Java Code Examples for org.apache.catalina.connector.Request#getQueryString()

The following examples show how to use org.apache.catalina.connector.Request#getQueryString() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AbstractAccessLogValve.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
@Override
public void addElement(CharArrayWriter buf, Date date, Request request,
        Response response, long time) {
    if (request != null) {
        String method = request.getMethod();
        if (method == null) {
            // No method means no request line
            buf.append('-');
        } else {
            buf.append(request.getMethod());
            buf.append(' ');
            buf.append(request.getRequestURI());
            if (request.getQueryString() != null) {
                buf.append('?');
                buf.append(request.getQueryString());
            }
            buf.append(' ');
            buf.append(request.getProtocol());
        }
    } else {
        buf.append('-');
    }
}
 
Example 2
Source File: MongoAccessLogValve.java    From tomcat-mongo-access-log with Apache License 2.0 6 votes vote down vote up
@Override
public void addElement(StringBuilder buf, DBObject result, Date date, Request request,
        Response response, long time) {
    if (request != null) {
        String method = request.getMethod();
        if (method == null) {
            // No method means no request line
            buf.append('-');
        } else {
            buf.append(request.getMethod());
            buf.append(' ');
            buf.append(request.getRequestURI());
            if (request.getQueryString() != null) {
                buf.append('?');
                buf.append(request.getQueryString());
            }
            buf.append(' ');
            buf.append(request.getProtocol());
        }
    } else {
        buf.append('-');
    }
    result.put("line1st", buf.toString());
    buf.delete(0, buf.length());
}
 
Example 3
Source File: UrlMapperValve.java    From carbon-commons with Apache License 2.0 6 votes vote down vote up
public void requestRewriteForService(Request request, String filterUri) throws Exception {
    //rewriting the request with actual service url in order to retrieve the resource
    MappingData mappingData = request.getMappingData();
    org.apache.coyote.Request coyoteRequest = request.getCoyoteRequest();

    MessageBytes requestPath = MessageBytes.newInstance();
    requestPath.setString(filterUri);
    mappingData.requestPath = requestPath;
    MessageBytes pathInfo = MessageBytes.newInstance();
    pathInfo.setString(filterUri);
    mappingData.pathInfo = pathInfo;

    coyoteRequest.requestURI().setString(filterUri);
    coyoteRequest.decodedURI().setString(filterUri);
    if (request.getQueryString() != null) {
        coyoteRequest.unparsedURI().setString(filterUri + "?" + request.getQueryString());
    } else {
        coyoteRequest.unparsedURI().setString(filterUri);
    }
    request.getConnector().
            getMapper().map(request.getCoyoteRequest().serverName(),
            request.getCoyoteRequest().decodedURI(), null,
            mappingData);
    //connectorReq.setHost((Host)DataHolder.getInstance().getCarbonTomcatService().getTomcat().getEngine().findChild("testapp.wso2.com"));
    request.setCoyoteRequest(coyoteRequest);
}
 
Example 4
Source File: AccessLogValve.java    From Tomcat7.0.67 with Apache License 2.0 6 votes vote down vote up
@Override
public void addElement(StringBuilder buf, Date date, Request request,
        Response response, long time) {
    if (request != null) {
        String method = request.getMethod();
        if (method == null) {
            // No method means no request line
            buf.append('-');
        } else {
            buf.append(request.getMethod());
            buf.append(' ');
            buf.append(request.getRequestURI());
            if (request.getQueryString() != null) {
                buf.append('?');
                buf.append(request.getQueryString());
            }
            buf.append(' ');
            buf.append(request.getProtocol());
        }
    } else {
        buf.append('-');
    }
}
 
Example 5
Source File: AccessLogValve.java    From tomcatsrc with Apache License 2.0 6 votes vote down vote up
@Override
public void addElement(StringBuilder buf, Date date, Request request,
        Response response, long time) {
    if (request != null) {
        String method = request.getMethod();
        if (method == null) {
            // No method means no request line
            buf.append('-');
        } else {
            buf.append(request.getMethod());
            buf.append(' ');
            buf.append(request.getRequestURI());
            if (request.getQueryString() != null) {
                buf.append('?');
                buf.append(request.getQueryString());
            }
            buf.append(' ');
            buf.append(request.getProtocol());
        }
    } else {
        buf.append('-');
    }
}
 
Example 6
Source File: MongoAccessLogValve.java    From tomcat-mongo-access-log with Apache License 2.0 5 votes vote down vote up
@Override
public void addElement(StringBuilder buf, DBObject result, Date date, Request request,
        Response response, long time) {
    String query = null;
    if (request != null) {
        query = request.getQueryString();
    }
    if (query != null) {
        result.put("queryString", query);
    }
}
 
Example 7
Source File: RedisSessionRequestValve.java    From redis-session-manager with Apache License 2.0 5 votes vote down vote up
/**
 * Get the full query string of the request; used only for logging
 * 
 * @param request
 * @return
 */
private String getQueryString(final Request request) {
    final StringBuilder sb = new StringBuilder();
    sb.append(request.getMethod()).append(' ').append(request.getRequestURI());
    if (!isPostMethod(request) && request.getQueryString() != null) {
        sb.append('?').append(request.getQueryString());
    }
    final String result = sb.toString();
    request.setNote(REQUEST_QUERY, result);
    return result;
}
 
Example 8
Source File: StuckThreadDetectionValve.java    From tomcatsrc with Apache License 2.0 5 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public void invoke(Request request, Response response)
        throws IOException, ServletException {

    if (threshold <= 0) {
        // short-circuit if not monitoring stuck threads
        getNext().invoke(request, response);
        return;
    }

    // Save the thread/runnable
    // Keeping a reference to the thread object here does not prevent
    // GC'ing, as the reference is removed from the Map in the finally clause

    Long key = Long.valueOf(Thread.currentThread().getId());
    StringBuffer requestUrl = request.getRequestURL();
    if(request.getQueryString()!=null) {
        requestUrl.append("?");
        requestUrl.append(request.getQueryString());
    }
    MonitoredThread monitoredThread = new MonitoredThread(Thread.currentThread(),
        requestUrl.toString(), interruptThreadThreshold > 0);
    activeThreads.put(key, monitoredThread);

    try {
        getNext().invoke(request, response);
    } finally {
        activeThreads.remove(key);
        if (monitoredThread.markAsDone() == MonitoredThreadState.STUCK) {
            if(monitoredThread.wasInterrupted()) {
                interruptedThreadsCount.incrementAndGet();
            }
            completedStuckThreadsQueue.add(
                    new CompletedStuckThread(monitoredThread.getThread(),
                        monitoredThread.getActiveTimeInMillis()));
        }
    }
}
 
Example 9
Source File: AccessLogValve.java    From tomcatsrc with Apache License 2.0 5 votes vote down vote up
@Override
public void addElement(StringBuilder buf, Date date, Request request,
        Response response, long time) {
    String query = null;
    if (request != null) {
        query = request.getQueryString();
    }
    if (query != null) {
        buf.append('?');
        buf.append(query);
    }
}
 
Example 10
Source File: StuckThreadDetectionValve.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public void invoke(Request request, Response response)
        throws IOException, ServletException {

    if (threshold <= 0) {
        // short-circuit if not monitoring stuck threads
        getNext().invoke(request, response);
        return;
    }

    // Save the thread/runnable
    // Keeping a reference to the thread object here does not prevent
    // GC'ing, as the reference is removed from the Map in the finally clause

    Long key = Long.valueOf(Thread.currentThread().getId());
    StringBuffer requestUrl = request.getRequestURL();
    if(request.getQueryString()!=null) {
        requestUrl.append("?");
        requestUrl.append(request.getQueryString());
    }
    MonitoredThread monitoredThread = new MonitoredThread(Thread.currentThread(),
        requestUrl.toString(), interruptThreadThreshold > 0);
    activeThreads.put(key, monitoredThread);

    try {
        getNext().invoke(request, response);
    } finally {
        activeThreads.remove(key);
        if (monitoredThread.markAsDone() == MonitoredThreadState.STUCK) {
            if(monitoredThread.wasInterrupted()) {
                interruptedThreadsCount.incrementAndGet();
            }
            completedStuckThreadsQueue.add(
                    new CompletedStuckThread(monitoredThread.getThread(),
                        monitoredThread.getActiveTimeInMillis()));
        }
    }
}
 
Example 11
Source File: AccessLogValve.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
@Override
public void addElement(StringBuilder buf, Date date, Request request,
        Response response, long time) {
    String query = null;
    if (request != null) {
        query = request.getQueryString();
    }
    if (query != null) {
        buf.append('?');
        buf.append(query);
    }
}
 
Example 12
Source File: StuckThreadDetectionValve.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public void invoke(Request request, Response response)
        throws IOException, ServletException {

    if (threshold <= 0) {
        // short-circuit if not monitoring stuck threads
        getNext().invoke(request, response);
        return;
    }

    // Save the thread/runnable
    // Keeping a reference to the thread object here does not prevent
    // GC'ing, as the reference is removed from the Map in the finally clause

    Long key = Long.valueOf(Thread.currentThread().getId());
    StringBuffer requestUrl = request.getRequestURL();
    if(request.getQueryString()!=null) {
        requestUrl.append("?");
        requestUrl.append(request.getQueryString());
    }
    MonitoredThread monitoredThread = new MonitoredThread(Thread.currentThread(),
        requestUrl.toString(), interruptThreadThreshold > 0);
    activeThreads.put(key, monitoredThread);

    try {
        getNext().invoke(request, response);
    } finally {
        activeThreads.remove(key);
        if (monitoredThread.markAsDone() == MonitoredThreadState.STUCK) {
            if(monitoredThread.wasInterrupted()) {
                interruptedThreadsCount.incrementAndGet();
            }
            completedStuckThreadsQueue.add(
                    new CompletedStuckThread(monitoredThread.getThread(),
                        monitoredThread.getActiveTimeInMillis()));
        }
    }
}
 
Example 13
Source File: AbstractAccessLogValve.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Override
public void addElement(CharArrayWriter buf, Date date, Request request,
        Response response, long time) {
    String query = null;
    if (request != null) {
        query = request.getQueryString();
    }
    if (query != null) {
        buf.append('?');
        buf.append(query);
    }
}
 
Example 14
Source File: RealmBase.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
/**
 * Enforce any user data constraint required by the security constraint
 * guarding this request URI.  Return <code>true</code> if this constraint
 * was not violated and processing should continue, or <code>false</code>
 * if we have created a response already.
 *
 * @param request Request we are processing
 * @param response Response we are creating
 * @param constraints Security constraint being checked
 *
 * @exception IOException if an input/output error occurs
 */
@Override
public boolean hasUserDataPermission(Request request,
                                     Response response,
                                     SecurityConstraint []constraints)
    throws IOException {

    // Is there a relevant user data constraint?
    if (constraints == null || constraints.length == 0) {
        if (log.isDebugEnabled())
            log.debug("  No applicable security constraint defined");
        return (true);
    }
    for(int i=0; i < constraints.length; i++) {
        SecurityConstraint constraint = constraints[i];
        String userConstraint = constraint.getUserConstraint();
        if (userConstraint == null) {
            if (log.isDebugEnabled())
                log.debug("  No applicable user data constraint defined");
            return (true);
        }
        if (userConstraint.equals(Constants.NONE_TRANSPORT)) {
            if (log.isDebugEnabled())
                log.debug("  User data constraint has no restrictions");
            return (true);
        }

    }
    // Validate the request against the user data constraint
    if (request.getRequest().isSecure()) {
        if (log.isDebugEnabled())
            log.debug("  User data constraint already satisfied");
        return (true);
    }
    // Initialize variables we need to determine the appropriate action
    int redirectPort = request.getConnector().getRedirectPort();

    // Is redirecting disabled?
    if (redirectPort <= 0) {
        if (log.isDebugEnabled())
            log.debug("  SSL redirect is disabled");
        response.sendError
            (HttpServletResponse.SC_FORBIDDEN,
             request.getRequestURI());
        return (false);
    }

    // Redirect to the corresponding SSL port
    StringBuilder file = new StringBuilder();
    String protocol = "https";
    String host = request.getServerName();
    // Protocol
    file.append(protocol).append("://").append(host);
    // Host with port
    if(redirectPort != 443) {
        file.append(":").append(redirectPort);
    }
    // URI
    file.append(request.getRequestURI());
    String requestedSessionId = request.getRequestedSessionId();
    if ((requestedSessionId != null) &&
        request.isRequestedSessionIdFromURL()) {
        file.append(";");
        file.append(SessionConfig.getSessionUriParamName(
                request.getContext()));
        file.append("=");
        file.append(requestedSessionId);
    }
    String queryString = request.getQueryString();
    if (queryString != null) {
        file.append('?');
        file.append(queryString);
    }
    if (log.isDebugEnabled())
        log.debug("  Redirecting to " + file.toString());
    response.sendRedirect(file.toString());
    return (false);

}
 
Example 15
Source File: RealmBase.java    From tomcatsrc with Apache License 2.0 4 votes vote down vote up
/**
 * Enforce any user data constraint required by the security constraint
 * guarding this request URI.  Return <code>true</code> if this constraint
 * was not violated and processing should continue, or <code>false</code>
 * if we have created a response already.
 *
 * @param request Request we are processing
 * @param response Response we are creating
 * @param constraints Security constraint being checked
 *
 * @exception IOException if an input/output error occurs
 */
@Override
public boolean hasUserDataPermission(Request request,
                                     Response response,
                                     SecurityConstraint []constraints)
    throws IOException {

    // Is there a relevant user data constraint?
    if (constraints == null || constraints.length == 0) {
        if (log.isDebugEnabled())
            log.debug("  No applicable security constraint defined");
        return (true);
    }
    for(int i=0; i < constraints.length; i++) {
        SecurityConstraint constraint = constraints[i];
        String userConstraint = constraint.getUserConstraint();
        if (userConstraint == null) {
            if (log.isDebugEnabled())
                log.debug("  No applicable user data constraint defined");
            return (true);
        }
        if (userConstraint.equals(Constants.NONE_TRANSPORT)) {
            if (log.isDebugEnabled())
                log.debug("  User data constraint has no restrictions");
            return (true);
        }

    }
    // Validate the request against the user data constraint
    if (request.getRequest().isSecure()) {
        if (log.isDebugEnabled())
            log.debug("  User data constraint already satisfied");
        return (true);
    }
    // Initialize variables we need to determine the appropriate action
    int redirectPort = request.getConnector().getRedirectPort();

    // Is redirecting disabled?
    if (redirectPort <= 0) {
        if (log.isDebugEnabled())
            log.debug("  SSL redirect is disabled");
        response.sendError
            (HttpServletResponse.SC_FORBIDDEN,
             request.getRequestURI());
        return (false);
    }

    // Redirect to the corresponding SSL port
    StringBuilder file = new StringBuilder();
    String protocol = "https";
    String host = request.getServerName();
    // Protocol
    file.append(protocol).append("://").append(host);
    // Host with port
    if(redirectPort != 443) {
        file.append(":").append(redirectPort);
    }
    // URI
    file.append(request.getRequestURI());
    String requestedSessionId = request.getRequestedSessionId();
    if ((requestedSessionId != null) &&
        request.isRequestedSessionIdFromURL()) {
        file.append(";");
        file.append(SessionConfig.getSessionUriParamName(
                request.getContext()));
        file.append("=");
        file.append(requestedSessionId);
    }
    String queryString = request.getQueryString();
    if (queryString != null) {
        file.append('?');
        file.append(queryString);
    }
    if (log.isDebugEnabled())
        log.debug("  Redirecting to " + file.toString());
    response.sendRedirect(file.toString(), transportGuaranteeRedirectStatus);
    return (false);

}
 
Example 16
Source File: RealmBase.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
/**
 * Enforce any user data constraint required by the security constraint
 * guarding this request URI.  Return <code>true</code> if this constraint
 * was not violated and processing should continue, or <code>false</code>
 * if we have created a response already.
 *
 * @param request Request we are processing
 * @param response Response we are creating
 * @param constraints Security constraint being checked
 *
 * @exception IOException if an input/output error occurs
 */
@Override
public boolean hasUserDataPermission(Request request,
                                     Response response,
                                     SecurityConstraint []constraints)
    throws IOException {

    // Is there a relevant user data constraint?
    if (constraints == null || constraints.length == 0) {
        if (log.isDebugEnabled())
            log.debug("  No applicable security constraint defined");
        return true;
    }
    for(int i=0; i < constraints.length; i++) {
        SecurityConstraint constraint = constraints[i];
        String userConstraint = constraint.getUserConstraint();
        if (userConstraint == null) {
            if (log.isDebugEnabled())
                log.debug("  No applicable user data constraint defined");
            return true;
        }
        if (userConstraint.equals(TransportGuarantee.NONE.name())) {
            if (log.isDebugEnabled())
                log.debug("  User data constraint has no restrictions");
            return true;
        }

    }
    // Validate the request against the user data constraint
    if (request.getRequest().isSecure()) {
        if (log.isDebugEnabled())
            log.debug("  User data constraint already satisfied");
        return true;
    }
    // Initialize variables we need to determine the appropriate action
    int redirectPort = request.getConnector().getRedirectPort();

    // Is redirecting disabled?
    if (redirectPort <= 0) {
        if (log.isDebugEnabled())
            log.debug("  SSL redirect is disabled");
        response.sendError
            (HttpServletResponse.SC_FORBIDDEN,
             request.getRequestURI());
        return false;
    }

    // Redirect to the corresponding SSL port
    StringBuilder file = new StringBuilder();
    String protocol = "https";
    String host = request.getServerName();
    // Protocol
    file.append(protocol).append("://").append(host);
    // Host with port
    if(redirectPort != 443) {
        file.append(":").append(redirectPort);
    }
    // URI
    file.append(request.getRequestURI());
    String requestedSessionId = request.getRequestedSessionId();
    if ((requestedSessionId != null) &&
        request.isRequestedSessionIdFromURL()) {
        file.append(";");
        file.append(SessionConfig.getSessionUriParamName(
                request.getContext()));
        file.append("=");
        file.append(requestedSessionId);
    }
    String queryString = request.getQueryString();
    if (queryString != null) {
        file.append('?');
        file.append(queryString);
    }
    if (log.isDebugEnabled())
        log.debug("  Redirecting to " + file.toString());
    response.sendRedirect(file.toString(), transportGuaranteeRedirectStatus);
    return false;

}
 
Example 17
Source File: BaseOpenIDConnectAuthenticator.java    From tomcat-oidcauth with Apache License 2.0 4 votes vote down vote up
/**
 * Process regular unauthenticated request. Normally, saves the request in
 * the session and forwards to the configured login page.
 *
 * @param request The request.
 * @param response The response.
 *
 * @throws IOException If an I/O error happens communicating with the
 * client.
 */
protected void processUnauthenticated(final Request request,
		final HttpServletResponse response)
	throws IOException {

	// If this request was to the root of the context without a trailing
	// "/", need to redirect to add it else the submit of the login form
	// may not go to the correct web application
	if ((request.getServletPath().length() == 0)
			&& (request.getPathInfo() == null)) {
		final StringBuilder location = new StringBuilder(
				request.getDecodedRequestURI());
		location.append('/');
		if (request.getQueryString() != null)
			location.append('?').append(request.getQueryString());
		response.sendRedirect(
				response.encodeRedirectURL(location.toString()));
		return;
	}

	// get session
	final Session session = request.getSessionInternal(true);

	final boolean debug = this.log.isDebugEnabled();
	if (debug)
		this.log.debug("save request in session "
				+ session.getIdInternal());

	// save original request in the session before forwarding to the login
	try {
		this.saveRequest(request, session);
	} catch (final IOException e) {
		this.log.debug("could not save request during authentication", e);
		response.sendError(HttpServletResponse.SC_FORBIDDEN,
				sm.getString("authenticator.requestBodyTooBig"));
		return;
	}

	// forward to the login page
	this.forwardToLoginPage(request, response,
			this.context.getLoginConfig());
}
 
Example 18
Source File: AccessValve.java    From DataHubSystem with GNU Affero General Public License v3.0 4 votes vote down vote up
/**
 * Logs information into temporary cache. According to the Valve 
 * configuration, log will also display into the logger.
 * @param request the input user request to log.
 * @param response the response to the user to be incremented.
 * return the log entry.
 * @throws IOException
 * @throws ServletException
 */
private void  doLog (Request request, Response response, 
   AccessInformation ai) throws IOException, ServletException
{
   // Retrieve cookie to obtains existing context if any.
   Cookie integrityCookie=CookieKey.getIntegrityCookie(request.getCookies());
   
   SecurityContext ctx = null;
   if (integrityCookie != null)
   {
      String integrity = integrityCookie.getValue ();
      if (integrity != null && !integrity.isEmpty ())
      {
         ctx = SecurityContextProvider.getSecurityContext (integrity);
      }
   }
   if ((ctx!=null) && (ctx.getAuthentication()!=null))
   {
      ai.setUsername(ctx.getAuthentication().getName());
   }
   else
   {
      String[] basicAuth = extractAndDecodeHeader(
         request.getHeader("Authorization"));
      if (basicAuth!=null)
         ai.setUsername(basicAuth[0]);
   }
   
   if (request.getQueryString()!=null)
   {
      ai.setRequest(request.getRequestURL().append('?').
         append(request.getQueryString()).toString());
   }
   else
   {
      ai.setRequest(request.getRequestURL().toString());
   }
   
   ai.setLocalAddress(LOCAL_ADDR_VALUE);
   ai.setLocalHost(request.getServerName());
   
   ai.setRemoteAddress(ProxyWebAuthenticationDetails.getRemoteIp(request));
   ai.setRemoteHost(ProxyWebAuthenticationDetails.getRemoteHost(request));
}
 
Example 19
Source File: LoadBalancerDrainingValve.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
    if  ("DIS".equals(request.getAttribute(ATTRIBUTE_KEY_JK_LB_ACTIVATION)) &&
            !request.isRequestedSessionIdValid()) {

        if (containerLog.isDebugEnabled()) {
            containerLog.debug("Load-balancer is in DISABLED state; draining this node");
        }

        boolean ignoreRebalance = false;
        Cookie sessionCookie = null;

        final Cookie[] cookies = request.getCookies();

        final String sessionCookieName = SessionConfig.getSessionCookieName(request.getContext());

        if (null != cookies) {
            for (Cookie cookie : cookies) {
                final String cookieName = cookie.getName();
                if (containerLog.isTraceEnabled()) {
                    containerLog.trace("Checking cookie " + cookieName + "=" + cookie.getValue());
                }

                if (sessionCookieName.equals(cookieName) &&
                        request.getRequestedSessionId().equals(cookie.getValue())) {
                    sessionCookie = cookie;
                } else if (null != _ignoreCookieName &&
                        _ignoreCookieName.equals(cookieName) &&
                        null != _ignoreCookieValue &&
                        _ignoreCookieValue.equals(cookie.getValue())) {
                    // The client presenting a valid ignore-cookie value?
                    ignoreRebalance = true;
                }
            }
        }

        if (ignoreRebalance) {
            if (containerLog.isDebugEnabled()) {
                containerLog.debug("Client is presenting a valid " + _ignoreCookieName +
                        " cookie, re-balancing is being skipped");
            }

            getNext().invoke(request, response);

            return;
        }

        // Kill any session cookie that was found
        // TODO: Consider implications of SSO cookies
        if (null != sessionCookie) {
            sessionCookie.setPath(SessionConfig.getSessionCookiePath(request.getContext()));
            sessionCookie.setMaxAge(0); // Delete
            sessionCookie.setValue(""); // Purge the cookie's value
            response.addCookie(sessionCookie);
        }

        // Re-write the URI if it contains a ;jsessionid parameter
        String uri = request.getRequestURI();
        String sessionURIParamName = SessionConfig.getSessionUriParamName(request.getContext());
        if (uri.contains(";" + sessionURIParamName + "=")) {
            uri = uri.replaceFirst(";" + sessionURIParamName + "=[^&?]*", "");
        }

        String queryString = request.getQueryString();

        if (null != queryString) {
            uri = uri + "?" + queryString;
        }

        // NOTE: Do not call response.encodeRedirectURL or the bad
        // sessionid will be restored
        response.setHeader("Location", uri);
        response.setStatus(_redirectStatusCode);
    } else {
        getNext().invoke(request, response);
    }
}