List of usage examples for javax.servlet.http HttpServletRequest isSecure
public boolean isSecure();
From source file:ru.org.linux.gallery.DeleteImageController.java
@RequestMapping(method = RequestMethod.GET) public ModelAndView deleteForm(@RequestParam(required = true) int id, HttpServletRequest request) throws Exception { Template tmpl = Template.getTemplate(request); Image image = imageDao.getImage(id); Topic topic = topicDao.getById(image.getTopicId()); PreparedTopic preparedTopic = prepareService.prepareTopic(topic, request.isSecure(), tmpl.getCurrentUser()); checkDelete(preparedTopic, tmpl.getCurrentUser()); ModelAndView mv = new ModelAndView("delete_image"); mv.addObject("image", image); mv.addObject("preparedTopic", preparedTopic); return mv;/*from w w w . ja v a2s . co m*/ }
From source file:com.acc.storefront.interceptors.beforecontroller.RequireHardLoginBeforeControllerHandler.java
@Override public boolean beforeController(final HttpServletRequest request, final HttpServletResponse response, final HandlerMethod handler) throws Exception { // We only care if the request is secure if (request.isSecure()) { // Check if the handler has our annotation final RequireHardLogIn annotation = findAnnotation(handler, RequireHardLogIn.class); if (annotation != null) { final String guid = (String) request.getSession().getAttribute(SECURE_GUID_SESSION_KEY); boolean redirect = true; if (((!getUserService().isAnonymousUser(getUserService().getCurrentUser()) || checkForAnonymousCheckout()) && checkForGUIDCookie(request, response, guid))) { redirect = false;//w ww .j a v a 2s. com } if (redirect) { LOG.warn((guid == null ? "missing secure token in session" : "no matching guid cookie") + ", redirecting"); getRedirectStrategy().sendRedirect(request, response, getRedirectUrl(request)); return false; } } } return true; }
From source file:com.razorfish.interceptors.beforecontroller.RequireHardLoginBeforeControllerHandler.java
@Override public boolean beforeController(final HttpServletRequest request, final HttpServletResponse response, final HandlerMethod handler) throws Exception { // We only care if the request is secure if (request.isSecure()) { // Check if the handler has our annotation final RequireHardLogIn annotation = findAnnotation(handler, RequireHardLogIn.class); if (annotation != null) { final String guid = (String) request.getSession().getAttribute(SECURE_GUID_SESSION_KEY); boolean redirect = true; if (((!getUserService().isAnonymousUser(getUserService().getCurrentUser()) || checkForAnonymousCheckout()) && checkForGUIDCookie(request, response, guid))) { redirect = false;// ww w .j a va2s .c o m } if (redirect) { LOG.warn((guid == null ? "missing secure token in session" : "no matching guid cookie") + ", redirecting"); getRedirectStrategy().sendRedirect(request, response, getRedirectUrl(request)); return false; } } } return true; }
From source file:com.ebook.storefront.interceptors.beforecontroller.RequireHardLoginBeforeControllerHandler.java
@Override public boolean beforeController(final HttpServletRequest request, final HttpServletResponse response, final HandlerMethod handler) throws Exception { // We only care if the request is secure if (request.isSecure()) { // Check if the handler has our annotation final RequireHardLogIn annotation = findAnnotation(handler, RequireHardLogIn.class); if (annotation != null) { final String guid = (String) request.getSession().getAttribute(SECURE_GUID_SESSION_KEY); boolean redirect = true; if ((!getUserService().isAnonymousUser(getUserService().getCurrentUser()) || checkForAnonymousCheckout()) && checkForGUIDCookie(request, response, guid)) { redirect = false;//from ww w .j a v a 2 s.co m } if (redirect) { LOG.warn((guid == null ? "missing secure token in session" : "no matching guid cookie") + ", redirecting"); getRedirectStrategy().sendRedirect(request, response, getRedirectUrl(request)); return false; } } } return true; }
From source file:org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.java
private boolean isBasicAuthSupported(HttpServletRequest req) { return req.isSecure() ? _httpManagement.isHttpsBasicAuthenticationEnabled() : _httpManagement.isHttpBasicAuthenticationEnabled(); }
From source file:ru.org.linux.edithistory.EditHistoryController.java
@RequestMapping({ "/news/{group}/{id}/{commentid}/history", "/forum/{group}/{id}/{commentid}/history", "/gallery/{group}/{id}/{commentid}/history", "/polls/{group}/{id}/{commentid}/history" }) public ModelAndView showCommentEditInfo(HttpServletRequest request, @PathVariable("id") int msgid, @PathVariable("commentid") int commentId) throws Exception { Topic message = messageDao.getById(msgid); Comment comment = commentService.getById(commentId); List<PreparedEditHistory> editHistories = editHistoryService.prepareEditInfo(comment, request.isSecure()); ModelAndView modelAndView = new ModelAndView("history"); modelAndView.getModel().put("message", message); modelAndView.getModel().put("editHistories", editHistories); return modelAndView; }
From source file:org.apache.nifi.web.security.anonymous.NiFiAnonymousUserFilter.java
@Override protected Authentication createAuthentication(HttpServletRequest request) { Authentication authentication = null; try {//from ww w . j a va 2s. c o m // load the anonymous user from the database NiFiUser user = userService.getUserByDn(NiFiUser.ANONYMOUS_USER_IDENTITY); // if this is an unsecure request allow full access if (!request.isSecure()) { user.getAuthorities().addAll(EnumSet.allOf(Authority.class)); } // only create an authentication token if the anonymous user has some authorities if (!user.getAuthorities().isEmpty()) { NiFiUserDetails userDetails = new NiFiUserDetails(user); // get the granted authorities authentication = new NiFiAuthorizationToken(userDetails); } } catch (AdministrationException ase) { // record the issue anonymousUserFilterLogger .warn("Unable to load anonymous user from accounts database: " + ase.getMessage()); if (anonymousUserFilterLogger.isDebugEnabled()) { anonymousUserFilterLogger.warn(StringUtils.EMPTY, ase); } } return authentication; }
From source file:ru.org.linux.spring.MainPageController.java
@RequestMapping({ "/", "/index.jsp" }) public ModelAndView mainPage(HttpServletRequest request) { Template tmpl = Template.getTemplate(request); List<Topic> messages = topicListService.getMainPageFeed(tmpl.getProf().isShowGalleryOnMain()); ModelAndView mv = new ModelAndView("index"); mv.getModel().put("news", prepareService.prepareMessagesForUser(messages, request.isSecure(), tmpl.getCurrentUser(), tmpl.getProf(), false)); if (tmpl.isModeratorSession() || tmpl.isCorrectorSession()) { int uncommited = jdbcTemplate.queryForInt( "select count(*) from topics,groups,sections where section=sections.id AND sections.moderate and topics.groupid=groups.id and not deleted and not topics.moderate AND postdate>(CURRENT_TIMESTAMP-'1 month'::interval)"); mv.getModel().put("uncommited", uncommited); int uncommitedNews = 0; if (uncommited > 0) { uncommitedNews = jdbcTemplate.queryForInt( "select count(*) from topics,groups where section=1 AND topics.groupid=groups.id and not deleted and not topics.moderate AND postdate>(CURRENT_TIMESTAMP-'1 month'::interval)"); }//from w ww . j av a 2 s . c om mv.getModel().put("uncommitedNews", uncommitedNews); } mv.getModel().put("showAdsense", !tmpl.isSessionAuthorized() || !tmpl.getProf().isHideAdsense()); return mv; }
From source file:org.wso2.carbon.identity.entitlement.filter.EntitlementCacheUpdateServlet.java
@Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws EntitlementCacheUpdateServletException { if (!req.isSecure()) { redirectToHTTPS(req, resp);//from w w w . j ava 2s . com } else if (req.getParameter(USERNAME_STRING) != null && req.getParameter(PSWD_STRING) != null && !NULL_STRING.equals(req.getParameter(USERNAME_STRING)) && !NULL_STRING.equals(req.getParameter(PSWD_STRING))) { doAuthentication(req, resp); } else { if (req.getParameter(USERNAME_STRING) == null) { log.info("\'username\' parameter not available in request. Redirecting to " + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL()); } if (req.getParameter(PSWD_STRING) == null) { log.info("\'password\' parameter not available in request. Redirecting to " + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL()); } if (req.getParameter(USERNAME_STRING) != null && NULL_STRING.equals(req.getParameter(USERNAME_STRING))) { log.info("\'username\' is empty in request. Redirecting to " + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL()); } if (req.getParameter(PSWD_STRING) != null && NULL_STRING.equals(req.getParameter(PSWD_STRING))) { log.info("\'password\' is empty in request. Redirecting to " + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL()); } showAuthPage(req, resp); } }
From source file:co.id.app.sys.util.StringUtils.java
/** * Sets the given cookie values in the servlet response. * <p/>//from w w w. ja va 2s. c o m * This will also put the cookie in a list of cookies to send with this request's response * (so that in case of a redirect occurring down the chain, the first filter * will always try to set this cookie again) * <p/> * The cookie secure flag is set if the request is secure. * <p/> * This method was derived from Atlassian <tt>CookieUtils</tt> method of * the same name, release under the Apache License. * * @param request the servlet request * @param response the servlet response * @param name the cookie name * @param value the cookie value * @param maxAge the maximum age of the cookie in seconds. A negative * value will expire the cookie at the end of the session, while 0 will delete * the cookie. * @param path the cookie path * @return the Cookie object created and set in the response */ public static Cookie setCookie(HttpServletRequest request, HttpServletResponse response, String name, String value, int maxAge, String path) { Cookie cookie = new Cookie(name, value); cookie.setMaxAge(maxAge); cookie.setPath(path); cookie.setSecure(request.isSecure()); response.addCookie(cookie); return cookie; }