List of usage examples for javax.servlet ServletRequest getParameter
public String getParameter(String name);
String, or null if the parameter does not exist. From source file:nl.surfnet.coin.api.saml.SAMLAssertionAuthenticationFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; if (!openSAMLContext.isSAMLResponse(req)) { LOG.debug("Request is not a SAML response. Will continue filter chain."); chain.doFilter(request, response); return;//from ww w. ja va 2 s. c o m } SAMLAuthenticationToken samlAuthenticationToken = new SAMLAuthenticationToken( getPreAuthenticatedPrincipal(req), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"))); samlAuthenticationToken.setAuthenticated(true); samlAuthenticationToken.setDetails(authenticationDetailsSource.buildDetails(req)); SecurityContextHolder.getContext().setAuthentication(samlAuthenticationToken); String originalUrl = request.getParameter("RelayState"); try { LOG.debug("Redirecting to original url {}", originalUrl); ((HttpServletResponse) response).sendRedirect(originalUrl); } catch (IOException e) { LOG.info("Cannot redirect to original url", e); } }
From source file:com.netspective.sparx.form.DialogContext.java
public void performDefaultRedirect(Writer writer, String redirect) throws IOException { if (!redirectAfterExecute) return;/*w w w . ja v a 2 s .c o m*/ ServletRequest request = getRequest(); String redirectToUrl = redirect != null ? redirect : request.getParameter(DEFAULT_REDIRECT_PARAM_NAME); if (redirectToUrl == null) { redirectToUrl = request.getParameter(dialog.getPostExecuteRedirectUrlParamName()); if (redirectToUrl == null) redirectToUrl = getNextActionUrl(state.getReferer()); } if (redirectDisabled || redirectToUrl == null) { writer.write("<p><b>Redirect is disabled</b>."); writer.write("<br><code>redirect</code> method parameter is <code>" + redirect + "</code>"); writer.write("<br><code>redirect</code> URL parameter is <code>" + request.getParameter(DEFAULT_REDIRECT_PARAM_NAME) + "</code>"); writer.write("<br><code>redirect</code> form field is <code>" + request.getParameter(dialog.getPostExecuteRedirectUrlParamName()) + "</code>"); writer.write("<br><code>getNextActionUrl</code> method result is <code>" + getNextActionUrl(null) + "</code>"); writer.write("<br><code>original referer</code> url is <code>" + state.getReferer() + "</code>"); writer.write("<p><font color=red>Would have redirected to <code>" + redirectToUrl + "</code>.</font>"); return; } HttpServletResponse response = (HttpServletResponse) getResponse(); if (response.isCommitted()) skin.renderRedirectHtml(writer, this, response.encodeRedirectURL(redirectToUrl)); else sendRedirect(redirectToUrl); }
From source file:pt.webdetails.cfr.CfrContentGenerator.java
private Map<String, Object> getRenderRequestParameters(String dashboardName) { Map<String, Object> params = new HashMap<String, Object>(); params.put("solution", "system"); params.put("path", UI_PATH); params.put("file", dashboardName); params.put("bypassCache", "true"); params.put("absolute", "false"); params.put("inferScheme", "false"); params.put("root", getRoot()); // add request parameters ServletRequest request = getRequest(); @SuppressWarnings("unchecked") // should always be String Enumeration<String> originalParams = request.getParameterNames(); // Iterate and put the values there while (originalParams.hasMoreElements()) { String originalParam = originalParams.nextElement(); params.put(originalParam, request.getParameter(originalParam)); }// w w w. j a va 2s. co m return params; }
From source file:org.broadleafcommerce.profile.web.core.security.RestApiCustomerStateFilter.java
@Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { String customerId = null;/*from w w w.ja v a2 s. com*/ HttpServletRequest request = (HttpServletRequest) servletRequest; //If someone already set the customer on the request then we don't need to do anything. if (request.getAttribute(CustomerStateRequestProcessor.getCustomerRequestAttributeName()) == null) { //First check to see if someone already put the customerId on the request if (request.getAttribute(customerIdAttributeName) != null) { customerId = String.valueOf(request.getAttribute(customerIdAttributeName)); } if (customerId == null) { //If it's not on the request attribute, try the parameter customerId = servletRequest.getParameter(customerIdAttributeName); } if (customerId == null) { //If it's not on the request parameter, look on the header customerId = request.getHeader(customerIdAttributeName); } if (customerId != null && customerId.trim().length() > 0) { if (NumberUtils.isNumber(customerId)) { //If we found it, look up the customer and put it on the request. Customer customer = customerService.readCustomerById(Long.valueOf(customerId)); if (customer != null) { CustomerState.setCustomer(customer); } } else { LOG.warn(String.format("The customer id passed in '%s' was not a number", customerId)); } } if (customerId == null) { if (LOG.isDebugEnabled()) { LOG.debug( "No customer ID was found for the API request. In order to look up a customer for the request" + " send a request parameter or request header for the '" + customerIdAttributeName + "' attribute"); } } } filterChain.doFilter(request, servletResponse); }
From source file:org.eclipse.skalli.view.internal.filter.ProjectDetailsFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; String userId = (String) request.getAttribute(Consts.ATTRIBUTE_USERID); Project project = (Project) request.getAttribute(Consts.ATTRIBUTE_PROJECT); boolean isProjectAdmin = BooleanUtils .toBoolean((Boolean) request.getAttribute(Consts.ATTRIBUTE_PROJECTADMIN)); boolean isProjectAdminInParentChain = BooleanUtils .toBoolean((Boolean) request.getAttribute(Consts.ATTRIBUTE_PARENTPROJECTADMIN)); String action = request.getParameter(Consts.PARAM_ACTION); String windowName = StringUtils.strip(httpRequest.getPathInfo(), "/"); //$NON-NLS-1$ if (project != null) { if (!project.isDeleted()) { windowName = project.getProjectId(); } else {// w w w . j a v a2s. co m windowName = project.getUuid().toString(); } ProjectTemplateService templateService = Services.getRequiredService(ProjectTemplateService.class); ProjectTemplate projectTemplate = templateService .getProjectTemplateById(project.getProjectTemplateId()); request.setAttribute(Consts.ATTRIBUTE_PROJECTTEMPLATE, projectTemplate); request.setAttribute(Consts.ATTRIBUTE_NATURE, projectTemplate.getProjectNature().toString()); if (userId != null) { FavoritesService favoritesService = Services.getService(FavoritesService.class); Favorites favorites = null; if (favoritesService == null) { favorites = new Favorites(userId); } else { favorites = favoritesService.getFavorites(userId); } request.setAttribute(Consts.ATTRIBUTE_FAVORITES, favorites.asMap()); boolean showIssues = isProjectAdmin || isProjectAdminInParentChain; request.setAttribute(Consts.ATTRIBUTE_SHOW_ISSUES, isProjectAdmin); if (showIssues) { IssuesService issuesService = Services.getService(IssuesService.class); if (issuesService != null) { if (Consts.PARAM_VALUE_VALIDATE.equals(action)) { ValidationService validationService = Services.getService(ValidationService.class); if (validationService != null) { validationService.validate(Project.class, project.getUuid(), Severity.INFO, userId); } } Issues issues = issuesService.getByUUID(project.getUuid()); if (issues != null && issues.hasIssues()) { request.setAttribute(Consts.ATTRIBUTE_ISSUES, issues); request.setAttribute(Consts.ATTRIBUTE_MAX_SEVERITY, issues.getIssues().first().getSeverity().name()); } } } request.setAttribute(Consts.ATTRIBUTE_PROJECTCONTEXTLINKS, getOrderedVisibleProjectContextLinks(project, userId)); } String pathInfo = httpRequest.getPathInfo(); if (pathInfo != null) { int infoBoxIndex = pathInfo.indexOf(Consts.URL_INFOBOXES); if (infoBoxIndex > 0) { if (StringUtils.isNotBlank(action)) { String infoBoxShortName = pathInfo.substring(infoBoxIndex + Consts.URL_INFOBOXES.length()); if (infoBoxShortName.startsWith(FilterUtil.PATH_SEPARATOR)) { infoBoxShortName = infoBoxShortName.substring(1); } filterInfobox(project, infoBoxShortName, action, userId); } } } } request.setAttribute(Consts.ATTRIBUTE_WINDOWNAME, windowName); request.setAttribute(Consts.ATTRIBUTE_EDITMODE, false); String appUri = Consts.URL_VAADIN_PROJECTS + windowName; if (StringUtils.isNotBlank(action)) { if (action.equals(Consts.PARAM_VALUE_EDIT)) { request.setAttribute(Consts.ATTRIBUTE_EDITMODE, true); appUri = appUri + "/edit"; //$NON-NLS-1$ } } request.setAttribute(Consts.ATTRIBUTE_APP_URI, appUri); // proceed along the chain chain.doFilter(request, response); }
From source file:mitm.djigzo.web.services.security.InvalidateUserSpringSecurityFilter.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { if (!(request instanceof HttpServletRequest)) { throw new ServletException("HttpServletRequest expected."); }/*from w w w . j a va 2s . c o m*/ if (!(response instanceof HttpServletResponse)) { throw new ServletException("HttpServletResponse expected."); } HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; String loggedInUserName = null; Authentication loggedInUser = SecurityContextHolder.getContext().getAuthentication(); if (loggedInUser != null) { loggedInUserName = loggedInUser.getName(); } if (loggedInUserName != null) { String email = StringUtils.trimToNull(request.getParameter(usernameRequestParameter)); if (email != null) { email = EmailAddressUtils.canonicalize(email); if (!email.equals(loggedInUserName)) { /* * The user has changed, so invalidate session */ HttpSession session = httpServletRequest.getSession(false); if (session != null) { session.invalidate(); } SecurityContextHolder.clearContext(); /* * We need to 'reload' the complete request to make sure the user need to login */ StringBuffer redirectURL = httpServletRequest.getRequestURL(); if (httpServletRequest.getQueryString() != null) { redirectURL.append("?").append(httpServletRequest.getQueryString()); } httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(redirectURL.toString())); return; } } } chain.doFilter(request, response); }
From source file:org.ligoj.app.http.security.CaptchaFilter.java
@Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { final HttpServletRequest httpServletRequest = (HttpServletRequest) request; final HttpSession session = httpServletRequest.getSession(false); final Captcha captcha = session == null ? null : (Captcha) session.getAttribute(Captcha.NAME); if (captcha == null) { // No session -> no CAPTCHA to match log.info("No configured for this session"); fail(response, "session", "null"); } else {/*from w w w. jav a 2s . c o m*/ session.removeAttribute(Captcha.NAME); if (captcha.isCorrect(StringUtils.trimToEmpty(httpServletRequest.getHeader(CAPTCHA_HEADER)))) { chain.doFilter(request, response); } else { // CAPTCHA does not match -> the CAPTCHA must be regenerated. log.info("Invalid captcha received from {} '{}' instead of {}", httpServletRequest.getRemoteHost(), request.getParameter(CAPTCHA_HEADER), captcha.getAnswer()); fail(response, CAPTCHA_HEADER, "invalid"); } } }
From source file:org.sakaiproject.portlets.IMSBLTIPortlet.java
public void doView(RenderRequest request, RenderResponse response) throws PortletException, IOException { dPrint("==== doView called ===="); response.setContentType("text/html; charset=UTF-8"); // Grab that underlying request to get a GET parameter ServletRequest req = (ServletRequest) ThreadLocalManager.get(CURRENT_HTTP_REQUEST); String popupDone = req.getParameter("sakai.popup"); PrintWriter out = response.getWriter(); String title = getTitleString(request); if (title != null) response.setTitle(title);/* w ww . j av a 2s.com*/ String context = getContext(); Placement placement = ToolManager.getCurrentPlacement(); // Get the properties Properties sakaiProperties = getSakaiProperties(); String placementSecret = getSakaiProperty(sakaiProperties, "imsti.placementsecret"); String allowOutcomes = getSakaiProperty(sakaiProperties, "imsti.allowoutcomes"); String allowSettings = getSakaiProperty(sakaiProperties, "imsti.allowsettings"); String allowRoster = getSakaiProperty(sakaiProperties, "imsti.allowroster"); String assignment = getSakaiProperty(sakaiProperties, "imsti.assignent"); String launch = getSakaiProperty(sakaiProperties, "imsti.launch"); if (placementSecret == null && ("on".equals(allowOutcomes) || "on".equals(allowSettings) || "on".equals(allowRoster))) { String uuid = UUID.randomUUID().toString(); Date date = new Date(); SimpleDateFormat sdf = new SimpleDateFormat(ISO_8601_FORMAT); String date_secret = sdf.format(date); placement.getPlacementConfig().setProperty("imsti.placementsecret", uuid); placement.getPlacementConfig().setProperty("imsti.placementsecretdate", date_secret); placement.save(); } // Check to see if our launch will be successful String[] retval = SakaiBLTIUtil.postLaunchHTML(placement.getId(), rb); if (retval.length > 1) { String iframeUrl = "/access/basiclti/site/" + context + "/" + placement.getId(); String frameHeight = getCorrectProperty(request, "frameheight", null); dPrint("fh=" + frameHeight); String newPage = getCorrectProperty(request, "newpage", null); String serverUrl = ServerConfigurationService.getServerUrl(); boolean forcePopup = false; if (request.isSecure() || (serverUrl != null && serverUrl.startsWith("https://"))) { if (launch != null && launch.startsWith("http://")) { forcePopup = true; } } // Change "newpage" if forcePopup so the portal will do our pop up next time if (forcePopup && !"on".equals(newPage)) { placement.getPlacementConfig().setProperty("imsti.newpage", "on"); placement.save(); } String maximize = getCorrectProperty(request, "maximize", null); StringBuffer text = new StringBuffer(); Session session = SessionManager.getCurrentSession(); session.setAttribute("sakai:maximized-url", iframeUrl); dPrint("Setting sakai:maximized-url=" + iframeUrl); if ("on".equals(newPage) || forcePopup) { String windowOpen = "window.open('" + iframeUrl + "','BasicLTI');"; if (popupDone == null) { text.append("<p>\n"); text.append("<script type=\"text/javascript\">\n"); text.append(windowOpen + "\n"); text.append("</script>\n"); } String siteName = ServerConfigurationService.getString(SITE_NAME, SAKAI); title = title != null ? title : rb.getString("tool.name", "your tool"); String newPageLaunchText = rb.getFormattedMessage("new.page.launch", new Object[] { FormattedText.escapeHtml(title, false), FormattedText.escapeHtml(siteName, false) }); text.append(newPageLaunchText); text.append("</p>\n"); text.append("<input type=\"submit\" onclick=\"" + windowOpen + "\" target=\"BasicLTI\" value=\"Launch " + title + "\"/>"); } else { if ("on".equals(maximize)) { text.append("<script type=\"text/javascript\" language=\"JavaScript\">\n"); text.append("try { portalMaximizeTool(); } catch (err) { }\n"); text.append("</script>\n"); } text.append("<iframe "); if (frameHeight == null) frameHeight = "1200"; text.append("height=\"" + frameHeight + "\" \n"); text.append("width=\"100%\" frameborder=\"0\" marginwidth=\"0\"\n"); text.append("marginheight=\"0\" scrolling=\"auto\"\n"); text.append("src=\"" + iframeUrl + "\">\n"); text.append(rb.getString("noiframes")); text.append("<br>"); text.append("<a href=\"" + iframeUrl + "\">"); text.append(rb.getString("noiframe.press.here")); text.append("</a>\n"); text.append("</iframe>"); } out.println(text); dPrint("==== doView complete ===="); return; } else { out.println(rb.getString("not.configured")); } clearErrorMessage(request); dPrint("==== doView complete ===="); }
From source file:org.sakaiproject.kernel.webapp.filter.SakaiAuthenticationFilter.java
/** * {@inheritDoc}/*from ww w .j a v a2 s . c om*/ * * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, * javax.servlet.ServletResponse, javax.servlet.FilterChain) */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest hrequest = (HttpServletRequest) request; HttpServletResponse hresponse = (HttpServletResponse) response; if (hrequest.getHeader("Authorization") != null) { try { doBasicAuth(hrequest); } catch (SecurityException se) { // catch any Security exceptions and send a 401 LOG.info("Login Failed: " + se.getMessage()); hresponse.reset(); hresponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, se.getMessage()); return; } } else { if ("1".equals(hrequest.getParameter("l"))) { try { AuthenticationType authNType = AuthenticationType.valueOf(request.getParameter("a")); if (debug) { LOG.debug("Authentication Filter: " + authNType); } switch (authNType) { case BASIC: doBasicAuth(hrequest); break; case FORM: doForm(hrequest); break; case TRUSTED: doTrusted(hrequest); break; } } catch (SecurityException se) { // catch any Security exceptions and send a 401 LOG.info("Login Failed " + se.getMessage()); hresponse.reset(); hresponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, se.getMessage()); return; } catch (IllegalArgumentException e) { LOG.info("Authentication type " + request.getParameter("a") + " is not supported by this filter"); } } } chain.doFilter(request, response); }
From source file:com.redhat.rhn.frontend.taglibs.ListDisplayTag.java
private void renderAlphabar(Writer out) throws IOException { StringBuilder target = new StringBuilder(); target.append("<div class=\"spacewalk-alphabar\">"); target.append("<ul class=\"pagination pagination-sm\">"); StringBuilder enabled = new StringBuilder("<li><a href=\""); enabled.append("?lower={1}"); /**/*from ww w . j a va2 s . c o m*/ * Add any query args we got to alphabar links. * We do it this way to ensure that any variables set on the page * carry from form submission (by pressing the pagination buttons) * to the alphabar links and vice-versa. */ ServletRequest rq = pageContext.getRequest(); String formvars = rq.getParameter("formvars"); if (formvars != null) { //get vars from form submission String[] keys = formvars.split(",\\s?"); for (int j = 0; j < keys.length; j++) { if (keys[j].equals("submitted")) { continue; } if (!PAGINATION_WASH_SET.contains(keys[j])) { String encodedParam = StringUtil.urlEncode(rq.getParameter(keys[j])); enabled.append("&" + keys[j] + "=" + encodedParam); } } } else { //get vars from url Map qvars = rq.getParameterMap(); qvars.remove("lower"); //don't repeat lower Iterator iter = qvars.keySet().iterator(); while (iter.hasNext()) { String key = (String) iter.next(); if (key.equals("submitted")) { continue; } if (!PAGINATION_WASH_SET.contains(key)) { String encodedParam = StringUtil.urlEncode(rq.getParameter(key)); enabled.append("&" + key + "=" + encodedParam); } } } enabled.append("\">{0}</a><li>"); AlphaBar ab = new AlphaBar(enabled.toString(), "<li class=\"disabled\"><span>{0}</span></li>"); target.append(ab.getAlphaList(getPageList().getIndex())); target.append("</ul>"); target.append("</div>"); out.append(target.toString()); }