Example usage for javax.servlet.http HttpServletRequest getUserPrincipal

List of usage examples for javax.servlet.http HttpServletRequest getUserPrincipal

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletRequest getUserPrincipal.

Prototype

public java.security.Principal getUserPrincipal();

Source Link

Document

Returns a java.security.Principal object containing the name of the current authenticated user.

Usage

From source file:org.overlord.dtgov.taskapi.TaskApi.java

/**
 * Asserts that a user is logged in and then returns the user's id.
 * @param httpRequest//from   w  ww  .ja v  a  2  s .c o  m
 * @throws Exception
 */
protected String assertCurrentUser(HttpServletRequest httpRequest) throws Exception {
    Principal principal = httpRequest.getUserPrincipal();
    if (principal == null) {
        throw new Exception(Messages.i18n.format("TaskApi.NoAuthError")); //$NON-NLS-1$
    }
    return principal.getName();
}

From source file:org.nuxeo.ecm.platform.ui.web.auth.cas2.SecurityExceptionHandler.java

@Override
public void handleException(HttpServletRequest request, HttpServletResponse response, Throwable t)
        throws IOException, ServletException {

    Throwable unwrappedException = unwrapException(t);

    if (!ExceptionHelper.isSecurityError(unwrappedException)
            && !response.containsHeader(SSO_INITIAL_URL_REQUEST_KEY)) {
        super.handleException(request, response, t);
        return;/*  www .j  a va  2s.  co  m*/
    }

    Principal principal = request.getUserPrincipal();
    NuxeoPrincipal nuxeoPrincipal = null;
    if (principal instanceof NuxeoPrincipal) {
        nuxeoPrincipal = (NuxeoPrincipal) principal;
        // redirect to login than to requested page
        if (nuxeoPrincipal.isAnonymous()) {
            response.resetBuffer();

            String urlToReach = getURLToReach(request);
            Cookie cookieUrlToReach = new Cookie(NXAuthConstants.SSO_INITIAL_URL_REQUEST_KEY, urlToReach);
            cookieUrlToReach.setPath("/");
            cookieUrlToReach.setMaxAge(60);
            response.addCookie(cookieUrlToReach);

            if (!response.isCommitted()) {
                request.getRequestDispatcher(CAS_REDIRECTION_URL).forward(request, response);
            }
            FacesContext.getCurrentInstance().responseComplete();
        }
    }
    // go back to default handler
    super.handleException(request, response, t);
}

From source file:org.josso.spring.acegi.JOSSOProcessingFilter.java

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
        throws IOException, ServletException {

    if (!(servletRequest instanceof HttpServletRequest)) {
        throw new IllegalArgumentException("Non HTTP request unsupported by this filter");
    }/*from  w  w  w  .j  a v a2  s.c o m*/

    if (!(servletResponse instanceof HttpServletResponse)) {
        throw new IllegalArgumentException("Non HTTP response unsupported by this filter");
    }

    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;

    // We have to provide Authentication information based on JOSSO auth information ...

    // This is the principal as injected by JOSSO in the container :
    Principal principal = request.getUserPrincipal();

    // This is the authentication information used by ACEGI
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

    // If authentication information is present, we only need to validate that it is up to date.
    if (authentication != null) {

        if (logger.isDebugEnabled()) {
            logger.debug("Authentication information already present : '"
                    + SecurityContextHolder.getContext().getAuthentication() + "'");
        }

        // If there is no principal, we may need to logout this user ... TODO detect anonymous principals ?
        if (principal == null && authentication.isAuthenticated()) {

            // If an authenticated Authentication is present, we must issue a logout !
            if (logger.isDebugEnabled()) {
                logger.debug("Logging out user '" + authentication + "'");
            }

            for (int i = 0; i < handlers.length; i++) {
                handlers[i].logout(request, response, authentication);
            }

        }

        chain.doFilter(request, response);

        return;
    }

    // We have a principal but no ACEGI authentication, propagate identity from JOSSO to ACEGI.
    if (principal != null) {

        // If a saved request is present, we use the saved request to redirect the user to the original resource.
        SavedRequest savedRequest = (SavedRequest) request.getSession()
                .getAttribute(AbstractProcessingFilter.ACEGI_SAVED_REQUEST_KEY);

        if (savedRequest != null)
            logger.debug("Redirecting to original resource " + savedRequest.getFullRequestUrl());

        UserDetails userDetails = userDetailsService.loadUserByUsername(principal.getName());
        String jossoSessionId = (String) request.getAttribute("org.josso.agent.ssoSessionid");

        // New authenticated autentication instance.
        Authentication jossoAuth = new JOSSOAuthenticationToken(jossoSessionId, userDetails,
                userDetails.getAuthorities());

        // Store to SecurityContextHolder
        SecurityContextHolder.getContext().setAuthentication(jossoAuth);
        if (logger.isDebugEnabled()) {
            logger.debug("SecurityContextHolder populated with JOSSO Authentication Token: '"
                    + SecurityContextHolder.getContext().getAuthentication() + "'");
        }

        // Fire event
        if (this.eventPublisher != null) {
            eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(
                    SecurityContextHolder.getContext().getAuthentication(), this.getClass()));
        }

        // We have a saved request, redirect to original URL ...
        if (savedRequest != null)
            response.sendRedirect(savedRequest.getFullRequestUrl());

    } else {
        if (logger.isDebugEnabled())
            logger.debug("No principal found in request !");

    }

    // Move on ...
    chain.doFilter(request, response);

}

From source file:io.hops.hopsworks.api.admin.HDFSUIProxyServlet.java

@Override
protected void service(HttpServletRequest servletRequest, HttpServletResponse servletResponse)
        throws ServletException, IOException {

    if (servletRequest.getUserPrincipal() == null) {
        servletResponse.sendError(403, "User is not logged in");
        return;/*  www  .j a v a 2 s  .c o  m*/
    }
    if (!servletRequest.isUserInRole("HOPS_ADMIN")) {
        servletResponse.sendError(Response.Status.BAD_REQUEST.getStatusCode(),
                "You don't have the access right for this service");
        return;
    }
    if (servletRequest.getAttribute(ATTR_TARGET_URI) == null) {
        servletRequest.setAttribute(ATTR_TARGET_URI, targetUri);
    }
    if (servletRequest.getAttribute(ATTR_TARGET_HOST) == null) {
        servletRequest.setAttribute(ATTR_TARGET_HOST, targetHost);
    }

    // Make the Request
    // note: we won't transfer the protocol version because I'm not 
    // sure it would truly be compatible
    String proxyRequestUri = rewriteUrlFromRequest(servletRequest);

    try {
        String[] targetHost_port = settings.getHDFSWebUIAddress().split(":");
        File keyStore = new File(baseHadoopClientsService.getSuperKeystorePath());
        File trustStore = new File(baseHadoopClientsService.getSuperTrustStorePath());
        // Assume that KeyStore password and Key password are the same
        Protocol httpsProto = new Protocol("https",
                new CustomSSLProtocolSocketFactory(keyStore,
                        baseHadoopClientsService.getSuperKeystorePassword(),
                        baseHadoopClientsService.getSuperKeystorePassword(), trustStore,
                        baseHadoopClientsService.getSuperTrustStorePassword()),
                Integer.parseInt(targetHost_port[1]));
        Protocol.registerProtocol("https", httpsProto);
        // Execute the request
        HttpClientParams params = new HttpClientParams();
        params.setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
        params.setBooleanParameter(HttpClientParams.ALLOW_CIRCULAR_REDIRECTS, true);
        HttpClient client = new HttpClient(params);
        HostConfiguration config = new HostConfiguration();
        InetAddress localAddress = InetAddress.getLocalHost();
        config.setLocalAddress(localAddress);

        HttpMethod m = new GetMethod(proxyRequestUri);
        Enumeration<String> names = servletRequest.getHeaderNames();
        while (names.hasMoreElements()) {
            String headerName = names.nextElement();
            String value = servletRequest.getHeader(headerName);
            if (PASS_THROUGH_HEADERS.contains(headerName)) {
                //hdfs does not send back the js if encoding is not accepted
                //but we don't want to accept encoding for the html because we
                //need to be able to parse it
                if (headerName.equalsIgnoreCase("accept-encoding") && (servletRequest.getPathInfo() == null
                        || !servletRequest.getPathInfo().contains(".js"))) {
                    continue;
                } else {
                    m.setRequestHeader(headerName, value);
                }
            }
        }
        String user = servletRequest.getRemoteUser();
        if (user != null && !user.isEmpty()) {
            m.setRequestHeader("Cookie", "proxy-user" + "=" + URLEncoder.encode(user, "ASCII"));
        }

        client.executeMethod(config, m);

        // Process the response
        int statusCode = m.getStatusCode();

        // Pass the response code. This method with the "reason phrase" is 
        //deprecated but it's the only way to pass the reason along too.
        //noinspection deprecation
        servletResponse.setStatus(statusCode, m.getStatusLine().getReasonPhrase());

        copyResponseHeaders(m, servletRequest, servletResponse);

        // Send the content to the client
        copyResponseEntity(m, servletResponse);

    } catch (Exception e) {
        if (e instanceof RuntimeException) {
            throw (RuntimeException) e;
        }
        if (e instanceof ServletException) {
            throw (ServletException) e;
        }
        //noinspection ConstantConditions
        if (e instanceof IOException) {
            throw (IOException) e;
        }
        throw new RuntimeException(e);

    }
}

From source file:it.volaconnoi.servlet.BookingServlet.java

/**
 * Handles the HTTP <code>GET</code> method.
 *
 * @param request servlet request/*from   ww w .ja  va 2  s .c  o  m*/
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException {
    String userPath = request.getServletPath();

    session = request.getSession(true);

    if (userPath.equals("/booking")) {
        String route_id = request.getParameter("id");

        session.setAttribute("route", routeManagerBean.getRouteById(route_id));

        if (request.getUserPrincipal() != null) {
            UserCredential user = userManagerBean.getUserByUsername(request.getUserPrincipal().getName());

            session.setAttribute("user", user);
        }

        request.setAttribute("CountriesList", countryFacade.findAll());

        request.setAttribute("tax", PricerBeanInterface.TAX);

        request.getRequestDispatcher("/WEB-INF/view/booking/booking.jsp").forward(request, response);
    }
}

From source file:org.nuxeo.ecm.platform.web.common.exceptionhandling.DefaultNuxeoExceptionHandler.java

@Override
public void handleException(HttpServletRequest request, HttpServletResponse response, Throwable t)
        throws IOException, ServletException {

    Throwable unwrappedException = ExceptionHelper.unwrapException(t);

    // check for Anonymous case
    if (ExceptionHelper.isSecurityError(unwrappedException)) {
        Principal principal = request.getUserPrincipal();
        if (principal instanceof NuxeoPrincipal) {
            NuxeoPrincipal nuxeoPrincipal = (NuxeoPrincipal) principal;
            if (nuxeoPrincipal.isAnonymous()) {
                // redirect to login than to requested page
                if (handleAnonymousException(request, response)) {
                    return;
                }//from   ww w . j  a  v a  2s. co  m
            }
        }
    }

    startHandlingException(request, response, t);
    try {
        ErrorHandler handler = getHandler(t);
        Integer code = handler.getCode();
        int status = code == null ? HttpServletResponse.SC_INTERNAL_SERVER_ERROR : code.intValue();
        parameters.getListener().startHandling(t, request, response);

        StringWriter swriter = new StringWriter();
        PrintWriter pwriter = new PrintWriter(swriter);
        t.printStackTrace(pwriter);
        String stackTrace = swriter.getBuffer().toString();
        if (status < HttpServletResponse.SC_INTERNAL_SERVER_ERROR) { // 500
            log.debug(t.getMessage(), t);
        } else {
            log.error(stackTrace);
            parameters.getLogger().error(stackTrace);
        }

        parameters.getListener().beforeSetErrorPageAttribute(unwrappedException, request, response);
        request.setAttribute("exception_message", unwrappedException.getLocalizedMessage());
        request.setAttribute("user_message", getUserMessage(handler.getMessage(), request.getLocale()));
        request.setAttribute("securityError", ExceptionHelper.isSecurityError(unwrappedException));
        request.setAttribute("messageBundle", ResourceBundle.getBundle(parameters.getBundleName(),
                request.getLocale(), Thread.currentThread().getContextClassLoader()));
        String dumpedRequest = parameters.getRequestDumper().getDump(request);
        if (status >= HttpServletResponse.SC_INTERNAL_SERVER_ERROR) { // 500
            parameters.getLogger().error(dumpedRequest);
        }
        request.setAttribute("isDevModeSet", Framework.isDevModeSet());
        if (Framework.isDevModeSet()) {
            request.setAttribute("stackTrace", stackTrace);
            request.setAttribute("request_dump", dumpedRequest);
        }

        parameters.getListener().beforeForwardToErrorPage(unwrappedException, request, response);
        if (!response.isCommitted()) {
            response.setStatus(status);
            String errorPage = handler.getPage();
            errorPage = (errorPage == null) ? parameters.getDefaultErrorPage() : errorPage;
            RequestDispatcher requestDispatcher = request.getRequestDispatcher(errorPage);
            if (requestDispatcher != null) {
                requestDispatcher.forward(request, response);
            } else {
                log.error("Cannot forward to error page, " + "no RequestDispatcher found for errorPage="
                        + errorPage + " handler=" + handler);
            }
            parameters.getListener().responseComplete();
        } else {
            // do not throw an error, just log it: afterDispatch needs to
            // be called, and sometimes the initial error is a
            // ClientAbortException
            log.error("Cannot forward to error page: " + "response is already committed");
        }
        parameters.getListener().afterDispatch(unwrappedException, request, response);
    } catch (ServletException e) {
        throw e;
    } catch (RuntimeException | IOException e) {
        throw new ServletException(e);
    }
}

From source file:org.ecocean.ApiAccess.java

public HashMap<String, String> permissions(String cname, HttpServletRequest request) {
    HashMap<String, String> perm = new HashMap<String, String>();
    this.initConfig(request);
    String context = "context0";
    context = ServletUtilities.getContext(request);
    Shepherd myShepherd = new Shepherd(context);
    myShepherd.setAction("ApiAccess.class");
    myShepherd.beginDBTransaction();//from  www  .ja  v  a2  s.c om
    String username = "";
    if (request.getUserPrincipal() != null)
        username = request.getUserPrincipal().getName();
    List<Role> roleObjs = myShepherd.getAllRolesForUserInContext(username, context);
    List<String> roles = new ArrayList<String>();
    for (Role r : roleObjs) {
        roles.add(r.getRolename());
    }
    System.out.println("[class " + cname + "] roles for user '" + username + "': " + roles);

    NodeList nlist = this.configDoc.getDocumentElement().getElementsByTagName("class");
    if (nlist.getLength() < 1) {
        myShepherd.rollbackDBTransaction();
        myShepherd.closeDBTransaction();
        return perm;
    }

    for (int i = 0; i < nlist.getLength(); i++) {
        Node n = nlist.item(i);
        if (n.getNodeType() == Node.ELEMENT_NODE) {
            Element el = (Element) n;
            if (el.getAttribute("name").equals(cname)) {
                Node p = el.getElementsByTagName("properties").item(0);
                if (p == null) {
                    myShepherd.rollbackDBTransaction();
                    myShepherd.closeDBTransaction();
                    return perm;
                }
                //System.out.println("ok in " + cname);
                Element propsEl = (Element) p;
                NodeList props = propsEl.getElementsByTagName("property");
                for (int j = 0; j < props.getLength(); j++) {
                    if (props.item(j).getNodeType() == Node.ELEMENT_NODE) {
                        Element pel = (Element) props.item(j);
                        String propName = pel.getAttribute("name");
                        if (propName != null) {
                            ///////////// TODO for now we assume we ONLY have a sub element for <write> perm here so we skip a step
                            NodeList proles = pel.getElementsByTagName("role");
                            boolean allowed = false;
                            for (int k = 0; k < proles.getLength(); k++) {
                                if (roles.contains(proles.item(k).getTextContent())) {
                                    allowed = true;
                                    k = proles.getLength() + 1;
                                }
                            }
                            if (!allowed)
                                perm.put(propName, "deny");
                        }
                    }
                }
            }
        }
    }

    System.out.println(perm);
    myShepherd.rollbackDBTransaction();
    myShepherd.closeDBTransaction();
    return perm;
}

From source file:org.owasp.webgoat.controller.Start.java

/**
 * <p>start.</p>//w  w  w  . j a  v a 2s .c  o m
 *
 * @param request a {@link javax.servlet.http.HttpServletRequest} object.
 * @param error a {@link java.lang.String} object.
 * @param logout a {@link java.lang.String} object.
 * @return a {@link org.springframework.web.servlet.ModelAndView} object.
 */
@RequestMapping(value = "start.mvc", method = { RequestMethod.GET, RequestMethod.POST })
public ModelAndView start(HttpServletRequest request,
        @RequestParam(value = "error", required = false) String error,
        @RequestParam(value = "logout", required = false) String logout) {

    ModelAndView model = new ModelAndView();
    // make sure session is set up correctly
    // if not redirect user to login
    if (checkWebSession(request.getSession()) == false) {
        model.setViewName("redirect:/login.mvc");
        return model;
    }
    String role = getRole();
    String user = request.getUserPrincipal().getName();
    model.addObject("role", role);
    model.addObject("user", user);

    String contactEmail = servletContext.getInitParameter("email");
    model.addObject("contactEmail", contactEmail);
    String emailList = servletContext.getInitParameter("emaillist");
    model.addObject("emailList", emailList);

    Application app = Application.getInstance();
    logger.info("Setting application properties: " + app);
    model.addObject("version", app.getVersion());
    model.addObject("build", app.getBuild());

    // if everything ok then go to webgoat UI
    model.setViewName("main_new");
    return model;
}

From source file:org.broadleafcommerce.profile.web.core.security.CustomerStateFilter.java

@Override
public void doFilter(ServletRequest baseRequest, ServletResponse baseResponse, FilterChain chain)
        throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) baseRequest;
    HttpServletResponse response = (HttpServletResponse) baseResponse;
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    Customer customer = null;//from   w  w w . ja v a2 s.  c  o m
    if ((authentication != null) && !(authentication instanceof AnonymousAuthenticationToken)) {
        String userName = request.getUserPrincipal().getName();
        customer = (Customer) request.getAttribute(customerRequestAttributeName);
        if (userName != null && (customer == null || !userName.equals(customer.getUsername()))) {
            // can only get here if the authenticated user does not match the user in session
            customer = customerService.readCustomerByUsername(userName);
            if (logger.isDebugEnabled() && customer != null) {
                logger.debug("Customer found by username " + userName);
            }
        }
        if (customer != null) {
            ApplicationEvent lastPublishedEvent = (ApplicationEvent) request.getSession(true)
                    .getAttribute(LAST_PUBLISHED_EVENT_SESSION_ATTRIBUTED_NAME);
            if (authentication instanceof RememberMeAuthenticationToken) {
                // set transient property of customer
                customer.setCookied(true);
                boolean publishRememberMeEvent = true;
                if (lastPublishedEvent != null
                        && lastPublishedEvent instanceof CustomerAuthenticatedFromCookieEvent) {
                    CustomerAuthenticatedFromCookieEvent cookieEvent = (CustomerAuthenticatedFromCookieEvent) lastPublishedEvent;
                    if (userName.equals(cookieEvent.getCustomer().getUsername())) {
                        publishRememberMeEvent = false;
                    }
                }
                if (publishRememberMeEvent) {
                    CustomerAuthenticatedFromCookieEvent cookieEvent = new CustomerAuthenticatedFromCookieEvent(
                            customer, this.getClass().getName());
                    eventPublisher.publishEvent(cookieEvent);
                    request.getSession().setAttribute(LAST_PUBLISHED_EVENT_SESSION_ATTRIBUTED_NAME,
                            cookieEvent);
                }
            } else if (authentication instanceof UsernamePasswordAuthenticationToken) {
                customer.setLoggedIn(true);
                boolean publishLoggedInEvent = true;
                if (lastPublishedEvent != null && lastPublishedEvent instanceof CustomerLoggedInEvent) {
                    CustomerLoggedInEvent loggedInEvent = (CustomerLoggedInEvent) lastPublishedEvent;
                    if (userName.equals(loggedInEvent.getCustomer().getUsername())) {
                        publishLoggedInEvent = false;
                    }
                }
                if (publishLoggedInEvent) {
                    CustomerLoggedInEvent loggedInEvent = new CustomerLoggedInEvent(customer,
                            this.getClass().getName());
                    eventPublisher.publishEvent(loggedInEvent);
                    request.getSession().setAttribute(LAST_PUBLISHED_EVENT_SESSION_ATTRIBUTED_NAME,
                            loggedInEvent);
                }
            } else {
                customer = null;
            }

        }
    }

    if (customer == null) {
        // This is an anonymous customer.
        // TODO: Handle a custom cookie (different than remember me) that is just for anonymous users.  
        // This can be used to remember their cart from a previous visit.
        // Cookie logic probably needs to be configurable - with TCS as the exception.

        customer = resolveAnonymousCustomer(request);
    }
    request.setAttribute(customerRequestAttributeName, customer);

    // Setup customer for content rule processing
    Map<String, Object> ruleMap = (Map<String, Object>) request.getAttribute(BLC_RULE_MAP_PARAM);
    if (ruleMap == null) {
        ruleMap = new HashMap<String, Object>();
    }
    ruleMap.put("customer", customer);
    request.setAttribute(BLC_RULE_MAP_PARAM, ruleMap);

    chain.doFilter(request, response);
}

From source file:demo.oauth.server.spring.SpringOAuthAuthenticationFilter.java

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {
    HttpServletRequest req = (HttpServletRequest) request;
    HttpServletResponse resp = (HttpServletResponse) response;

    List<String> authorities = (List<String>) request.getAttribute(OAUTH_AUTHORITIES);
    List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();

    if (authorities != null) {
        for (String authority : authorities) {
            grantedAuthorities.add(new GrantedAuthorityImpl(authority));
        }//from  ww w. ja  v  a  2s  .c o  m

        Authentication auth = new AnonymousAuthenticationToken(UUID.randomUUID().toString(),
                req.getUserPrincipal(), grantedAuthorities);

        SecurityContextHolder.getContext().setAuthentication(auth);
    }

    chain.doFilter(req, resp);
}