List of usage examples for javax.servlet.http HttpServletRequest getRequestURI
public String getRequestURI();
From source file:com.thoughtworks.go.server.newsecurity.filters.ModeAwareFilter.java
private boolean isAllowedRequest(HttpServletRequest servletRequest) { if ((systemEnvironment.getWebappContextPath() + "/auth/security_check") .equals(servletRequest.getRequestURI())) return true; if ((systemEnvironment.getWebappContextPath() + "/api/state/active").equals(servletRequest.getRequestURI())) return true; return isReadOnlyRequest(servletRequest); }
From source file:gov.nih.nci.firebird.web.filter.FirebirdCsrfGuardFilter.java
private void logCsrfGuardResults(ServletRequest request, HttpServletRequest httpRequest, CsrfGuard csrfGuard) { String requestURI = httpRequest.getRequestURI(); if (requestURI.contains(".action")) { if (csrfGuard.isUnprotectedPageOrMethod(httpRequest)) { String tokenFromPageRequest = request.getParameter(csrfGuard.getTokenName()); String tokenFromRequest = httpRequest.getHeader(csrfGuard.getTokenName()); if (tokenFromRequest != null || tokenFromPageRequest != null) { csrfGuard.getLogger().log(LogLevel.Error, "Request " + requestURI + " contains token yet it is not protected"); } else { csrfGuard.getLogger().log(LogLevel.Error, "Not protecting " + requestURI); }/*from www.j a v a 2s.co m*/ } else { csrfGuard.getLogger().log(LogLevel.Error, "Protecting " + requestURI); } } }
From source file:net.geoprism.SessionFilter.java
private boolean pathAllowed(HttpServletRequest req) { String uri = req.getRequestURI(); List<String> endpoints = new LinkedList<String>(); // They're allowed to hit the login view page, otherwise its a redirect loop endpoints.add("loginRedirect"); // They can also invoke the login action on SessionController @ // session/form and session/login endpoints.add("session/form"); endpoints.add("session/login"); for (String endpoint : endpoints) { if (uri.equals(req.getContextPath() + "/" + endpoint)) { return true; }/* w w w .j av a 2s .c o m*/ } List<String> directories = new LinkedList<String>(); directories.add("jquery"); directories.add("font-awesome"); directories.add("fontawesome"); // Allow direct hitting of all page resources in login directories. directories.add("/net/geoprism/login"); // Directory of uploaded images directories.add("uploaded_images/"); for (String directory : directories) { if (uri.contains(directory)) { return true; } } List<String> extensions = new LinkedList<String>(); extensions.add(".sld"); extensions.add(".css"); extensions.add(".png"); extensions.add(".jpg"); extensions.add(".bmp"); extensions.add(".jpeg"); extensions.add(".gif"); extensions.add(".svg"); extensions.add(".pdf"); // Login/Logout requests for mojax/mojo extensions. extensions.add(SessionController.LOGIN_ACTION); extensions.add(SessionController.LOGOUT_ACTION); extensions.add(SessionController.FORM_ACTION); for (String extension : extensions) { if (uri.endsWith(extension)) { return true; } } return false; }
From source file:nl.surfnet.coin.teams.interceptor.LoginInterceptor.java
private String getRequestedPart(HttpServletRequest request) { return request.getRequestURI(); }
From source file:util.LoginInterceptor.java
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HttpSession session = request.getSession(); String token = (String) session.getAttribute("token"); if (request.getRequestURI().endsWith("efetuarLogin.htm") || (token != null && token.equals("aprovado")) || (request.getRequestURI().endsWith("login.htm"))) { return true; } else {/* w ww .ja v a 2s . c o m*/ response.sendRedirect("login.htm"); return false; } }
From source file:com.qatickets.web.service.AuthFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; log.debug("In AuthFilter: " + req.getRequestURI()); UserProfile user = UserHelper.getUser(req); if (user == null) { // redirect to login page String loginUrl = Urls.LOGIN_VIEW + ".html"; log.debug("Force user login: " + loginUrl); resp.sendRedirect(loginUrl);/*from w w w . j a va 2 s.c o m*/ return; } loadUserObjects(req); chain.doFilter(request, response); }
From source file:net.gbmb.collector.FlowFilter.java
@Override public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception { LOGGER.debug(" IN FILTER {} / {}", httpServletRequest.getMethod(), httpServletRequest.getRequestURI()); if (acceptRequest) { return true; } else {/*from ww w. j ava 2s . c o m*/ // else return http status gone httpServletResponse.setStatus(HttpStatus.GONE.value()); return false; } }
From source file:se.trillian.goodies.web.DisableSessionIdInUrlFilterTest.java
public void testSessionIdInRequestUrlIsRemoved() throws Exception { request.setServerName("www.example.com"); request.setRequestURI("/index.html;jsessionid=1047kv5xa62lf"); request.setRequestedSessionIdFromURL(true); final boolean[] called = new boolean[] { false }; filter.doFilter(request, response, new FilterChain() { public void doFilter(ServletRequest req, ServletResponse res) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; assertFalse(request.isRequestedSessionIdFromURL()); assertEquals("/index.html", request.getRequestURI()); assertEquals("http://www.example.com:80/index.html", request.getRequestURL().toString()); called[0] = true;//from w w w . ja va2s .c o m } }); assertTrue(called[0]); }
From source file:com.autentia.intra.servlet.DocServlet.java
@Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String uri = request.getRequestURI(); log.debug("doGet - uri='" + uri + "'"); int i = uri.indexOf(URL_PREFIX); if (i != -1) { String relPath = uri.substring(i + URL_PREFIX.length()); relPath = URLDecoder.decode(relPath, "UTF-8"); log.debug("doGet - relPath='" + relPath + "'"); File f = new File(ConfigurationUtil.getDefault().getUploadPath() + relPath); if (f.exists()) { response.setContentLength((int) f.length()); String mime = request.getParameter(ARG_MIME); if (mime != null && !mime.equals("")) { response.setContentType(mime); }/* www .jav a 2 s. co m*/ OutputStream out = response.getOutputStream(); InputStream in = new FileInputStream(f); byte[] buffer = new byte[8192]; int nr; while ((nr = in.read(buffer)) != -1) { out.write(buffer, 0, nr); } in.close(); } else { response.sendError(HttpServletResponse.SC_NOT_FOUND); } } else { response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Bad URL prefix for servlet: check your web.xml file"); } }
From source file:csns.web.filter.RegistrationFilter.java
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { String contextPath = request.getContextPath(); String path = request.getRequestURI().substring(contextPath.length()); if (SecurityUtils.isAuthenticated() && SecurityUtils.getUser().isTemporary() && !isPassThrough(path)) { response.sendRedirect(contextPath + "/register"); return;//w ww. j a v a 2 s .c o m } filterChain.doFilter(request, response); }