Example usage for javax.servlet.http HttpServletRequest isSecure

List of usage examples for javax.servlet.http HttpServletRequest isSecure

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletRequest isSecure.

Prototype

public boolean isSecure();

Source Link

Document

Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.

Usage

From source file:au.gov.dto.dibp.appointments.security.csrf.CookieBasedCsrfTokenRepository.java

@Override
public void saveToken(CsrfToken token, HttpServletRequest request, HttpServletResponse response) {
    Cookie csrfCookie;//from  ww  w.  j  av  a2  s.c o m
    if (token == null) {
        csrfCookie = new Cookie(CSRF_COOKIE_AND_PARAMETER_NAME, "");
        csrfCookie.setMaxAge(0);
    } else {
        csrfCookie = new Cookie(token.getParameterName(), token.getToken());
        csrfCookie.setMaxAge(COOKIE_MAX_AGE_SECONDS);
    }
    csrfCookie.setHttpOnly(true);
    csrfCookie.setSecure(request.isSecure());
    response.addCookie(csrfCookie);
}

From source file:org.wso2.carbon.event.input.adaptor.http.HTTPMessageServlet.java

@Override
protected void doPost(HttpServletRequest req, HttpServletResponse res) throws IOException {

    String data = this.inputStreamToString(req.getInputStream());
    if (data == null) {
        log.warn("Event Object is empty/null");
        return;/*ww  w  . ja  v  a2 s.  c  o m*/
    }
    if (req.isSecure()) {
        int tenantId = this.checkAuthentication(req);
        if (tenantId == -1) {
            res.getOutputStream().write(AUTH_FAILURE_RESPONSE.getBytes());
            log.error("Authentication failed for the request");
            return;
        }
    }

    Map<String, ConcurrentHashMap<String, ArrayList<HTTPAdaptorListener>>> tenantSpecificListenerMap = HTTPEventAdaptorType.inputEventAdaptorListenerMap
            .get(tenantId);
    if (tenantSpecificListenerMap != null) {
        Map<String, ArrayList<HTTPAdaptorListener>> adaptorSpecificListenerMap = tenantSpecificListenerMap
                .get(adaptorName);
        if (adaptorSpecificListenerMap != null) {
            List<HTTPAdaptorListener> topicSpecificAdaptorListenerList = adaptorSpecificListenerMap.get(topic);
            if (topicSpecificAdaptorListenerList != null) {
                for (HTTPAdaptorListener inputEventAdaptorListener : topicSpecificAdaptorListenerList) {
                    if (log.isDebugEnabled()) {
                        log.debug("Message : " + data);
                    }
                    HTTPEventAdaptorType.executorService.submit(new HTTPRequestProcessor(
                            inputEventAdaptorListener.getInputeventadaptorlistener(), data, tenantId));
                }
            }
        }

    }
}

From source file:org.wso2.carbon.event.input.adaptor.http.HTTPMessageServlet.java

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException {

    String data = this.inputStreamToString(req.getInputStream());
    if (data == null) {
        log.warn("Event Object is empty/null");
        return;//from w  w  w  .ja v  a 2s. c  o  m
    }
    if (req.isSecure()) {
        int tenantId = this.checkAuthentication(req);
        if (tenantId == -1) {
            res.getOutputStream().write(AUTH_FAILURE_RESPONSE.getBytes());
            log.error("Authentication failed for the request");
            return;
        }
    }

    Map<String, ConcurrentHashMap<String, ArrayList<HTTPAdaptorListener>>> tenantSpecificListenerMap = HTTPEventAdaptorType.inputEventAdaptorListenerMap
            .get(tenantId);
    if (tenantSpecificListenerMap != null) {
        Map<String, ArrayList<HTTPAdaptorListener>> adaptorSpecificListenerMap = tenantSpecificListenerMap
                .get(adaptorName);
        if (adaptorSpecificListenerMap != null) {
            List<HTTPAdaptorListener> topicSpecificAdaptorListenerList = adaptorSpecificListenerMap.get(topic);
            if (topicSpecificAdaptorListenerList != null) {
                for (HTTPAdaptorListener inputEventAdaptorListener : topicSpecificAdaptorListenerList) {
                    if (log.isDebugEnabled()) {
                        log.debug("Message : " + data);
                    }
                    HTTPEventAdaptorType.executorService.submit(new HTTPRequestProcessor(
                            inputEventAdaptorListener.getInputeventadaptorlistener(), data, tenantId));
                }
            }
        }

    }

}

From source file:org.springframework.session.web.http.DefaultCookieSerializer.java

private boolean isSecureCookie(HttpServletRequest request) {
    if (this.useSecureCookie == null) {
        return request.isSecure();
    }//  w w  w . j a v a 2s. c  o m
    return this.useSecureCookie;
}

From source file:au.gov.dto.springframework.security.web.csrf.CookieCsrfTokenRepository.java

@Override
public void saveToken(CsrfToken token, HttpServletRequest request, HttpServletResponse response) {
    Cookie csrfCookie;/*from w  w w .ja  v  a2  s.  c o m*/
    if (token == null) {
        csrfCookie = new Cookie(csrfCookieName, "");
        csrfCookie.setMaxAge(0);
    } else {
        csrfCookie = new Cookie(csrfCookieName, token.getToken());
        csrfCookie.setMaxAge(csrfCookieMaxAgeSeconds);
    }
    csrfCookie.setHttpOnly(true);
    csrfCookie.setSecure(request.isSecure());
    csrfCookie.setPath(csrfCookiePath);
    response.addCookie(csrfCookie);
}

From source file:org.broadleafcommerce.cms.web.processor.ContentProcessor.java

public boolean isSecure(HttpServletRequest request) {
    boolean secure = false;
    if (request != null) {
        secure = ("HTTPS".equalsIgnoreCase(request.getScheme()) || request.isSecure());
    }/*from  w  ww  . j  av  a  2  s.c o  m*/
    return secure;
}

From source file:org.apache.rave.portal.service.impl.ReCaptchaService.java

@Override
public boolean isValid(HttpServletRequest request) {
    log.debug("ReCaptcha enabled:  {}", captchaEnabled);
    if (!captchaEnabled) {
        return true;
    }/*w w w. j  a  v  a2 s  . co m*/
    if (StringUtils.isBlank(privateKey) || StringUtils.isBlank(publicKey)) {
        log.error("ReCaptcha service is enabled, however, private or public keys are not defined.");
        return true;
    }

    boolean secure = request.isSecure();
    ReCaptcha captcha;
    if (secure) {
        captcha = ReCaptchaFactory.newSecureReCaptcha(publicKey, privateKey, createNoScript);
    } else {
        captcha = ReCaptchaFactory.newReCaptcha(publicKey, privateKey, createNoScript);
    }
    String response = request.getParameter(PARAM_CAPTCHA_RESPONSE);
    String challenge = request.getParameter(PARAM_CAPTCHA_CHALLENGE);
    String remoteAddress = request.getRemoteAddr();
    // validate:
    ReCaptchaResponse captchaResponse = captcha.checkAnswer(remoteAddress, challenge, response);
    boolean valid = captchaResponse.isValid();
    if (valid) {
        return true;
    }
    log.warn("Invalid captcha response:  {}", captchaResponse.getErrorMessage());
    return false;

}

From source file:org.silverpeas.core.web.filter.MassiveWebSecurityFilter.java

private void setDefaultSecurity(final HttpServletRequest request, final HttpServletResponse response) {
    response.setHeader("X-Content-Type-Options", "nosniff");
    if (request.isSecure() && SecuritySettings.isStrictTransportSecurityEnabled()) {
        response.setHeader("Strict-Transport-Security",
                "max-age=" + SecuritySettings.getStrictTransportSecurityExpirationTime() + "; preload");
    }//from w w  w . j a va 2s .  co m
}

From source file:alpine.filters.FqdnForwardFilter.java

/**
 * Forward requests.....//from  ww  w  .  j av a2  s.c o m
 *
 * @param request The request object.
 * @param response The response object.
 * @param chain Refers to the {@code FilterChain} object to pass control to the next {@code Filter}.
 * @throws IOException a IOException
 * @throws ServletException a ServletException
 */
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
        throws IOException, ServletException {

    final HttpServletRequest req = (HttpServletRequest) request;
    final HttpServletResponse res = (HttpServletResponse) response;

    if (req.getServerName().equals(host)) {
        chain.doFilter(request, response);
        return;
    }

    res.setStatus(HttpServletResponse.SC_MOVED_PERMANENTLY);

    StringBuilder sb = new StringBuilder();
    sb.append("http");
    if (req.isSecure()) {
        sb.append("s");
    }
    sb.append("://").append(host);
    if (StringUtils.isNotBlank(req.getPathInfo())) {
        sb.append(req.getPathInfo());
    }
    if (StringUtils.isNotBlank(req.getQueryString())) {
        sb.append("?").append(req.getQueryString());
    }
    res.setHeader("Location", sb.toString());
}

From source file:com.epam.cme.storefront.interceptors.beforeview.SeoRobotsFollowBeforeViewHandler.java

@Override
public void beforeView(final HttpServletRequest request, final HttpServletResponse response,
        final ModelAndView modelAndView) {
    // Check to see if the controller has specified a Index/Follow directive for robots
    if (modelAndView != null && !modelAndView.getModel().containsKey("metaRobots")) {
        // Build a default directive
        String robotsValue = "no-index,no-follow";

        if (RequestMethod.GET.name().equalsIgnoreCase(request.getMethod())) {
            if (request.isSecure()) {
                robotsValue = "no-index,follow";
            } else {
                robotsValue = "index,follow";
            }//ww w .  j a v  a2s  . c o m
        } else if (RequestMethod.POST.name().equalsIgnoreCase(request.getMethod())) {
            robotsValue = "no-index,no-follow";
        }

        modelAndView.addObject("metaRobots", robotsValue);
    }
}