List of usage examples for javax.servlet.http HttpServletRequest getRemoteUser
public String getRemoteUser();
null if the user has not been authenticated. From source file:com.ikon.servlet.admin.LanguageServlet.java
@Override @SuppressWarnings("unchecked") public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { log.debug("doPost({}, {})", request, response); request.setCharacterEncoding("UTF-8"); String action = WebUtils.getString(request, "action"); boolean persist = WebUtils.getBoolean(request, "persist"); String userId = request.getRemoteUser(); Session dbSession = null;/*from w w w . j a va 2 s .c om*/ updateSessionManager(request); try { if (ServletFileUpload.isMultipartContent(request)) { InputStream is = null; FileItemFactory factory = new DiskFileItemFactory(); ServletFileUpload upload = new ServletFileUpload(factory); List<FileItem> items = upload.parseRequest(request); Language lang = new Language(); byte data[] = null; for (Iterator<FileItem> it = items.iterator(); it.hasNext();) { FileItem item = it.next(); if (item.isFormField()) { if (item.getFieldName().equals("action")) { action = item.getString("UTF-8"); } else if (item.getFieldName().equals("lg_id")) { lang.setId(item.getString("UTF-8")); } else if (item.getFieldName().equals("lg_name")) { lang.setName(item.getString("UTF-8")); } else if (item.getFieldName().equals("persist")) { persist = true; } } else { is = item.getInputStream(); data = IOUtils.toByteArray(is); lang.setImageMime(MimeTypeConfig.mimeTypes.getContentType(item.getName())); is.close(); } } if (action.equals("create")) { lang.setImageContent(SecureStore.b64Encode(data)); LanguageDAO.create(lang); // Activity log UserActivity.log(request.getRemoteUser(), "ADMIN_LANGUAGE_CREATE", lang.getId(), null, lang.toString()); } else if (action.equals("edit")) { lang.setImageContent(SecureStore.b64Encode(data)); LanguageDAO.update(lang); // Activity log UserActivity.log(request.getRemoteUser(), "ADMIN_LANGUAGE_EDIT", lang.getId(), null, lang.toString()); } else if (action.equals("delete")) { LanguageDAO.delete(lang.getId()); // Activity log UserActivity.log(request.getRemoteUser(), "ADMIN_LANGUAGE_DELETE", lang.getId(), null, null); } else if (action.equals("import")) { dbSession = HibernateUtil.getSessionFactory().openSession(); importLanguage(userId, request, response, data, dbSession); // Activity log UserActivity.log(request.getRemoteUser(), "ADMIN_LANGUAGE_IMPORT", null, null, null); } } else if (action.equals("translate")) { translate(userId, request, response); } else if (action.equals("addTranslation")) { addTranslation(userId, request, response); } if (!action.equals("addTranslation") && (action.equals("") || action.equals("import") || persist)) { list(userId, request, response); } } catch (FileUploadException e) { log.error(e.getMessage(), e); sendErrorRedirect(request, response, e); } catch (DatabaseException e) { log.error(e.getMessage(), e); sendErrorRedirect(request, response, e); } catch (SQLException e) { log.error(e.getMessage(), e); sendErrorRedirect(request, response, e); } finally { HibernateUtil.close(dbSession); } }
From source file:com.netspective.sparx.security.HttpLoginManager.java
protected void registerLogout(HttpServletValueContext hsvc, MutableAuthenticatedUser user) { hsvc.getProject().broadcastActivity(new HttpLogoutActivity(hsvc.getProject(), hsvc)); user.registerLogout(hsvc, AuthenticatedUserLogoutType.USER_REQUEST); activeUsers.remove(user);// w w w.ja v a2s . c om if (log.isInfoEnabled()) { HttpServletRequest req = hsvc.getHttpRequest(); String userId = user.getUserId().toString(); StringBuffer info = new StringBuffer(); info.append("logout"); info.append(MONITOR_ENTRY_FIELD_SEPARATOR); info.append(userId); info.append(MONITOR_ENTRY_FIELD_SEPARATOR); info.append(req.getRemoteUser()); info.append(MONITOR_ENTRY_FIELD_SEPARATOR); info.append(req.getRemoteHost()); info.append(MONITOR_ENTRY_FIELD_SEPARATOR); info.append(req.getRemoteAddr()); info.append(MONITOR_ENTRY_FIELD_SEPARATOR); BitSet perms = user.getUserPermissions(); info.append(perms != null ? user.getUserPermissions().toString() : "{}"); info.append(MONITOR_ENTRY_FIELD_SEPARATOR); String[] roles = user.getUserRoleNames(); if (roles != null) { for (int r = 0; r < roles.length; r++) { if (r > 0) info.append(MONITOR_ENTRY_FIELD_SEPARATOR); info.append(roles[r]); } } log.info(info); } }
From source file:org.opensubsystems.core.util.servlet.WebUtils.java
/** * Create debug string containing all parameter names and their values from * the request, all attributes, all cookies and other data characterizing the * request./*from www . j a va 2 s .co m*/ * * @param hsrqRequest - the servlet request. * @return String - debug string containing all parameter names and their * values from the request */ public static String debug(HttpServletRequest hsrqRequest) { Enumeration enumNames; Enumeration enumValues; Iterator iterValues; String strName; String[] arValues; Cookie[] arCookies; int iIndex; Map<String, String[]> mpParamMap; StringBuilder sbfReturn = new StringBuilder(); sbfReturn.append("HttpServletRequest=["); sbfReturn.append("\nRemoteAddress="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getRemoteAddr())); sbfReturn.append(";"); sbfReturn.append("\nRemotePort="); sbfReturn.append(hsrqRequest.getRemotePort()); sbfReturn.append(";"); sbfReturn.append("\nRemoteHost="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getRemoteHost())); sbfReturn.append(";"); sbfReturn.append("\nRemoteUser="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getRemoteUser())); sbfReturn.append(";"); sbfReturn.append("\nFullURL="); sbfReturn.append(getFullRequestURL(hsrqRequest)); sbfReturn.append(";"); sbfReturn.append("\nContextPath="); sbfReturn.append(hsrqRequest.getContextPath()); sbfReturn.append(";"); sbfReturn.append("\nServletPath="); sbfReturn.append(hsrqRequest.getServletPath()); sbfReturn.append(";"); sbfReturn.append("\nPathInfo ="); sbfReturn.append(hsrqRequest.getPathInfo()); sbfReturn.append(";"); sbfReturn.append("\nRequestURI="); sbfReturn.append(hsrqRequest.getRequestURI()); sbfReturn.append(";"); sbfReturn.append("\nRequestURL="); sbfReturn.append(hsrqRequest.getRequestURL()); sbfReturn.append(";"); sbfReturn.append("\nMethod="); sbfReturn.append(hsrqRequest.getMethod()); sbfReturn.append(";"); sbfReturn.append("\nAuthenticationType="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getAuthType())); sbfReturn.append(";"); sbfReturn.append("\nCharacterEncoding="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getCharacterEncoding())); sbfReturn.append(";"); sbfReturn.append("\nContentType="); sbfReturn.append(StringUtils.valueIfNotNull(hsrqRequest.getContentType())); sbfReturn.append(";"); sbfReturn.append("\nMultiPart="); sbfReturn.append(ServletFileUpload.isMultipartContent(hsrqRequest)); sbfReturn.append(";"); // Parameters //////////////////////////////////////////////////////////// try { Map.Entry<String, String[]> entry; // Use getParameterMap rather than request.getParameterNames since it // correctly handles multipart requests mpParamMap = WebParamUtils.getParameterMap("WebUtils: ", hsrqRequest); for (iterValues = mpParamMap.entrySet().iterator(); iterValues.hasNext();) { entry = (Map.Entry<String, String[]>) iterValues.next(); strName = entry.getKey(); arValues = entry.getValue(); sbfReturn.append("\nParam="); sbfReturn.append(strName); sbfReturn.append(" values="); for (iIndex = 0; iIndex < arValues.length; iIndex++) { sbfReturn.append(arValues[iIndex]); if (iIndex < (arValues.length - 1)) { sbfReturn.append(";"); } } if (iterValues.hasNext()) { sbfReturn.append(";"); } } } catch (OSSInvalidDataException ex) { sbfReturn.append("<Cannot access parameter map of the request>"); s_logger.log(Level.SEVERE, "Cannot access parameter map of the request", ex); } // Uploaded files //////////////////////////////////////////////////////// if (ServletFileUpload.isMultipartContent(hsrqRequest)) { try { FileItem item; Map<String, FileItem> mpFiles; TwoElementStruct<Map<String, Object>, Map<String, FileItem>> params; params = WebParamUtils.getMultipartParameters("WebUtils: ", hsrqRequest); mpFiles = params.getSecond(); for (iterValues = mpFiles.values().iterator(); iterValues.hasNext();) { item = (FileItem) iterValues.next(); sbfReturn.append("\nUpload="); sbfReturn.append(item.getName()); sbfReturn.append(" field="); sbfReturn.append(item.getFieldName()); sbfReturn.append(" contentType="); sbfReturn.append(item.getContentType()); sbfReturn.append(" isInMemory="); sbfReturn.append(item.isInMemory()); sbfReturn.append(" sizeInBytes="); sbfReturn.append(item.getSize()); if (iterValues.hasNext()) { sbfReturn.append(";"); } } } catch (OSSInvalidDataException ex) { sbfReturn.append("<Cannot access list of multipart parameters>"); s_logger.log(Level.SEVERE, "Cannot access list of multipart parameters", ex); } } // Headers /////////////////////////////////////////////////////////////// for (enumNames = hsrqRequest.getHeaderNames(); enumNames.hasMoreElements();) { strName = (String) enumNames.nextElement(); sbfReturn.append("\nHeader="); sbfReturn.append(strName); sbfReturn.append(" values="); for (enumValues = hsrqRequest.getHeaders(strName); enumValues.hasMoreElements();) { sbfReturn.append(enumValues.nextElement()); if (enumValues.hasMoreElements()) { sbfReturn.append(";"); } } if (enumNames.hasMoreElements()) { sbfReturn.append(";"); } } // Cookies /////////////////////////////////////////////////////////////// arCookies = hsrqRequest.getCookies(); if (arCookies != null) { Cookie cookie; for (iIndex = 0; iIndex < arCookies.length; iIndex++) { cookie = arCookies[iIndex]; sbfReturn.append("\nCookie="); sbfReturn.append(cookie.getName()); sbfReturn.append(" path="); sbfReturn.append(cookie.getPath()); sbfReturn.append(" path="); sbfReturn.append(cookie.getDomain()); sbfReturn.append(" maxage="); sbfReturn.append(cookie.getMaxAge()); sbfReturn.append(" version="); sbfReturn.append(cookie.getVersion()); sbfReturn.append(" secure="); sbfReturn.append(cookie.getSecure()); sbfReturn.append(" value="); sbfReturn.append(cookie.getValue()); sbfReturn.append(" comment="); sbfReturn.append(StringUtils.valueIfNotNull(cookie.getComment())); if (iIndex < (arCookies.length - 1)) { sbfReturn.append(";"); } } } if (enumNames.hasMoreElements()) { sbfReturn.append(";"); } // Attributes //////////////////////////////////////////////////////////// for (enumNames = hsrqRequest.getAttributeNames(); enumNames.hasMoreElements();) { strName = (String) enumNames.nextElement(); sbfReturn.append("\nAttribute="); sbfReturn.append(strName); sbfReturn.append(" value="); sbfReturn.append(hsrqRequest.getAttribute(strName)); if (enumNames.hasMoreElements()) { sbfReturn.append(";"); } } // Content /////////////////////////////////////////////////////////////// sbfReturn.append("\nContent="); try { sbfReturn.append(StringUtils.convertStreamToString(hsrqRequest.getInputStream(), true)); } catch (IOException ex) { sbfReturn.append("<Cannot access input stream of the request>"); s_logger.log(Level.SEVERE, "Cannot access input stream of the request", ex); } sbfReturn.append(";"); return sbfReturn.toString(); }
From source file:org.eclipse.orion.server.git.servlets.GitCloneHandlerV1.java
@Override public boolean handleRequest(HttpServletRequest request, HttpServletResponse response, String path) throws ServletException { try {/* w ww . j ava 2 s . c om*/ IPath filePath = new Path(path); if (filePath.segmentCount() > 0 && filePath.segment(0).equals("file") && !AuthorizationService .checkRights(request.getRemoteUser(), "/" + filePath.toString(), request.getMethod())) { response.sendError(HttpServletResponse.SC_FORBIDDEN); return true; } switch (getMethod(request)) { case GET: return handleGet(request, response, path); case PUT: return handlePut(request, response, path); case POST: return handlePost(request, response, path); case DELETE: return handleDelete(request, response, path); default: //we don't know how to handle this request return false; } } catch (Exception e) { String msg = NLS.bind("Failed to handle /git/clone request for {0}", path); ServerStatus status = new ServerStatus(IStatus.ERROR, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg, e); LogHelper.log(status); return statusHandler.handleRequest(request, response, status); } }
From source file:eu.europa.ec.fisheries.uvms.reporting.rest.resources.ReportingResource.java
@PUT @Path("/share/{id}/{visibility}") @Produces(APPLICATION_JSON)//ww w. j a v a 2 s .co m @Consumes(APPLICATION_JSON) public Response shareReport(@Context HttpServletRequest request, @PathParam("id") Long id, @PathParam("visibility") String visibility, @HeaderParam("scopeName") String scopeName, @HeaderParam("roleName") String roleName) { String username = request.getRemoteUser(); VisibilityEnum newVisibility = VisibilityEnum.getByName(visibility); boolean isAdmin; log.debug("{} is requesting shareReport(...), with a ID={} with isShared={}", username, id, visibility); ReportFeatureEnum requiredFeature = null; switch (newVisibility) { case SCOPE: requiredFeature = ReportFeatureEnum.SHARE_REPORT_SCOPE; break; case PUBLIC: requiredFeature = ReportFeatureEnum.SHARE_REPORT_PUBLIC; break; default: // it is private scope which does not require any feature break; } Response restResponse; if (requiredFeature != null && !request.isUserInRole(requiredFeature.toString())) { restResponse = createErrorResponse(ErrorCodes.NOT_AUTHORIZED); } else { try { Set<String> features = usmService.getUserFeatures(username, getApplicationName(request), roleName, scopeName); isAdmin = request.isUserInRole(ReportFeatureEnum.MANAGE_ALL_REPORTS.toString()); // it's just a visibility update, therefore the permitted service layers don't // matter much and we pass null ReportDTO reportToUpdate = reportService.findById(features, id, username, scopeName, isAdmin, null); if (reportToUpdate != null) { reportToUpdate.setVisibility(newVisibility); reportService.share(id, reportToUpdate.getCreatedBy(), reportToUpdate.getScopeName(), isAdmin, newVisibility); restResponse = createSuccessResponse(AuthorizationCheckUtil .listAllowedVisibilityOptions(reportToUpdate.getCreatedBy(), username, features)); } else { restResponse = createErrorResponse(ErrorCodes.ENTRY_NOT_FOUND); } } catch (Exception e) { log.error("Sharing report failed.", e); return createErrorResponse(e.getMessage()); } } return restResponse; }
From source file:de.fhg.fokus.openride.services.profile.ProfileService.java
@PUT @Path("password/") @Produces("text/json") public Response putPassword(@Context HttpServletRequest con, @PathParam("username") String username, String json) {//from ww w . j a v a 2 s .c o m System.out.println("putPassword start"); if (json != null) { System.out.println("json: " + json); // to use this method client must send json content! // check if remote user == {username} in path param if (!username.equals(con.getRemoteUser())) { return Response.status(Response.Status.FORBIDDEN).build(); } CustomerEntity c = customerControllerBean.getCustomerByNickname(username); // build a List of Objects that shall be available in the JSON context. ArrayList list = new ArrayList(); list.add(new PasswordRequest()); XStream x = Utils.getJasonXStreamer(list); PasswordRequest r = (PasswordRequest) x.fromXML(json); if (customerControllerBean.isRegistered(c.getCustNickname(), r.getPasswordOld())) { customerControllerBean.setPassword(c.getCustId(), r.getPassword()); return Response.ok().build(); } else { return Response.status(Response.Status.BAD_REQUEST).build(); } } else { return Response.status(Response.Status.NOT_FOUND).build(); } }
From source file:de.fhg.fokus.openride.services.profile.ProfileService.java
@PUT @Path("preferences/") @Produces("text/json") public Response putPreferences(@Context HttpServletRequest con, @PathParam("username") String username, String json) {// w ww. ja va 2s .c o m System.out.println("putPreferences start"); if (json != null) { System.out.println("json: " + json); // to use this method client must send json content! // check if remote user == {username} in path param if (!username.equals(con.getRemoteUser())) { return Response.status(Response.Status.FORBIDDEN).build(); } CustomerEntity c = customerControllerBean.getCustomerByNickname(username); // build a List of Objects that shall be available in the JSON context. ArrayList list = new ArrayList(); list.add(new PreferencesRequest()); XStream x = Utils.getJasonXStreamer(list); PreferencesRequest r = (PreferencesRequest) x.fromXML(json); //TODO: data validation! //resp.setStatus(resp.SC_BAD_REQUEST); // For now, driver prefs = rider prefs (no distinction) customerControllerBean.setDriverPrefs(c.getCustId(), 0, r.getPrefGender(), r.getPrefIsSmoker()); customerControllerBean.setRiderPrefs(c.getCustId(), 0, r.getPrefGender(), r.getPrefIsSmoker()); return Response.ok().build(); } else { return Response.status(Response.Status.NOT_FOUND).build(); } }
From source file:org.apereo.portal.security.provider.RemoteUserPersonManager.java
/** * Retrieve an IPerson object for the incoming request * * @param request//from w w w . j av a 2 s . co m * @return IPerson object for the incoming request * @exception PortalSecurityException Description of the Exception */ public IPerson getPerson(HttpServletRequest request) throws PortalSecurityException { // Return the person object if it exists in the user's session final HttpSession session = request.getSession(false); IPerson person = null; if (session != null) { person = (IPerson) session.getAttribute(PERSON_SESSION_KEY); if (person != null) { return person; } } try { // Create a new instance of a person person = createGuestPerson(request); // If the user has authenticated with the server which has implemented web authentication, // the REMOTE_USER environment variable will be set. String remoteUser = request.getRemoteUser(); // We don't want to ignore the security contexts which are already configured in security.properties, so we // retrieve the existing security contexts. If one of the existing security contexts is a RemoteUserSecurityContext, // we set the REMOTE_USER field of the existing RemoteUserSecurityContext context. // // If a RemoteUserSecurityContext does not already exist, we create one and populate the REMOTE_USER field. ISecurityContext context = null; Enumeration subContexts = null; boolean remoteUserSecurityContextExists = false; // Retrieve existing security contexts. context = person.getSecurityContext(); if (context != null) subContexts = context.getSubContexts(); if (subContexts != null) { while (subContexts.hasMoreElements()) { ISecurityContext ctx = (ISecurityContext) subContexts.nextElement(); // Check to see if a RemoteUserSecurityContext already exists, and set the REMOTE_USER if (ctx instanceof RemoteUserSecurityContext) { RemoteUserSecurityContext remoteuserctx = (RemoteUserSecurityContext) ctx; remoteuserctx.setRemoteUser(remoteUser); remoteUserSecurityContextExists = true; } } } // If a RemoteUserSecurityContext doesn't alreay exist, create one. // This preserves the default behavior of this class. if (!remoteUserSecurityContextExists) { RemoteUserSecurityContext remoteuserctx = new RemoteUserSecurityContext(remoteUser); person.setSecurityContext(remoteuserctx); } } catch (Exception e) { // Log the exception log.error("Exception creating person for request " + request, e); } if (session != null) { // Add this person object to the user's session session.setAttribute(PERSON_SESSION_KEY, person); } // Return the new person object return (person); }
From source file:org.jasig.portal.security.provider.RemoteUserPersonManager.java
/** * Retrieve an IPerson object for the incoming request * * @param request/*from www .ja v a2 s . c o m*/ * @return IPerson object for the incoming request * @exception PortalSecurityException Description of the Exception */ public IPerson getPerson(HttpServletRequest request) throws PortalSecurityException { // Return the person object if it exists in the user's session final HttpSession session = request.getSession(false); IPerson person = null; if (session != null) { person = (IPerson) session.getAttribute(PERSON_SESSION_KEY); if (person != null) { return person; } } try { // Create a new instance of a person person = PersonFactory.createGuestPerson(); // If the user has authenticated with the server which has implemented web authentication, // the REMOTE_USER environment variable will be set. String remoteUser = request.getRemoteUser(); // We don't want to ignore the security contexts which are already configured in security.properties, so we // retrieve the existing security contexts. If one of the existing security contexts is a RemoteUserSecurityContext, // we set the REMOTE_USER field of the existing RemoteUserSecurityContext context. // // If a RemoteUserSecurityContext does not already exist, we create one and populate the REMOTE_USER field. ISecurityContext context = null; Enumeration subContexts = null; boolean remoteUserSecurityContextExists = false; // Retrieve existing security contexts. context = person.getSecurityContext(); if (context != null) subContexts = context.getSubContexts(); if (subContexts != null) { while (subContexts.hasMoreElements()) { ISecurityContext ctx = (ISecurityContext) subContexts.nextElement(); // Check to see if a RemoteUserSecurityContext already exists, and set the REMOTE_USER if (ctx instanceof RemoteUserSecurityContext) { RemoteUserSecurityContext remoteuserctx = (RemoteUserSecurityContext) ctx; remoteuserctx.setRemoteUser(remoteUser); remoteUserSecurityContextExists = true; } } } // If a RemoteUserSecurityContext doesn't alreay exist, create one. // This preserves the default behavior of this class. if (!remoteUserSecurityContextExists) { RemoteUserSecurityContext remoteuserctx = new RemoteUserSecurityContext(remoteUser); person.setSecurityContext(remoteuserctx); } } catch (Exception e) { // Log the exception log.error("Exception creating person for request " + request, e); } if (session != null) { // Add this person object to the user's session session.setAttribute(PERSON_SESSION_KEY, person); } // Return the new person object return (person); }
From source file:org.infoscoop.web.SessionManagerFilter.java
private String getUidFromHeader(HttpServletRequest req) { String uidHeader = SessionCreateConfig.getInstance().getUidHeader(); boolean uidIgnoreCase = SessionCreateConfig.getInstance().isUidIgnoreCase(); String uid = null;//from www . ja va 2 s . co m if (uidHeader != null) { uid = req.getHeader(uidHeader); if (log.isDebugEnabled()) { log.debug("Got UID from Header : [" + uid + "]"); } } else { uid = req.getRemoteUser(); if (log.isDebugEnabled()) { log.debug("Got UID from RemoteUser : [" + uid + "]"); } } if (uid == null) { if (log.isInfoEnabled()) log.info("uidHeader is null"); return null; } if ("true".equalsIgnoreCase(req.getParameter(CheckDuplicateUidFilter.IS_PREVIEW))) { HttpSession session = req.getSession(true); String sessionUid = (String) session.getAttribute("Uid"); String uidParam = req.getParameter("Uid"); if (uidParam.equalsIgnoreCase(sessionUid)) { uid = uidParam; session.setAttribute("Uid", uid); } } else if (uidIgnoreCase && uid != null) uid = uid.toLowerCase(); return uid.trim(); }