Example usage for javax.servlet.http HttpServletRequest isSecure

List of usage examples for javax.servlet.http HttpServletRequest isSecure

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletRequest isSecure.

Prototype

public boolean isSecure();

Source Link

Document

Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.

Usage

From source file:com.flexive.war.filter.FxRequestUtils.java

/**
 * Returns the server name as seen by the client. Takes into account proxies
 * like Apache2 which may alter the server name in their requests.
 *
 * @param request   the request/*from   w w  w.  j  a va 2  s . c o m*/
 * @return  the server name as seen by the client
 */
public static String getExternalServerName(HttpServletRequest request) {
    if (request.getHeader("x-forwarded-host") != null) {
        // use external (forwarded) host - FX-330
        return request.getHeader("x-forwarded-host");
    } else {
        // use our own server name
        return request.getServerName()
                + (request.getServerPort() == 80 || (request.isSecure() && request.getServerPort() == 443) ? ""
                        : ":" + request.getServerPort());
    }
}

From source file:com.erudika.scoold.utils.HttpUtils.java

/**
 * Sets a cookie./*www .  j  a v a2 s.  c om*/
 * @param name the name
 * @param value the value
 * @param req HTTP request
 * @param res HTTP response
 * @param httpOnly HTTP only flag
 * @param maxAge max age
 */
public static void setRawCookie(String name, String value, HttpServletRequest req, HttpServletResponse res,
        boolean httpOnly, int maxAge) {
    if (StringUtils.isBlank(name) || value == null || req == null || res == null) {
        return;
    }
    Cookie cookie = new Cookie(name, value);
    cookie.setHttpOnly(httpOnly);
    cookie.setMaxAge(maxAge < 0 ? Config.SESSION_TIMEOUT_SEC : maxAge);
    cookie.setPath("/");
    cookie.setSecure(req.isSecure());
    res.addCookie(cookie);
}

From source file:org.projectforge.web.UserFilter.java

/**
 * Adds or refresh the given cookie.//from www  .  j a v a  2 s  .  c o m
 * @param request
 * @param response
 * @param stayLoggedInCookie
 */
public static void addStayLoggedInCookie(final HttpServletRequest request, final HttpServletResponse response,
        final Cookie stayLoggedInCookie) {
    stayLoggedInCookie.setMaxAge(COOKIE_MAX_AGE);
    stayLoggedInCookie.setPath("/");
    if (request.isSecure() == true) {
        log.debug("Set secure cookie");
        stayLoggedInCookie.setSecure(true);
    } else {
        log.debug("Set unsecure cookie");
    }
    response.addCookie(stayLoggedInCookie); // Refresh cookie.
}

From source file:org.projectforge.business.user.filter.UserFilter.java

/**
 * Adds or refresh the given cookie.//from   w ww  . j a  va  2  s  .co m
 *
 * @param request
 * @param response
 * @param stayLoggedInCookie
 */
public static void addStayLoggedInCookie(final HttpServletRequest request, final HttpServletResponse response,
        final Cookie stayLoggedInCookie) {
    stayLoggedInCookie.setMaxAge(COOKIE_MAX_AGE);
    stayLoggedInCookie.setPath("/");
    if (request.isSecure() == true) {
        log.debug("Set secure cookie");
        stayLoggedInCookie.setSecure(true);
    } else {
        log.debug("Set unsecure cookie");
    }
    stayLoggedInCookie.setHttpOnly(true);
    response.addCookie(stayLoggedInCookie); // Refresh cookie.
}

From source file:org.ofbiz.angularjs.event.AngularJsEvents.java

private static String checkPath(String path, boolean fullPath, HttpServletRequest request) {
    String checkedPath = null;//from w  w  w . j a v  a  2s.c o  m
    if (fullPath) {
        String protocol = "http";
        if (request.isSecure()) {
            protocol = "https";
        }
        checkedPath = protocol + "://" + path;
    } else {
        checkedPath = path;
    }
    return checkedPath;
}

From source file:it.greenvulcano.gvesb.adapter.http.utils.DumpUtils.java

public static void dump(HttpServletRequest request, StringBuffer log) throws IOException {
    String hN;/*from   w  w w.j  a va 2  s  . c  om*/

    log.append("-- DUMP HttpServletRequest START").append("\n");
    log.append("Method             : ").append(request.getMethod()).append("\n");
    log.append("RequestedSessionId : ").append(request.getRequestedSessionId()).append("\n");
    log.append("Scheme             : ").append(request.getScheme()).append("\n");
    log.append("IsSecure           : ").append(request.isSecure()).append("\n");
    log.append("Protocol           : ").append(request.getProtocol()).append("\n");
    log.append("ContextPath        : ").append(request.getContextPath()).append("\n");
    log.append("PathInfo           : ").append(request.getPathInfo()).append("\n");
    log.append("QueryString        : ").append(request.getQueryString()).append("\n");
    log.append("RequestURI         : ").append(request.getRequestURI()).append("\n");
    log.append("RequestURL         : ").append(request.getRequestURL()).append("\n");
    log.append("ContentType        : ").append(request.getContentType()).append("\n");
    log.append("ContentLength      : ").append(request.getContentLength()).append("\n");
    log.append("CharacterEncoding  : ").append(request.getCharacterEncoding()).append("\n");

    log.append("---- Headers START\n");
    Enumeration<String> headerNames = request.getHeaderNames();
    while (headerNames.hasMoreElements()) {
        hN = headerNames.nextElement();
        log.append("[" + hN + "]=");
        Enumeration<String> headers = request.getHeaders(hN);
        while (headers.hasMoreElements()) {
            log.append("[" + headers.nextElement() + "]");
        }
        log.append("\n");
    }
    log.append("---- Headers END\n");

    log.append("---- Body START\n");
    log.append(IOUtils.toString(request.getInputStream())).append("\n");
    log.append("---- Body END\n");

    log.append("-- DUMP HttpServletRequest END \n");
}

From source file:org.slc.sli.dashboard.security.SLIAuthenticationEntryPoint.java

/**
 * @param request//w w w  .  ja va  2s .  com
 *            - request to be determined
 * @return if the ENV is non-local ( this is due to local jetty server does not
 *         handle secure protocol ) and the protocol is HTTPS, return true.
 *         Otherwise, return false.
 */
static boolean isSecureRequest(HttpServletRequest request) {

    String serverName = request.getServerName();
    boolean isSecureEnvironment = (!serverName.substring(0, serverName.indexOf("."))
            .equals(NONSECURE_ENVIRONMENT_NAME));

    return (request.isSecure() && isSecureEnvironment);
}

From source file:password.pwm.http.ServletHelper.java

public static String debugHttpHeaders(final HttpServletRequest req) {
    final StringBuilder sb = new StringBuilder();

    sb.append("http").append(req.isSecure() ? "s " : " non-").append("secure request headers: ");
    sb.append("\n");

    for (Enumeration enumeration = req.getHeaderNames(); enumeration.hasMoreElements();) {
        final String headerName = (enumeration.nextElement()).toString();
        sb.append("  ");
        sb.append(headerName);//  w w w.  j a  v a 2  s.  co  m
        sb.append("=");
        if (headerName.contains("Authorization")) {
            sb.append(PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT);
        } else {
            sb.append(req.getHeader(headerName));
        }
        sb.append(enumeration.hasMoreElements() ? "\n" : "");
    }

    return sb.toString();
}

From source file:org.openlaszlo.data.DataSource.java

/**
 * Get the actual URL for this request.//from   w w w. ja  va 2 s  .c  o  m
 *
 * @param req servlet request object.
 * @param url the url string received from the client. Can contain
 * "@WEBAPP@" string.
 * @return the 'URL' for the request.
 */
final static public String getURL(HttpServletRequest req, String surl) throws MalformedURLException {
    // "file:" is no longer supported, it is a security hole, make it into
    // an "http" URL which points to the designated file.
    if (surl.startsWith("file:")) {
        String protocol = (req.isSecure() ? "https" : "http");
        String host = req.getServerName();
        int port = req.getServerPort();

        // go past the "file:" prefix
        String fpath = surl.substring(5);
        String uri = req.getRequestURI();
        int floc = uri.lastIndexOf("/");

        // for original url of "file:foo.xml, this constructs
        // http://host:protocol/servlet-path/app-path/foo.xml
        surl = protocol + "://" + host + ":" + port + uri.substring(0, floc) + "/" + fpath;
    }

    mLogger.debug(
            /* (non-Javadoc)
             * @i18n.test
             * @org-mes="'url' is " + p[0]
             */
            org.openlaszlo.i18n.LaszloMessages.getMessage(DataSource.class.getName(), "051018-339",
                    new Object[] { surl }));
    return LZHttpUtils.modifyWEBAPP(req, surl);
}

From source file:org.apache.qpid.server.management.plugin.HttpManagementUtil.java

public static Subject tryToAuthenticate(HttpServletRequest request,
        HttpManagementConfiguration managementConfig) {
    Subject subject = null;//w w w .  java 2 s. c  o m
    SocketAddress localAddress = getSocketAddress(request);
    final AuthenticationProvider authenticationProvider = managementConfig
            .getAuthenticationProvider(localAddress);
    SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(request.isSecure());
    String remoteUser = request.getRemoteUser();

    if (remoteUser != null || authenticationProvider instanceof AnonymousAuthenticationManager) {
        subject = authenticateUser(subjectCreator, remoteUser, null);
    } else if (authenticationProvider instanceof ExternalAuthenticationManager && Collections
            .list(request.getAttributeNames()).contains("javax.servlet.request.X509Certificate")) {
        Principal principal = null;
        X509Certificate[] certificates = (X509Certificate[]) request
                .getAttribute("javax.servlet.request.X509Certificate");
        if (certificates != null && certificates.length != 0) {
            principal = certificates[0].getSubjectX500Principal();

            if (!Boolean.valueOf(String.valueOf(authenticationProvider
                    .getAttribute(ExternalAuthenticationManager.ATTRIBUTE_USE_FULL_DN)))) {
                String username;
                String dn = ((X500Principal) principal).getName(X500Principal.RFC2253);

                username = SSLUtil.getIdFromSubjectDN(dn);
                principal = new UsernamePrincipal(username);
            }

            subject = subjectCreator.createSubjectWithGroups(new AuthenticatedPrincipal(principal));
        }
    } else {
        String header = request.getHeader("Authorization");
        if (header != null) {
            String[] tokens = header.split("\\s");
            if (tokens.length >= 2 && "BASIC".equalsIgnoreCase(tokens[0])) {
                boolean isBasicAuthSupported = false;
                if (request.isSecure()) {
                    isBasicAuthSupported = managementConfig.isHttpsBasicAuthenticationEnabled();
                } else {
                    isBasicAuthSupported = managementConfig.isHttpBasicAuthenticationEnabled();
                }
                if (isBasicAuthSupported) {
                    String base64UsernameAndPassword = tokens[1];
                    String[] credentials = (new String(
                            Base64.decodeBase64(base64UsernameAndPassword.getBytes()))).split(":", 2);
                    if (credentials.length == 2) {
                        subject = authenticateUser(subjectCreator, credentials[0], credentials[1]);
                    }
                }
            }
        }
    }
    return subject;
}