List of usage examples for javax.servlet.http HttpServletRequest isSecure
public boolean isSecure();
From source file:com.flexive.war.filter.FxRequestUtils.java
/** * Returns the server name as seen by the client. Takes into account proxies * like Apache2 which may alter the server name in their requests. * * @param request the request/*from w w w. j a va 2 s . c o m*/ * @return the server name as seen by the client */ public static String getExternalServerName(HttpServletRequest request) { if (request.getHeader("x-forwarded-host") != null) { // use external (forwarded) host - FX-330 return request.getHeader("x-forwarded-host"); } else { // use our own server name return request.getServerName() + (request.getServerPort() == 80 || (request.isSecure() && request.getServerPort() == 443) ? "" : ":" + request.getServerPort()); } }
From source file:com.erudika.scoold.utils.HttpUtils.java
/** * Sets a cookie./*www . j a v a2 s. c om*/ * @param name the name * @param value the value * @param req HTTP request * @param res HTTP response * @param httpOnly HTTP only flag * @param maxAge max age */ public static void setRawCookie(String name, String value, HttpServletRequest req, HttpServletResponse res, boolean httpOnly, int maxAge) { if (StringUtils.isBlank(name) || value == null || req == null || res == null) { return; } Cookie cookie = new Cookie(name, value); cookie.setHttpOnly(httpOnly); cookie.setMaxAge(maxAge < 0 ? Config.SESSION_TIMEOUT_SEC : maxAge); cookie.setPath("/"); cookie.setSecure(req.isSecure()); res.addCookie(cookie); }
From source file:org.projectforge.web.UserFilter.java
/** * Adds or refresh the given cookie.//from www . j a v a 2 s . c o m * @param request * @param response * @param stayLoggedInCookie */ public static void addStayLoggedInCookie(final HttpServletRequest request, final HttpServletResponse response, final Cookie stayLoggedInCookie) { stayLoggedInCookie.setMaxAge(COOKIE_MAX_AGE); stayLoggedInCookie.setPath("/"); if (request.isSecure() == true) { log.debug("Set secure cookie"); stayLoggedInCookie.setSecure(true); } else { log.debug("Set unsecure cookie"); } response.addCookie(stayLoggedInCookie); // Refresh cookie. }
From source file:org.projectforge.business.user.filter.UserFilter.java
/** * Adds or refresh the given cookie.//from w ww . j a va 2 s .co m * * @param request * @param response * @param stayLoggedInCookie */ public static void addStayLoggedInCookie(final HttpServletRequest request, final HttpServletResponse response, final Cookie stayLoggedInCookie) { stayLoggedInCookie.setMaxAge(COOKIE_MAX_AGE); stayLoggedInCookie.setPath("/"); if (request.isSecure() == true) { log.debug("Set secure cookie"); stayLoggedInCookie.setSecure(true); } else { log.debug("Set unsecure cookie"); } stayLoggedInCookie.setHttpOnly(true); response.addCookie(stayLoggedInCookie); // Refresh cookie. }
From source file:org.ofbiz.angularjs.event.AngularJsEvents.java
private static String checkPath(String path, boolean fullPath, HttpServletRequest request) { String checkedPath = null;//from w w w . j a v a 2s.c o m if (fullPath) { String protocol = "http"; if (request.isSecure()) { protocol = "https"; } checkedPath = protocol + "://" + path; } else { checkedPath = path; } return checkedPath; }
From source file:it.greenvulcano.gvesb.adapter.http.utils.DumpUtils.java
public static void dump(HttpServletRequest request, StringBuffer log) throws IOException { String hN;/*from w w w.j a va 2 s . c om*/ log.append("-- DUMP HttpServletRequest START").append("\n"); log.append("Method : ").append(request.getMethod()).append("\n"); log.append("RequestedSessionId : ").append(request.getRequestedSessionId()).append("\n"); log.append("Scheme : ").append(request.getScheme()).append("\n"); log.append("IsSecure : ").append(request.isSecure()).append("\n"); log.append("Protocol : ").append(request.getProtocol()).append("\n"); log.append("ContextPath : ").append(request.getContextPath()).append("\n"); log.append("PathInfo : ").append(request.getPathInfo()).append("\n"); log.append("QueryString : ").append(request.getQueryString()).append("\n"); log.append("RequestURI : ").append(request.getRequestURI()).append("\n"); log.append("RequestURL : ").append(request.getRequestURL()).append("\n"); log.append("ContentType : ").append(request.getContentType()).append("\n"); log.append("ContentLength : ").append(request.getContentLength()).append("\n"); log.append("CharacterEncoding : ").append(request.getCharacterEncoding()).append("\n"); log.append("---- Headers START\n"); Enumeration<String> headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { hN = headerNames.nextElement(); log.append("[" + hN + "]="); Enumeration<String> headers = request.getHeaders(hN); while (headers.hasMoreElements()) { log.append("[" + headers.nextElement() + "]"); } log.append("\n"); } log.append("---- Headers END\n"); log.append("---- Body START\n"); log.append(IOUtils.toString(request.getInputStream())).append("\n"); log.append("---- Body END\n"); log.append("-- DUMP HttpServletRequest END \n"); }
From source file:org.slc.sli.dashboard.security.SLIAuthenticationEntryPoint.java
/** * @param request//w w w . ja va 2s . com * - request to be determined * @return if the ENV is non-local ( this is due to local jetty server does not * handle secure protocol ) and the protocol is HTTPS, return true. * Otherwise, return false. */ static boolean isSecureRequest(HttpServletRequest request) { String serverName = request.getServerName(); boolean isSecureEnvironment = (!serverName.substring(0, serverName.indexOf(".")) .equals(NONSECURE_ENVIRONMENT_NAME)); return (request.isSecure() && isSecureEnvironment); }
From source file:password.pwm.http.ServletHelper.java
public static String debugHttpHeaders(final HttpServletRequest req) { final StringBuilder sb = new StringBuilder(); sb.append("http").append(req.isSecure() ? "s " : " non-").append("secure request headers: "); sb.append("\n"); for (Enumeration enumeration = req.getHeaderNames(); enumeration.hasMoreElements();) { final String headerName = (enumeration.nextElement()).toString(); sb.append(" "); sb.append(headerName);// w w w. j a v a 2 s. co m sb.append("="); if (headerName.contains("Authorization")) { sb.append(PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT); } else { sb.append(req.getHeader(headerName)); } sb.append(enumeration.hasMoreElements() ? "\n" : ""); } return sb.toString(); }
From source file:org.openlaszlo.data.DataSource.java
/** * Get the actual URL for this request.//from w w w. ja va 2 s .c o m * * @param req servlet request object. * @param url the url string received from the client. Can contain * "@WEBAPP@" string. * @return the 'URL' for the request. */ final static public String getURL(HttpServletRequest req, String surl) throws MalformedURLException { // "file:" is no longer supported, it is a security hole, make it into // an "http" URL which points to the designated file. if (surl.startsWith("file:")) { String protocol = (req.isSecure() ? "https" : "http"); String host = req.getServerName(); int port = req.getServerPort(); // go past the "file:" prefix String fpath = surl.substring(5); String uri = req.getRequestURI(); int floc = uri.lastIndexOf("/"); // for original url of "file:foo.xml, this constructs // http://host:protocol/servlet-path/app-path/foo.xml surl = protocol + "://" + host + ":" + port + uri.substring(0, floc) + "/" + fpath; } mLogger.debug( /* (non-Javadoc) * @i18n.test * @org-mes="'url' is " + p[0] */ org.openlaszlo.i18n.LaszloMessages.getMessage(DataSource.class.getName(), "051018-339", new Object[] { surl })); return LZHttpUtils.modifyWEBAPP(req, surl); }
From source file:org.apache.qpid.server.management.plugin.HttpManagementUtil.java
public static Subject tryToAuthenticate(HttpServletRequest request, HttpManagementConfiguration managementConfig) { Subject subject = null;//w w w . java 2 s. c o m SocketAddress localAddress = getSocketAddress(request); final AuthenticationProvider authenticationProvider = managementConfig .getAuthenticationProvider(localAddress); SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(request.isSecure()); String remoteUser = request.getRemoteUser(); if (remoteUser != null || authenticationProvider instanceof AnonymousAuthenticationManager) { subject = authenticateUser(subjectCreator, remoteUser, null); } else if (authenticationProvider instanceof ExternalAuthenticationManager && Collections .list(request.getAttributeNames()).contains("javax.servlet.request.X509Certificate")) { Principal principal = null; X509Certificate[] certificates = (X509Certificate[]) request .getAttribute("javax.servlet.request.X509Certificate"); if (certificates != null && certificates.length != 0) { principal = certificates[0].getSubjectX500Principal(); if (!Boolean.valueOf(String.valueOf(authenticationProvider .getAttribute(ExternalAuthenticationManager.ATTRIBUTE_USE_FULL_DN)))) { String username; String dn = ((X500Principal) principal).getName(X500Principal.RFC2253); username = SSLUtil.getIdFromSubjectDN(dn); principal = new UsernamePrincipal(username); } subject = subjectCreator.createSubjectWithGroups(new AuthenticatedPrincipal(principal)); } } else { String header = request.getHeader("Authorization"); if (header != null) { String[] tokens = header.split("\\s"); if (tokens.length >= 2 && "BASIC".equalsIgnoreCase(tokens[0])) { boolean isBasicAuthSupported = false; if (request.isSecure()) { isBasicAuthSupported = managementConfig.isHttpsBasicAuthenticationEnabled(); } else { isBasicAuthSupported = managementConfig.isHttpBasicAuthenticationEnabled(); } if (isBasicAuthSupported) { String base64UsernameAndPassword = tokens[1]; String[] credentials = (new String( Base64.decodeBase64(base64UsernameAndPassword.getBytes()))).split(":", 2); if (credentials.length == 2) { subject = authenticateUser(subjectCreator, credentials[0], credentials[1]); } } } } } return subject; }