Java Code Examples for io.undertow.servlet.handlers.ServletRequestContext#getServletResponse()

The following examples show how to use io.undertow.servlet.handlers.ServletRequestContext#getServletResponse() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ServletConfidentialityConstraintHandler.java    From quarkus-http with Apache License 2.0 6 votes vote down vote up
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    final AuthorizationManager authorizationManager = servletRequestContext.getDeployment().getDeploymentInfo().getAuthorizationManager();

    TransportGuaranteeType connectionGuarantee = servletRequestContext.getOriginalRequest().isSecure() ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE;
    TransportGuaranteeType transportGuarantee = authorizationManager.transportGuarantee(connectionGuarantee,
            servletRequestContext.getTransportGuarenteeType(), servletRequestContext.getOriginalRequest());
    servletRequestContext.setTransportGuarenteeType(transportGuarantee);

    if (TransportGuaranteeType.REJECTED == transportGuarantee) {
        HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse();
        response.sendError(StatusCodes.FORBIDDEN);
        return;
    }
    super.handleRequest(exchange);
}
 
Example 2
Source File: ServletFormAuthenticationMechanism.java    From quarkus-http with Apache License 2.0 6 votes vote down vote up
@Override
protected void handleRedirectBack(final HttpServerExchange exchange) {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    HttpServletResponse resp = (HttpServletResponse) servletRequestContext.getServletResponse();
    HttpSessionImpl httpSession = servletRequestContext.getCurrentServletContext().getSession(exchange, false);
    if (httpSession != null) {
        Session session;
        if (System.getSecurityManager() == null) {
            session = httpSession.getSession();
        } else {
            session = AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(httpSession));
        }
        String path = (String) session.getAttribute(SESSION_KEY);
        if (path != null) {
            try {
                resp.sendRedirect(path);
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
    }

}
 
Example 3
Source File: ServletSecurityRoleHandler.java    From quarkus-http with Apache License 2.0 6 votes vote down vote up
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    ServletRequest request = servletRequestContext.getServletRequest();
    if (request.getDispatcherType() == DispatcherType.REQUEST) {
        List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains();
        SecurityContext sc = exchange.getSecurityContext();
        if (!authorizationManager.canAccessResource(constraints, sc.getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) {

            HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse();
            response.sendError(StatusCodes.FORBIDDEN);
            return;
        }
    }
    next.handleRequest(exchange);
}
 
Example 4
Source File: ServletConfidentialityConstraintHandler.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    final AuthorizationManager authorizationManager = servletRequestContext.getDeployment().getDeploymentInfo().getAuthorizationManager();

    TransportGuaranteeType connectionGuarantee = servletRequestContext.getOriginalRequest().isSecure() ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE;
    TransportGuaranteeType transportGuarantee = authorizationManager.transportGuarantee(connectionGuarantee,
            servletRequestContext.getTransportGuarenteeType(), servletRequestContext.getOriginalRequest());
    servletRequestContext.setTransportGuarenteeType(transportGuarantee);

    if (TransportGuaranteeType.REJECTED == transportGuarantee) {
        HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse();
        response.sendError(StatusCodes.FORBIDDEN);
        return;
    }
    super.handleRequest(exchange);
}
 
Example 5
Source File: ServletFormAuthenticationMechanism.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
@Override
protected void handleRedirectBack(final HttpServerExchange exchange) {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    HttpServletResponse resp = (HttpServletResponse) servletRequestContext.getServletResponse();
    HttpSessionImpl httpSession = servletRequestContext.getCurrentServletContext().getSession(exchange, false);
    if (httpSession != null) {
        Session session;
        if (System.getSecurityManager() == null) {
            session = httpSession.getSession();
        } else {
            session = AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(httpSession));
        }
        String path = (String) session.getAttribute(SESSION_KEY);
        if (path != null) {
            try {
                resp.sendRedirect(path);
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
    }

}
 
Example 6
Source File: ServletSecurityRoleHandler.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    ServletRequest request = servletRequestContext.getServletRequest();
    if (request.getDispatcherType() == DispatcherType.REQUEST) {
        List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains();
        SecurityContext sc = exchange.getSecurityContext();
        if (!authorizationManager.canAccessResource(constraints, sc.getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) {

            HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse();
            response.sendError(StatusCodes.FORBIDDEN);
            return;
        }
    }
    next.handleRequest(exchange);
}
 
Example 7
Source File: HttpServletRequestImpl.java    From quarkus-http with Apache License 2.0 5 votes vote down vote up
@Override
public AsyncContext startAsync() throws IllegalStateException {
    if (!isAsyncSupported()) {
        throw UndertowServletMessages.MESSAGES.startAsyncNotAllowed();
    } else if (asyncStarted) {
        throw UndertowServletMessages.MESSAGES.asyncAlreadyStarted();
    }
    asyncStarted = true;
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    return asyncContext = new AsyncContextImpl(exchange, servletRequestContext.getServletRequest(), servletRequestContext.getServletResponse(), servletRequestContext, false, asyncContext);
}
 
Example 8
Source File: HttpServletRequestImpl.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
@Override
public AsyncContext startAsync() throws IllegalStateException {
    if (!isAsyncSupported()) {
        throw UndertowServletMessages.MESSAGES.startAsyncNotAllowed();
    } else if (asyncStarted) {
        throw UndertowServletMessages.MESSAGES.asyncAlreadyStarted();
    }
    asyncStarted = true;
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    return asyncContext = new AsyncContextImpl(exchange, servletRequestContext.getServletRequest(), servletRequestContext.getServletResponse(), servletRequestContext, false, asyncContext);
}
 
Example 9
Source File: ServletHttpFacade.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public ServletHttpFacade(HttpServerExchange exchange) {
    super(exchange);
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    request = (HttpServletRequest)servletRequestContext.getServletRequest();
    response = (HttpServletResponse)servletRequestContext.getServletResponse();
}
 
Example 10
Source File: ServletSamlSessionStore.java    From keycloak with Apache License 2.0 4 votes vote down vote up
private HttpServletResponse getResponse() {
    final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    return (HttpServletResponse)servletRequestContext.getServletResponse();

}
 
Example 11
Source File: UndertowLogbackAccessEvent.java    From logback-access-spring-boot-starter with Apache License 2.0 2 votes vote down vote up
/**
 * Extracts the HTTP servlet response from the HTTP server exchange.
 *
 * @param exchange the HTTP server exchange.
 * @return the HTTP servlet response.
 */
private static HttpServletResponse extractHttpServletResponse(HttpServerExchange exchange) {
    ServletRequestContext context = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
    return (HttpServletResponse) context.getServletResponse();
}