List of usage examples for javax.servlet.http HttpServletResponse addCookie
public void addCookie(Cookie cookie);
From source file:au.gov.dto.springframework.security.web.csrf.CookieCsrfTokenRepository.java
@Override public void saveToken(CsrfToken token, HttpServletRequest request, HttpServletResponse response) { Cookie csrfCookie;/* w w w.j a v a 2 s. co m*/ if (token == null) { csrfCookie = new Cookie(csrfCookieName, ""); csrfCookie.setMaxAge(0); } else { csrfCookie = new Cookie(csrfCookieName, token.getToken()); csrfCookie.setMaxAge(csrfCookieMaxAgeSeconds); } csrfCookie.setHttpOnly(true); csrfCookie.setSecure(request.isSecure()); csrfCookie.setPath(csrfCookiePath); response.addCookie(csrfCookie); }
From source file:br.com.edo.atmlist.config.CsrfHeaderFilter.java
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (csrf != null) { Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); String token = csrf.getToken(); if (cookie == null || token != null && !token.equals(cookie.getValue())) { cookie = new Cookie("XSRF-TOKEN", token); cookie.setPath("/"); response.addCookie(cookie); }//from w ww . jav a 2 s .c o m } filterChain.doFilter(request, response); }
From source file:com.qut.middleware.spep.servlet.AuthenticationServletTest.java
/** * @throws Exception/*www .j av a 2 s . co m*/ */ @Test public void testPost2a() throws Exception { final LineVectorOutputStream outputStream = new LineVectorOutputStream(); final String sessionID = "9809283409182304981234-923-501209348091234"; final String base64RequestURL = new String(Base64.encodeBase64(this.defaultRequestURL.getBytes("UTF-8"))); Modify<AuthnProcessorData> modifyAuthnProcessorData = new ModifyAuthnProcessorData(sessionID, null, null); Capture<Cookie> captureCookie = new Capture<Cookie>(); this.authnProcessor.processAuthnResponse(modify(modifyAuthnProcessorData), (Response) notNull()); expectLastCall().anyTimes(); startMock(); this.authenticationServlet.init(this.servletConfig); String samlResponse = new String(Base64.encodeBase64("some response document".getBytes("UTF-8"))); ServletOutputStream out = new OutputStreamServletOutputStream(outputStream); HttpServletRequest request = createMock(HttpServletRequest.class); expect(request.getParameter("SAMLResponse")).andReturn(samlResponse).anyTimes(); HttpServletResponse response = createMock(HttpServletResponse.class); response.addCookie(capture(captureCookie)); expectLastCall().once(); // Make sure we get redirected to the default URL response.sendRedirect(this.defaultRequestURL); expectLastCall().once(); replay(request); replay(response); this.authenticationServlet.doPost(request, response); verify(request); verify(response); Cookie spepCookie = null; for (Cookie cookie : captureCookie.getCaptured()) { if (cookie.getName().equals(this.tokenName)) { spepCookie = cookie; break; } } assertNotNull(spepCookie); assertEquals(this.tokenName, spepCookie.getName()); assertEquals(sessionID, spepCookie.getValue()); endMock(); }
From source file:com.aplikasi.penjualan.config.CsrfAttributeToCookieFilter.java
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (csrf != null) { Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); String token = csrf.getToken(); if (cookie == null || token != null && !token.equals(cookie.getValue())) { cookie = new Cookie("XSRF-TOKEN", token); cookie.setPath("/"); response.addCookie(cookie); }/* ww w .j av a 2 s . co m*/ } filterChain.doFilter(request, response); }
From source file:com.qut.middleware.spep.servlet.AuthenticationServletTest.java
/** * @throws Exception//from ww w . j av a2s .c om */ @Test public void testPost2b() throws Exception { final LineVectorOutputStream outputStream = new LineVectorOutputStream(); final String sessionID = "9809283409182304981234-923-501209348091234"; final String requestURL = "http://lol.request.url/somepage.jsp"; final String base64RequestURL = new String(Base64.encodeBase64(requestURL.getBytes("UTF-8"))); Modify<AuthnProcessorData> modifyAuthnProcessorData = new ModifyAuthnProcessorData(sessionID, base64RequestURL, null); Capture<Cookie> captureCookie = new Capture<Cookie>(); this.authnProcessor.processAuthnResponse(modify(modifyAuthnProcessorData), (Response) notNull()); expectLastCall().anyTimes(); startMock(); this.authenticationServlet.init(this.servletConfig); String samlResponse = new String(Base64.encodeBase64("some response document".getBytes("UTF-8"))); ServletOutputStream out = new OutputStreamServletOutputStream(outputStream); HttpServletRequest request = createMock(HttpServletRequest.class); expect(request.getParameter("SAMLResponse")).andReturn(samlResponse).anyTimes(); HttpServletResponse response = createMock(HttpServletResponse.class); response.addCookie(capture(captureCookie)); expectLastCall().once(); // Make sure we get redirected to the session URL response.sendRedirect(requestURL); expectLastCall().once(); replay(request); replay(response); this.authenticationServlet.doPost(request, response); verify(request); verify(response); Cookie spepCookie = null; for (Cookie cookie : captureCookie.getCaptured()) { if (cookie.getName().equals(this.tokenName)) { spepCookie = cookie; break; } } assertNotNull(spepCookie); assertEquals(this.tokenName, spepCookie.getName()); assertEquals(sessionID, spepCookie.getValue()); endMock(); }
From source file:co.edu.utb.softeng.springtodos.config.security.CsrfHeaderFilter.java
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (csrf != null) { Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); String token = csrf.getToken(); if (cookie == null || token != null && !token.equals(cookie.getValue())) { cookie = new Cookie("XSRF-TOKEN", token); cookie.setPath("/"); response.addCookie(cookie); }/*from ww w .j a va 2s . c o m*/ } filterChain.doFilter(request, response); }
From source file:com.byd.test.actions.OrderAction.java
License:asdf
@RequestMapping("createCookie") public void createCookie(HttpServletResponse response) { System.out.println("cookie start"); Cookie cookie = new Cookie("cookie_name", "whatisthis"); cookie.setHttpOnly(Boolean.TRUE); cookie.setDomain("chengangxiong"); cookie.setVersion(1);/*from w w w .ja va 2s.c om*/ cookie.setMaxAge(15);//15 response.addCookie(cookie); }
From source file:es.logongas.ix3.web.security.impl.WebSessionSidStorageImplAbstractJws.java
@Override public void setSid(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Serializable sid) {/* w w w. ja va 2 s . co m*/ String payload = serialize(sid); String jwsCompact = jws.getJwsCompactSerialization(payload, getSecretKey(sid)); Cookie cookie = new Cookie(jwsCookieName, jwsCompact); cookie.setHttpOnly(false); cookie.setPath(httpServletRequest.getContextPath() + "/"); httpServletResponse.addCookie(cookie); }
From source file:com.ar.dev.tierra.api.config.CsrfHeaderFilter.java
/** * Metodo para agregar cookie contra CRSF * @param request//from w w w .j av a 2s . com * @param response * @param filterChain * @throws ServletException * @throws IOException */ @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (csrf != null) { Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); String token = csrf.getToken(); if (cookie == null || token != null && !token.equals(cookie.getValue())) { cookie = new Cookie("XSRF-TOKEN", token); cookie.setPath("/"); response.addCookie(cookie); } } filterChain.doFilter(request, response); }
From source file:com.reever.humilheme.web.CookieController.java
public Cookie createCookie(HttpServletRequest request, HttpServletResponse response, String conteudo) { String path = StringUtils.isEmpty(request.getContextPath()) ? "/" : request.getContextPath(); try {// w ww . jav a2s . com conteudo = URLEncoder.encode(conteudo, "UTF-8"); } catch (UnsupportedEncodingException e) { _logger.error("Erro no encode do cookie", e); } Cookie cookie = new Cookie(nomeCookie, conteudo); cookie.setMaxAge(expiry); cookie.setPath(path); cookie.setVersion(1); response.addCookie(cookie); return cookie; }