List of usage examples for javax.servlet ServletRequest getAttribute
public Object getAttribute(String name);
Object
, or null
if no attribute of the given name exists. From source file:org.jsecurity.web.servlet.OncePerRequestFilter.java
/** * This <code>doFilter</code> implementation stores a request attribute for * "already filtered", proceeding without filtering again if the * attribute is already there./* w w w . j a v a2 s. co m*/ * * @see #getAlreadyFilteredAttributeName * @see #shouldNotFilter * @see #doFilterInternal */ public final void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws ServletException, IOException { String alreadyFilteredAttributeName = getAlreadyFilteredAttributeName(); if (request.getAttribute(alreadyFilteredAttributeName) != null || shouldNotFilter(request)) { if (log.isTraceEnabled()) { log.trace("Filter already executed. Proceeding without invoking this filter."); } // Proceed without invoking this filter... filterChain.doFilter(request, response); } else { // Do invoke this filter... if (log.isTraceEnabled()) { log.trace("Filter not yet executed. Executing now."); } request.setAttribute(alreadyFilteredAttributeName, Boolean.TRUE); doFilterInternal(request, response, filterChain); } }
From source file:gov.nih.nci.cabig.caaers.web.study.SolicitedAdverseEventTab.java
/** * Returns the value associated with the <code>attributeName</code>, if present in * HttpRequest parameter, if not available, will check in HttpRequest attribute map. *///w ww.ja va 2 s. c o m protected Object findInRequest(final ServletRequest request, final String attributName) { Object attr = request.getParameter(attributName); if (attr == null) { attr = request.getAttribute(attributName); } return attr; }
From source file:com.xpn.xwiki.web.ActionFilter.java
/** * {@inheritDoc}//ww w. java2s . co m * * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain) */ @SuppressWarnings("unchecked") public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // Only HTTP requests can be dispatched. if (request instanceof HttpServletRequest && !Boolean.valueOf((String) request.getAttribute(ATTRIBUTE_ACTION_DISPATCHED))) { HttpServletRequest hrequest = (HttpServletRequest) request; Enumeration<String> parameterNames = hrequest.getParameterNames(); while (parameterNames.hasMoreElements()) { String parameter = parameterNames.nextElement(); if (parameter.startsWith(ACTION_PREFIX)) { String targetURL = getTargetURL(hrequest, parameter); RequestDispatcher dispatcher = hrequest.getRequestDispatcher(targetURL); if (dispatcher != null) { LOG.debug("Forwarding request to " + targetURL); request.setAttribute(ATTRIBUTE_ACTION_DISPATCHED, "true"); dispatcher.forward(hrequest, response); // Allow multiple calls to this filter as long as they are not nested. request.removeAttribute(ATTRIBUTE_ACTION_DISPATCHED); // If the request was forwarder to another path, don't continue the normal processing chain. return; } } } } // Let the request pass through unchanged. chain.doFilter(request, response); }
From source file:edu.emory.cci.aiw.cvrg.eureka.servlet.filter.UserInfoFilter.java
@Override public void doFilter(ServletRequest inRequest, ServletResponse inResponse, FilterChain inFilterChain) throws IOException, ServletException { HttpServletRequest servletRequest = (HttpServletRequest) inRequest; String remoteUser = servletRequest.getRemoteUser(); boolean userIsActivated = false; if (!StringUtils.isEmpty(remoteUser)) { User user = (User) inRequest.getAttribute("user"); if (user != null && user.isActive()) { userIsActivated = true;//w w w . j a va 2s .co m } } inRequest.setAttribute("userIsActivated", userIsActivated); inFilterChain.doFilter(inRequest, inResponse); }
From source file:org.codice.ddf.security.idp.client.IdpHandler.java
@Override public HandlerResult handleError(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws ServletException { String realm = (String) servletRequest.getAttribute(ContextPolicy.ACTIVE_REALM); HandlerResult result = new HandlerResult(HandlerResult.Status.NO_ACTION, null); result.setSource(realm + "-" + SOURCE); LOGGER.debug("In error handler for idp - no action taken."); return result; }
From source file:edu.vt.middleware.servlet.filter.ClientCertFilter.java
/** * Handle all requests sent to this filter. * * @param request <code>ServletRequest</code> * @param response <code>ServletResponse</code> * @param chain <code>FilterChain</code> * * @throws ServletException if an error occurs * @throws IOException if an error occurs *///from w w w .j a v a 2 s .c o m public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { boolean success = false; final X509Certificate[] certChain = (X509Certificate[]) request .getAttribute("javax.servlet.request.X509Certificate"); if (LOG.isDebugEnabled()) { if (certChain != null && certChain[0] != null) { if (LOG.isDebugEnabled()) { LOG.debug( "Received the following client certificate: " + certChain[0].getSubjectDN().getName()); } } else { if (LOG.isDebugEnabled()) { LOG.debug("Did not receive a client certificate"); } } } if (certChain != null && certChain[0] != null) { final String issuer = certChain[0].getIssuerX500Principal().getName(); final String subject = certChain[0].getSubjectX500Principal().getName(); if (this.issuerDnPattern != null && this.subjectDnPattern != null) { if (this.issuerDnPattern.matcher(issuer).matches() && this.subjectDnPattern.matcher(subject).matches()) { if (LOG.isDebugEnabled()) { LOG.debug(issuer + " matches " + this.issuerDnPattern.pattern() + " and " + subject + " matches " + this.subjectDnPattern.pattern()); } success = true; } else { if (LOG.isDebugEnabled()) { LOG.debug(issuer + " does not match " + this.issuerDnPattern.pattern() + " or " + subject + " does not match " + this.subjectDnPattern.pattern()); } } } else if (this.issuerDnPattern != null) { if (this.issuerDnPattern.matcher(issuer).matches()) { if (LOG.isDebugEnabled()) { LOG.debug(issuer + " matches " + this.issuerDnPattern.pattern()); } success = true; } else { if (LOG.isDebugEnabled()) { LOG.debug(issuer + " does not match " + this.issuerDnPattern.pattern()); } } } else if (this.subjectDnPattern != null) { if (this.subjectDnPattern.matcher(subject).matches()) { if (LOG.isDebugEnabled()) { LOG.debug(subject + " matches " + this.subjectDnPattern.pattern()); } success = true; } else { if (LOG.isDebugEnabled()) { LOG.debug(subject + " does not match " + this.subjectDnPattern.pattern()); } } } else { success = true; } } else if (!this.requireCert) { success = true; } if (!success) { if (response instanceof HttpServletResponse) { ((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDDEN, "Request blocked by filter"); return; } else { throw new ServletException("Request blocked by filter"); } } chain.doFilter(request, response); }
From source file:edu.cornell.mannlib.vitro.webapp.edit.n3editing.configuration.EditConfiguration.java
/** * The editKey can be a HTTP query parameter or it can be a request attribute. *//* ww w .j a va 2 s. c o m*/ public static String getEditKey(ServletRequest request) { String key = null; if (request instanceof HttpServletRequest) { HttpServletRequest hsreq = (HttpServletRequest) request; boolean isMultipart = ServletFileUpload.isMultipartContent(hsreq); if (isMultipart) { //multipart parsing will consume all request parameters so //the editKey needs to be stashed in the request attributes. key = (String) request.getAttribute("editKey"); if (key == null) { // handle the cancel button where nothing is really uploaded key = request.getParameter("editKey"); } } else { key = (String) request.getAttribute("editKey"); if (key != null) { return key; } else { key = request.getParameter("editKey"); } } } if (key != null && key.trim().length() > 0) { return key; } else { log.debug("cannnot find editKey in request query parameters or from request"); return null; } }
From source file:de.itsvs.cwtrpc.security.RpcSessionManagementFilter.java
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { final boolean continueChain; if (request.getAttribute(PROCESSED_ALREADY_ATTR_NAME) == null) { request.setAttribute(PROCESSED_ALREADY_ATTR_NAME, Boolean.TRUE); continueChain = process((HttpServletRequest) request, (HttpServletResponse) response); } else {// www .ja va 2s .c om continueChain = true; } if (continueChain) { chain.doFilter(request, response); } }
From source file:org.codice.ddf.security.filter.authorization.AuthorizationFilter.java
@SuppressWarnings("PackageAccessibility") @Override/*from w ww . j a v a2 s. c o m*/ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; Subject subject = null; if (request.getAttribute(ContextPolicy.NO_AUTH_POLICY) != null) { LOGGER.debug("NO_AUTH_POLICY header was found, skipping authorization filter."); chain.doFilter(request, response); } else { try { subject = SecurityUtils.getSubject(); } catch (Exception e) { LOGGER.debug("Unable to retrieve user from request.", e); } boolean permitted = true; String path = StringUtils.isNotBlank(httpRequest.getContextPath()) ? httpRequest.getContextPath() : httpRequest.getServletPath() + StringUtils.defaultString(httpRequest.getPathInfo()); if (StringUtils.isEmpty(path)) { path = httpRequest.getRequestURI(); } ContextPolicy policy = contextPolicyManager.getContextPolicy(path); if (policy != null && subject != null) { CollectionPermission permissions = policy.getAllowedAttributePermissions(); if (!permissions.isEmpty()) { permitted = subject.isPermitted(permissions); } } else { LOGGER.warn( "Unable to determine policy for path {}. User is not permitted to continue. Check policy configuration!", path); permitted = false; } if (!permitted) { LOGGER.debug("Subject not authorized."); returnNotAuthorized(httpResponse); } else { LOGGER.debug("Subject is authorized!"); chain.doFilter(request, response); } } }
From source file:org.sonatype.nexus.security.filter.authc.NexusHttpAuthenticationFilter.java
@Override protected boolean isRememberMe(ServletRequest request) { if (request.getAttribute(ANONYMOUS_LOGIN) == null) { // it is not an anonymous login // return true; // NEXUS-607: fix for cookies, when sent from client. They will expire once // and we are not sending them anymore. return false; } else {/* ww w .j av a2s. c o m*/ // it is anon login. no rembemberMe return false; } }