Example usage for javax.servlet ServletRequest getAttribute

List of usage examples for javax.servlet ServletRequest getAttribute

Introduction

In this page you can find the example usage for javax.servlet ServletRequest getAttribute.

Prototype

public Object getAttribute(String name);

Source Link

Document

Returns the value of the named attribute as an Object, or null if no attribute of the given name exists.

Usage

From source file:org.jsecurity.web.servlet.OncePerRequestFilter.java

/**
 * This <code>doFilter</code> implementation stores a request attribute for
 * "already filtered", proceeding without filtering again if the
 * attribute is already there./* w  w w .  j a  v  a2  s.  co m*/
 *
 * @see #getAlreadyFilteredAttributeName
 * @see #shouldNotFilter
 * @see #doFilterInternal
 */
public final void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
        throws ServletException, IOException {

    String alreadyFilteredAttributeName = getAlreadyFilteredAttributeName();
    if (request.getAttribute(alreadyFilteredAttributeName) != null || shouldNotFilter(request)) {
        if (log.isTraceEnabled()) {
            log.trace("Filter already executed.  Proceeding without invoking this filter.");
        }
        // Proceed without invoking this filter...
        filterChain.doFilter(request, response);
    } else {
        // Do invoke this filter...
        if (log.isTraceEnabled()) {
            log.trace("Filter not yet executed.  Executing now.");
        }
        request.setAttribute(alreadyFilteredAttributeName, Boolean.TRUE);
        doFilterInternal(request, response, filterChain);
    }
}

From source file:gov.nih.nci.cabig.caaers.web.study.SolicitedAdverseEventTab.java

/**
 * Returns the value associated with the <code>attributeName</code>, if present in
 * HttpRequest parameter, if not available, will check in HttpRequest attribute map.
 *///w ww.ja va  2  s. c  o  m
protected Object findInRequest(final ServletRequest request, final String attributName) {
    Object attr = request.getParameter(attributName);
    if (attr == null) {
        attr = request.getAttribute(attributName);
    }
    return attr;
}

From source file:com.xpn.xwiki.web.ActionFilter.java

/**
 * {@inheritDoc}//ww  w.  java2s  .  co  m
 * 
 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
 */
@SuppressWarnings("unchecked")
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {
    // Only HTTP requests can be dispatched.
    if (request instanceof HttpServletRequest
            && !Boolean.valueOf((String) request.getAttribute(ATTRIBUTE_ACTION_DISPATCHED))) {
        HttpServletRequest hrequest = (HttpServletRequest) request;
        Enumeration<String> parameterNames = hrequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String parameter = parameterNames.nextElement();
            if (parameter.startsWith(ACTION_PREFIX)) {
                String targetURL = getTargetURL(hrequest, parameter);
                RequestDispatcher dispatcher = hrequest.getRequestDispatcher(targetURL);
                if (dispatcher != null) {
                    LOG.debug("Forwarding request to " + targetURL);
                    request.setAttribute(ATTRIBUTE_ACTION_DISPATCHED, "true");
                    dispatcher.forward(hrequest, response);
                    // Allow multiple calls to this filter as long as they are not nested.
                    request.removeAttribute(ATTRIBUTE_ACTION_DISPATCHED);
                    // If the request was forwarder to another path, don't continue the normal processing chain.
                    return;
                }
            }
        }
    }
    // Let the request pass through unchanged.
    chain.doFilter(request, response);
}

From source file:edu.emory.cci.aiw.cvrg.eureka.servlet.filter.UserInfoFilter.java

@Override
public void doFilter(ServletRequest inRequest, ServletResponse inResponse, FilterChain inFilterChain)
        throws IOException, ServletException {
    HttpServletRequest servletRequest = (HttpServletRequest) inRequest;
    String remoteUser = servletRequest.getRemoteUser();
    boolean userIsActivated = false;
    if (!StringUtils.isEmpty(remoteUser)) {
        User user = (User) inRequest.getAttribute("user");
        if (user != null && user.isActive()) {
            userIsActivated = true;//w  w  w . j a va  2s  .co m
        }
    }

    inRequest.setAttribute("userIsActivated", userIsActivated);
    inFilterChain.doFilter(inRequest, inResponse);
}

From source file:org.codice.ddf.security.idp.client.IdpHandler.java

@Override
public HandlerResult handleError(ServletRequest servletRequest, ServletResponse servletResponse,
        FilterChain chain) throws ServletException {
    String realm = (String) servletRequest.getAttribute(ContextPolicy.ACTIVE_REALM);
    HandlerResult result = new HandlerResult(HandlerResult.Status.NO_ACTION, null);
    result.setSource(realm + "-" + SOURCE);
    LOGGER.debug("In error handler for idp - no action taken.");
    return result;
}

From source file:edu.vt.middleware.servlet.filter.ClientCertFilter.java

/**
 * Handle all requests sent to this filter.
 *
 * @param  request  <code>ServletRequest</code>
 * @param  response  <code>ServletResponse</code>
 * @param  chain  <code>FilterChain</code>
 *
 * @throws  ServletException  if an error occurs
 * @throws  IOException  if an error occurs
 *///from   w  w  w .j  a  v a 2  s .c  o  m
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
        throws IOException, ServletException {
    boolean success = false;
    final X509Certificate[] certChain = (X509Certificate[]) request
            .getAttribute("javax.servlet.request.X509Certificate");
    if (LOG.isDebugEnabled()) {
        if (certChain != null && certChain[0] != null) {
            if (LOG.isDebugEnabled()) {
                LOG.debug(
                        "Received the following client certificate: " + certChain[0].getSubjectDN().getName());
            }
        } else {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Did not receive a client certificate");
            }
        }
    }

    if (certChain != null && certChain[0] != null) {
        final String issuer = certChain[0].getIssuerX500Principal().getName();
        final String subject = certChain[0].getSubjectX500Principal().getName();
        if (this.issuerDnPattern != null && this.subjectDnPattern != null) {
            if (this.issuerDnPattern.matcher(issuer).matches()
                    && this.subjectDnPattern.matcher(subject).matches()) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(issuer + " matches " + this.issuerDnPattern.pattern() + " and " + subject
                            + " matches " + this.subjectDnPattern.pattern());
                }
                success = true;
            } else {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(issuer + " does not match " + this.issuerDnPattern.pattern() + " or " + subject
                            + " does not match " + this.subjectDnPattern.pattern());
                }
            }
        } else if (this.issuerDnPattern != null) {
            if (this.issuerDnPattern.matcher(issuer).matches()) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(issuer + " matches " + this.issuerDnPattern.pattern());
                }
                success = true;
            } else {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(issuer + " does not match " + this.issuerDnPattern.pattern());
                }
            }
        } else if (this.subjectDnPattern != null) {
            if (this.subjectDnPattern.matcher(subject).matches()) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(subject + " matches " + this.subjectDnPattern.pattern());
                }
                success = true;
            } else {
                if (LOG.isDebugEnabled()) {
                    LOG.debug(subject + " does not match " + this.subjectDnPattern.pattern());
                }
            }
        } else {
            success = true;
        }
    } else if (!this.requireCert) {
        success = true;
    }

    if (!success) {
        if (response instanceof HttpServletResponse) {
            ((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDDEN,
                    "Request blocked by filter");
            return;
        } else {
            throw new ServletException("Request blocked by filter");
        }
    }
    chain.doFilter(request, response);
}

From source file:edu.cornell.mannlib.vitro.webapp.edit.n3editing.configuration.EditConfiguration.java

/**
 * The editKey can be a HTTP query parameter or it can be a request attribute.
 *//* ww w  .j  a  va 2  s. c  o  m*/
public static String getEditKey(ServletRequest request) {
    String key = null;
    if (request instanceof HttpServletRequest) {
        HttpServletRequest hsreq = (HttpServletRequest) request;
        boolean isMultipart = ServletFileUpload.isMultipartContent(hsreq);
        if (isMultipart) {
            //multipart parsing will consume all request parameters so
            //the editKey needs to be stashed in the request attributes.
            key = (String) request.getAttribute("editKey");
            if (key == null) {
                // handle the cancel button where nothing is really uploaded
                key = request.getParameter("editKey");
            }
        } else {
            key = (String) request.getAttribute("editKey");
            if (key != null) {
                return key;
            } else {
                key = request.getParameter("editKey");
            }
        }
    }

    if (key != null && key.trim().length() > 0) {
        return key;
    } else {
        log.debug("cannnot find editKey in request query parameters or from request");
        return null;
    }
}

From source file:de.itsvs.cwtrpc.security.RpcSessionManagementFilter.java

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {
    final boolean continueChain;

    if (request.getAttribute(PROCESSED_ALREADY_ATTR_NAME) == null) {
        request.setAttribute(PROCESSED_ALREADY_ATTR_NAME, Boolean.TRUE);
        continueChain = process((HttpServletRequest) request, (HttpServletResponse) response);
    } else {// www  .ja va  2s  .c  om
        continueChain = true;
    }

    if (continueChain) {
        chain.doFilter(request, response);
    }
}

From source file:org.codice.ddf.security.filter.authorization.AuthorizationFilter.java

@SuppressWarnings("PackageAccessibility")
@Override/*from w ww .  j  a v  a2 s. c o  m*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;

    Subject subject = null;

    if (request.getAttribute(ContextPolicy.NO_AUTH_POLICY) != null) {
        LOGGER.debug("NO_AUTH_POLICY header was found, skipping authorization filter.");
        chain.doFilter(request, response);
    } else {
        try {
            subject = SecurityUtils.getSubject();
        } catch (Exception e) {
            LOGGER.debug("Unable to retrieve user from request.", e);
        }

        boolean permitted = true;

        String path = StringUtils.isNotBlank(httpRequest.getContextPath()) ? httpRequest.getContextPath()
                : httpRequest.getServletPath() + StringUtils.defaultString(httpRequest.getPathInfo());
        if (StringUtils.isEmpty(path)) {
            path = httpRequest.getRequestURI();
        }

        ContextPolicy policy = contextPolicyManager.getContextPolicy(path);

        if (policy != null && subject != null) {
            CollectionPermission permissions = policy.getAllowedAttributePermissions();
            if (!permissions.isEmpty()) {
                permitted = subject.isPermitted(permissions);
            }
        } else {
            LOGGER.warn(
                    "Unable to determine policy for path {}. User is not permitted to continue. Check policy configuration!",
                    path);
            permitted = false;
        }

        if (!permitted) {
            LOGGER.debug("Subject not authorized.");
            returnNotAuthorized(httpResponse);
        } else {
            LOGGER.debug("Subject is authorized!");
            chain.doFilter(request, response);
        }
    }
}

From source file:org.sonatype.nexus.security.filter.authc.NexusHttpAuthenticationFilter.java

@Override
protected boolean isRememberMe(ServletRequest request) {
    if (request.getAttribute(ANONYMOUS_LOGIN) == null) {
        // it is not an anonymous login
        // return true;
        // NEXUS-607: fix for cookies, when sent from client. They will expire once
        // and we are not sending them anymore.
        return false;
    } else {/* ww w  .j  av a2s.  c o m*/
        // it is anon login. no rembemberMe
        return false;
    }
}