Example usage for javax.servlet.http HttpServletRequest isSecure

List of usage examples for javax.servlet.http HttpServletRequest isSecure

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletRequest isSecure.

Prototype

public boolean isSecure();

Source Link

Document

Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.

Usage

From source file:ru.org.linux.gallery.DeleteImageController.java

@RequestMapping(method = RequestMethod.GET)
public ModelAndView deleteForm(@RequestParam(required = true) int id, HttpServletRequest request)
        throws Exception {
    Template tmpl = Template.getTemplate(request);

    Image image = imageDao.getImage(id);
    Topic topic = topicDao.getById(image.getTopicId());
    PreparedTopic preparedTopic = prepareService.prepareTopic(topic, request.isSecure(), tmpl.getCurrentUser());

    checkDelete(preparedTopic, tmpl.getCurrentUser());

    ModelAndView mv = new ModelAndView("delete_image");

    mv.addObject("image", image);
    mv.addObject("preparedTopic", preparedTopic);

    return mv;/*from  w  w w  . ja v a2s  .  co  m*/
}

From source file:com.acc.storefront.interceptors.beforecontroller.RequireHardLoginBeforeControllerHandler.java

@Override
public boolean beforeController(final HttpServletRequest request, final HttpServletResponse response,
        final HandlerMethod handler) throws Exception {
    // We only care if the request is secure
    if (request.isSecure()) {
        // Check if the handler has our annotation
        final RequireHardLogIn annotation = findAnnotation(handler, RequireHardLogIn.class);
        if (annotation != null) {
            final String guid = (String) request.getSession().getAttribute(SECURE_GUID_SESSION_KEY);
            boolean redirect = true;

            if (((!getUserService().isAnonymousUser(getUserService().getCurrentUser())
                    || checkForAnonymousCheckout()) && checkForGUIDCookie(request, response, guid))) {
                redirect = false;//w ww  .j  a  v  a 2s.  com
            }

            if (redirect) {
                LOG.warn((guid == null ? "missing secure token in session" : "no matching guid cookie")
                        + ", redirecting");
                getRedirectStrategy().sendRedirect(request, response, getRedirectUrl(request));
                return false;
            }
        }
    }

    return true;
}

From source file:com.razorfish.interceptors.beforecontroller.RequireHardLoginBeforeControllerHandler.java

@Override
public boolean beforeController(final HttpServletRequest request, final HttpServletResponse response,
        final HandlerMethod handler) throws Exception {
    // We only care if the request is secure
    if (request.isSecure()) {
        // Check if the handler has our annotation
        final RequireHardLogIn annotation = findAnnotation(handler, RequireHardLogIn.class);
        if (annotation != null) {
            final String guid = (String) request.getSession().getAttribute(SECURE_GUID_SESSION_KEY);
            boolean redirect = true;

            if (((!getUserService().isAnonymousUser(getUserService().getCurrentUser())
                    || checkForAnonymousCheckout()) && checkForGUIDCookie(request, response, guid))) {
                redirect = false;// ww w .j  a  va2s .c  o  m
            }

            if (redirect) {

                LOG.warn((guid == null ? "missing secure token in session" : "no matching guid cookie")
                        + ", redirecting");
                getRedirectStrategy().sendRedirect(request, response, getRedirectUrl(request));
                return false;
            }
        }
    }

    return true;
}

From source file:com.ebook.storefront.interceptors.beforecontroller.RequireHardLoginBeforeControllerHandler.java

@Override
public boolean beforeController(final HttpServletRequest request, final HttpServletResponse response,
        final HandlerMethod handler) throws Exception {
    // We only care if the request is secure
    if (request.isSecure()) {
        // Check if the handler has our annotation
        final RequireHardLogIn annotation = findAnnotation(handler, RequireHardLogIn.class);
        if (annotation != null) {
            final String guid = (String) request.getSession().getAttribute(SECURE_GUID_SESSION_KEY);
            boolean redirect = true;

            if ((!getUserService().isAnonymousUser(getUserService().getCurrentUser())
                    || checkForAnonymousCheckout()) && checkForGUIDCookie(request, response, guid)) {
                redirect = false;//from ww  w  .j  a v  a 2  s.co m
            }

            if (redirect) {
                LOG.warn((guid == null ? "missing secure token in session" : "no matching guid cookie")
                        + ", redirecting");
                getRedirectStrategy().sendRedirect(request, response, getRedirectUrl(request));
                return false;
            }
        }
    }

    return true;
}

From source file:org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.java

private boolean isBasicAuthSupported(HttpServletRequest req) {
    return req.isSecure() ? _httpManagement.isHttpsBasicAuthenticationEnabled()
            : _httpManagement.isHttpBasicAuthenticationEnabled();
}

From source file:ru.org.linux.edithistory.EditHistoryController.java

@RequestMapping({ "/news/{group}/{id}/{commentid}/history", "/forum/{group}/{id}/{commentid}/history",
        "/gallery/{group}/{id}/{commentid}/history", "/polls/{group}/{id}/{commentid}/history" })
public ModelAndView showCommentEditInfo(HttpServletRequest request, @PathVariable("id") int msgid,
        @PathVariable("commentid") int commentId) throws Exception {
    Topic message = messageDao.getById(msgid);
    Comment comment = commentService.getById(commentId);

    List<PreparedEditHistory> editHistories = editHistoryService.prepareEditInfo(comment, request.isSecure());

    ModelAndView modelAndView = new ModelAndView("history");

    modelAndView.getModel().put("message", message);
    modelAndView.getModel().put("editHistories", editHistories);

    return modelAndView;
}

From source file:org.apache.nifi.web.security.anonymous.NiFiAnonymousUserFilter.java

@Override
protected Authentication createAuthentication(HttpServletRequest request) {
    Authentication authentication = null;

    try {//from ww  w .  j  a  va 2s.  c o m
        // load the anonymous user from the database
        NiFiUser user = userService.getUserByDn(NiFiUser.ANONYMOUS_USER_IDENTITY);

        // if this is an unsecure request allow full access
        if (!request.isSecure()) {
            user.getAuthorities().addAll(EnumSet.allOf(Authority.class));
        }

        // only create an authentication token if the anonymous user has some authorities
        if (!user.getAuthorities().isEmpty()) {
            NiFiUserDetails userDetails = new NiFiUserDetails(user);

            // get the granted authorities
            authentication = new NiFiAuthorizationToken(userDetails);
        }
    } catch (AdministrationException ase) {
        // record the issue
        anonymousUserFilterLogger
                .warn("Unable to load anonymous user from accounts database: " + ase.getMessage());
        if (anonymousUserFilterLogger.isDebugEnabled()) {
            anonymousUserFilterLogger.warn(StringUtils.EMPTY, ase);
        }
    }
    return authentication;
}

From source file:ru.org.linux.spring.MainPageController.java

@RequestMapping({ "/", "/index.jsp" })
public ModelAndView mainPage(HttpServletRequest request) {
    Template tmpl = Template.getTemplate(request);

    List<Topic> messages = topicListService.getMainPageFeed(tmpl.getProf().isShowGalleryOnMain());

    ModelAndView mv = new ModelAndView("index");

    mv.getModel().put("news", prepareService.prepareMessagesForUser(messages, request.isSecure(),
            tmpl.getCurrentUser(), tmpl.getProf(), false));

    if (tmpl.isModeratorSession() || tmpl.isCorrectorSession()) {
        int uncommited = jdbcTemplate.queryForInt(
                "select count(*) from topics,groups,sections where section=sections.id AND sections.moderate and topics.groupid=groups.id and not deleted and not topics.moderate AND postdate>(CURRENT_TIMESTAMP-'1 month'::interval)");

        mv.getModel().put("uncommited", uncommited);

        int uncommitedNews = 0;

        if (uncommited > 0) {
            uncommitedNews = jdbcTemplate.queryForInt(
                    "select count(*) from topics,groups where section=1 AND topics.groupid=groups.id and not deleted and not topics.moderate AND postdate>(CURRENT_TIMESTAMP-'1 month'::interval)");
        }//from  w ww  .  j  av  a 2 s  . c  om

        mv.getModel().put("uncommitedNews", uncommitedNews);
    }

    mv.getModel().put("showAdsense", !tmpl.isSessionAuthorized() || !tmpl.getProf().isHideAdsense());

    return mv;
}

From source file:org.wso2.carbon.identity.entitlement.filter.EntitlementCacheUpdateServlet.java

@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
        throws EntitlementCacheUpdateServletException {

    if (!req.isSecure()) {
        redirectToHTTPS(req, resp);//from  w  w  w . j  ava 2s .  com
    } else if (req.getParameter(USERNAME_STRING) != null && req.getParameter(PSWD_STRING) != null
            && !NULL_STRING.equals(req.getParameter(USERNAME_STRING))
            && !NULL_STRING.equals(req.getParameter(PSWD_STRING))) {
        doAuthentication(req, resp);
    } else {
        if (req.getParameter(USERNAME_STRING) == null) {
            log.info("\'username\' parameter not available in request. Redirecting to "
                    + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL());
        }
        if (req.getParameter(PSWD_STRING) == null) {
            log.info("\'password\' parameter not available in request. Redirecting to "
                    + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL());
        }
        if (req.getParameter(USERNAME_STRING) != null
                && NULL_STRING.equals(req.getParameter(USERNAME_STRING))) {
            log.info("\'username\' is empty in request. Redirecting to "
                    + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL());
        }
        if (req.getParameter(PSWD_STRING) != null && NULL_STRING.equals(req.getParameter(PSWD_STRING))) {
            log.info("\'password\' is empty in request. Redirecting to "
                    + EntitlementCacheUpdateServletDataHolder.getInstance().getAuthenticationPageURL());
        }
        showAuthPage(req, resp);
    }
}

From source file:co.id.app.sys.util.StringUtils.java

/**
 * Sets the given cookie values in the servlet response.
 * <p/>//from  w  w w. ja va  2s. c o m
 * This will also put the cookie in a list of cookies to send with this request's response
 * (so that in case of a redirect occurring down the chain, the first filter
 * will always try to set this cookie again)
 * <p/>
 * The cookie secure flag is set if the request is secure.
 * <p/>
 * This method was derived from Atlassian <tt>CookieUtils</tt> method of
 * the same name, release under the Apache License.
 *
 * @param request the servlet request
 * @param response the servlet response
 * @param name the cookie name
 * @param value the cookie value
 * @param maxAge the maximum age of the cookie in seconds. A negative
 * value will expire the cookie at the end of the session, while 0 will delete
 * the cookie.
 * @param path the cookie path
 * @return the Cookie object created and set in the response
 */
public static Cookie setCookie(HttpServletRequest request, HttpServletResponse response, String name,
        String value, int maxAge, String path) {

    Cookie cookie = new Cookie(name, value);
    cookie.setMaxAge(maxAge);
    cookie.setPath(path);
    cookie.setSecure(request.isSecure());
    response.addCookie(cookie);

    return cookie;
}