response) { @SuppressWarnings("rawtypes") Enumeration e;/* w w w . j ava 2 s .c o m*/ String name; StringBuffer html = new StringBuffer(); //session HttpSession session = request.getSession(); html.append("<div><b>session:</b></div><ul>"); html.append(createLI("Id", session.getId())); html.append(createLI("CreationTime", new Date(session.getCreationTime()).toString())); html.append(createLI("LastAccessedTime", new Date(session.getLastAccessedTime()).toString())); //session:attributes e = session.getAttributeNames(); html.append("<li>attributes:<ul>\r\n"); while (e.hasMoreElements()) { name = (String) e.nextElement(); html.append(createLI(name, String.valueOf(session.getAttribute(name)))); } html.append("</ul></li>\r\n"); html.append("</ul>\r\n"); //request html.append("<div><b>request:</b></div><ul>"); html.append(createLI("URL", request.getRequestURL().toString())); html.append(createLI("QueryString", request.getQueryString())); html.append(createLI("Method", request.getMethod())); html.append(createLI("CharacterEncoding", request.getCharacterEncoding())); html.append(createLI("ContentType", request.getContentType())); html.append(createLI("Protocol", request.getProtocol())); html.append(createLI("RemoteAddr", request.getRemoteAddr())); html.append(createLI("RemoteHost", request.getRemoteHost())); html.append(createLI("RemotePort", request.getRemotePort() + "")); html.append(createLI("RemoteUser", request.getRemoteUser())); html.append(createLI("ServerName", request.getServerName())); html.append(createLI("ServletPath", request.getServletPath())); html.append(createLI("ServerPort", request.getServerPort() + "")); html.append(createLI("Scheme", request.getScheme())); html.append(createLI("LocalAddr", request.getLocalAddr())); html.append(createLI("LocalName", request.getLocalName())); html.append(createLI("LocalPort", request.getLocalPort() + "")); html.append(createLI("Locale", request.getLocale().toString())); //request:headers e = request.getHeaderNames(); html.append("<li>Headers:<ul>\r\n"); while (e.hasMoreElements()) { name = (String) e.nextElement(); html.append(createLI(name, request.getHeader(name))); } html.append("</ul></li>\r\n"); //request:parameters e = request.getParameterNames(); html.append("<li>Parameters:<ul>\r\n"); while (e.hasMoreElements()) { name = (String) e.nextElement(); html.append(createLI(name, request.getParameter(name))); } html.append("</ul></li>\r\n"); html.append("</ul>\r\n"); //response html.append("<div><b>response:</b></div><ul>"); html.append(createLI("CharacterEncoding", response.getCharacterEncoding())); html.append(createLI("ContentType", response.getContentType())); html.append(createLI("BufferSize", response.getBufferSize() + "")); html.append(createLI("Locale", response.getLocale().toString())); html.append("<ul>\r\n"); return html; }
From source file:com.mtgi.analytics.servlet.ServletRequestBehaviorTrackingAdapter.java
public BehaviorEvent start(ServletRequest request) { HttpServletRequest req = (HttpServletRequest) request; if (!match(req)) return null; String eventName = getEventName(req); BehaviorEvent event = manager.createEvent(eventType, eventName); //log relevant request data and parameters to the event. EventDataElement data = event.addData(); data.add("uri", req.getRequestURI()); data.add("protocol", req.getProtocol()); data.add("method", req.getMethod()); data.add("remote-address", req.getRemoteAddr()); data.add("remote-host", req.getRemoteHost()); if (this.parameters != null) { EventDataElement parameters = data.addElement(PARAMETERS_ELEMENT); //include only configured parameters for (String name : this.parameters) { String[] values = request.getParameterValues(name); if (values != null) addParameter(parameters, name, values); }/* www . j av a 2s .c o m*/ } else { EventDataElement parameters = data.addElement(PARAMETERS_ELEMENT); //include all parameters for (Enumeration<?> params = request.getParameterNames(); params.hasMoreElements();) { String name = (String) params.nextElement(); String[] values = request.getParameterValues(name); addParameter(parameters, name, values); } } manager.start(event); return event; }
From source file:org.opensubsystems.core.util.servlet.WebUtils.java
/** * Create debug string containing all parameter names and their values from * the request, all attributes, all cookies and other data characterizing the * request./*from w w w . jav a2 s . c o m*/ * * @param hsrqRequest - the servlet request. * @return String - debug string containing all parameter names and their * values from the request */ public static String debug(HttpServletRequest hsrqRequest) { Enumeration enumNames; Enumeration enumValues; Iterator iterValues; String strName; String[] arValues; Cookie[] arCookies; int iIndex; Map<String, String[]> mpParamMap; StringBuilder sbfReturn = new StringBuilder(); sbfReturn.append("HttpServletRequest=["); sbfReturn.append("\nRemoteAddress="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getRemoteAddr())); sbfReturn.append(";"); sbfReturn.append("\nRemotePort="); sbfReturn.append(hsrqRequest.getRemotePort()); sbfReturn.append(";"); sbfReturn.append("\nRemoteHost="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getRemoteHost())); sbfReturn.append(";"); sbfReturn.append("\nRemoteUser="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getRemoteUser())); sbfReturn.append(";"); sbfReturn.append("\nFullURL="); sbfReturn.append(getFullRequestURL(hsrqRequest)); sbfReturn.append(";"); sbfReturn.append("\nContextPath="); sbfReturn.append(hsrqRequest.getContextPath()); sbfReturn.append(";"); sbfReturn.append("\nServletPath="); sbfReturn.append(hsrqRequest.getServletPath()); sbfReturn.append(";"); sbfReturn.append("\nPathInfo ="); sbfReturn.append(hsrqRequest.getPathInfo()); sbfReturn.append(";"); sbfReturn.append("\nRequestURI="); sbfReturn.append(hsrqRequest.getRequestURI()); sbfReturn.append(";"); sbfReturn.append("\nRequestURL="); sbfReturn.append(hsrqRequest.getRequestURL()); sbfReturn.append(";"); sbfReturn.append("\nMethod="); sbfReturn.append(hsrqRequest.getMethod()); sbfReturn.append(";"); sbfReturn.append("\nAuthenticationType="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getAuthType())); sbfReturn.append(";"); sbfReturn.append("\nCharacterEncoding="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getCharacterEncoding())); sbfReturn.append(";"); sbfReturn.append("\nContentType="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getContentType())); sbfReturn.append(";"); sbfReturn.append("\nMultiPart="); sbfReturn.append(ServletFileUpload.isMultipartContent(hsrqRequest)); sbfReturn.append(";"); // Parameters //////////////////////////////////////////////////////////// try { Map.Entry<String, String[]> entry; // Use getParameterMap rather than request.getParameterNames since it // correctly handles multipart requests mpParamMap = WebParamUtils.getParameterMap("WebUtils: ", hsrqRequest); for (iterValues = mpParamMap.entrySet().iterator(); iterValues.hasNext();) { entry = (Map.Entry<String, String[]>) iterValues.next(); strName = entry.getKey(); arValues = entry.getValue(); sbfReturn.append("\nParam="); sbfReturn.append(strName); sbfReturn.append(" values="); for (iIndex = 0; iIndex < arValues.length; iIndex++) { sbfReturn.append(arValues[iIndex]); if (iIndex < (arValues.length - 1)) { sbfReturn.append(";"); } } if (iterValues.hasNext()) { sbfReturn.append(";"); } } } catch (OSSInvalidDataException ex) { sbfReturn.append("<Cannot access parameter map of the request>"); s_logger.log(Level.SEVERE, "Cannot access parameter map of the request", ex); } // Uploaded files //////////////////////////////////////////////////////// if (ServletFileUpload.isMultipartContent(hsrqRequest)) { try { FileItem item; Map<String, FileItem> mpFiles; TwoElementStruct<Map<String, Object>, Map<String, FileItem>> params; params = WebParamUtils.getMultipartParameters("WebUtils: ", hsrqRequest); mpFiles = params.getSecond(); for (iterValues = mpFiles.values().iterator(); iterValues.hasNext();) { item = (FileItem) iterValues.next(); sbfReturn.append("\nUpload="); sbfReturn.append(item.getName()); sbfReturn.append(" field="); sbfReturn.append(item.getFieldName()); sbfReturn.append(" contentType="); sbfReturn.append(item.getContentType()); sbfReturn.append(" isInMemory="); sbfReturn.append(item.isInMemory()); sbfReturn.append(" sizeInBytes="); sbfReturn.append(item.getSize()); if (iterValues.hasNext()) { sbfReturn.append(";"); } } } catch (OSSInvalidDataException ex) { sbfReturn.append("<Cannot access list of multipart parameters>"); s_logger.log(Level.SEVERE, "Cannot access list of multipart parameters", ex); } } // Headers /////////////////////////////////////////////////////////////// for (enumNames = hsrqRequest.getHeaderNames(); enumNames.hasMoreElements();) { strName = (String) enumNames.nextElement(); sbfReturn.append("\nHeader="); sbfReturn.append(strName); sbfReturn.append(" values="); for (enumValues = hsrqRequest.getHeaders(strName); enumValues.hasMoreElements();) { sbfReturn.append(enumValues.nextElement()); if (enumValues.hasMoreElements()) { sbfReturn.append(";"); } } if (enumNames.hasMoreElements()) { sbfReturn.append(";"); } } // Cookies /////////////////////////////////////////////////////////////// arCookies = hsrqRequest.getCookies(); if (arCookies != null) { Cookie cookie; for (iIndex = 0; iIndex < arCookies.length; iIndex++) { cookie = arCookies[iIndex]; sbfReturn.append("\nCookie="); sbfReturn.append(cookie.getName()); sbfReturn.append(" path="); sbfReturn.append(cookie.getPath()); sbfReturn.append(" path="); sbfReturn.append(cookie.getDomain()); sbfReturn.append(" maxage="); sbfReturn.append(cookie.getMaxAge()); sbfReturn.append(" version="); sbfReturn.append(cookie.getVersion()); sbfReturn.append(" secure="); sbfReturn.append(cookie.getSecure()); sbfReturn.append(" value="); sbfReturn.append(cookie.getValue()); sbfReturn.append(" comment="); sbfReturn.append(StringUtils.valueIfNotNull(cookie.getComment())); if (iIndex < (arCookies.length - 1)) { sbfReturn.append(";"); } } } if (enumNames.hasMoreElements()) { sbfReturn.append(";"); } // Attributes //////////////////////////////////////////////////////////// for (enumNames = hsrqRequest.getAttributeNames(); enumNames.hasMoreElements();) { strName = (String) enumNames.nextElement(); sbfReturn.append("\nAttribute="); sbfReturn.append(strName); sbfReturn.append(" value="); sbfReturn.append(hsrqRequest.getAttribute(strName)); if (enumNames.hasMoreElements()) { sbfReturn.append(";"); } } // Content /////////////////////////////////////////////////////////////// sbfReturn.append("\nContent="); try { sbfReturn.append(StringUtils.convertStreamToString(hsrqRequest.getInputStream(), true)); } catch (IOException ex) { sbfReturn.append("<Cannot access input stream of the request>"); s_logger.log(Level.SEVERE, "Cannot access input stream of the request", ex); } sbfReturn.append(";"); return sbfReturn.toString(); }
From source file:org.jasig.cas.support.pac4j.web.flow.ClientBackChannelAction.java
private void log(HttpServletRequest request) { logger.debug("========================================================="); logger.debug("ClientBackChannelAction.doExecute: "); logger.debug("request.method: " + request.getMethod()); logger.debug("request.requestURI: " + request.getRequestURI()); logger.debug("request.queryString: " + request.getQueryString()); logger.debug("request. host port remoteaddress: " + request.getRemoteHost() + " " + request.getRemotePort() + " " + request.getRemoteAddr()); logger.debug("request. parameter:"); Enumeration enParams = request.getParameterNames(); while (enParams.hasMoreElements()) { String paramName = (String) enParams.nextElement(); logger.debug(paramName + ": " + request.getParameter(paramName)); }//from w w w . j a v a 2s. c om logger.debug("request. attribute:"); Enumeration enParams2 = request.getAttributeNames(); while (enParams2.hasMoreElements()) { String paramName2 = (String) enParams2.nextElement(); logger.debug(paramName2 + ": " + request.getAttribute(paramName2)); } logger.debug("========================================================="); }
From source file:javax.faces.webapp.FacesServlet.java
public void service(ServletRequest request, ServletResponse response) throws IOException, ServletException { HttpServletRequest httpRequest = ((HttpServletRequest) request); String pathInfo = httpRequest.getPathInfo(); // if it is a prefix mapping ... if (pathInfo != null && (pathInfo.startsWith("/WEB-INF") || pathInfo.startsWith("/META-INF"))) { StringBuffer buffer = new StringBuffer(); buffer.append(" Someone is trying to access a secure resource : ").append(pathInfo); buffer.append("\n remote address is ").append(httpRequest.getRemoteAddr()); buffer.append("\n remote host is ").append(httpRequest.getRemoteHost()); buffer.append("\n remote user is ").append(httpRequest.getRemoteUser()); buffer.append("\n request URI is ").append(httpRequest.getRequestURI()); log.warn(buffer.toString());/* w w w . ja va2 s . c om*/ // Why does RI return a 404 and not a 403, SC_FORBIDDEN ? ((HttpServletResponse) response).sendError(HttpServletResponse.SC_NOT_FOUND); return; } if (log.isTraceEnabled()) log.trace("service begin"); FacesContext facesContext = _facesContextFactory.getFacesContext(_servletConfig.getServletContext(), request, response, _lifecycle); try { _lifecycle.execute(facesContext); _lifecycle.render(facesContext); } catch (Throwable e) { if (e instanceof IOException) { throw (IOException) e; } else if (e instanceof ServletException) { throw (ServletException) e; } else if (e.getMessage() != null) { throw new ServletException(e.getMessage(), e); } else { throw new ServletException(e); } } finally { facesContext.release(); } if (log.isTraceEnabled()) log.trace("service end"); }