Java Code Examples for org.apache.catalina.connector.Request#setNote()

The following examples show how to use org.apache.catalina.connector.Request#setNote() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: RedisSessionRequestValve.java    From redis-session-manager with Apache License 2.0 5 votes vote down vote up
/**
 * Get the full query string of the request; used only for logging
 * 
 * @param request
 * @return
 */
private String getQueryString(final Request request) {
    final StringBuilder sb = new StringBuilder();
    sb.append(request.getMethod()).append(' ').append(request.getRequestURI());
    if (!isPostMethod(request) && request.getQueryString() != null) {
        sb.append('?').append(request.getQueryString());
    }
    final String result = sb.toString();
    request.setNote(REQUEST_QUERY, result);
    return result;
}
 
Example 2
Source File: UpdateValve.java    From redisson with Apache License 2.0 5 votes vote down vote up
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
    if (getNext() == null) {
        return;
    }

    //check if we already filtered/processed this request
    if (request.getNote(ALREADY_FILTERED_NOTE) == null) {
        request.setNote(ALREADY_FILTERED_NOTE, Boolean.TRUE);
        try {
            getNext().invoke(request, response);
        } finally {
            request.removeNote(ALREADY_FILTERED_NOTE);
            final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
            try {
                ClassLoader applicationClassLoader = request.getContext().getLoader().getClassLoader();
                Thread.currentThread().setContextClassLoader(applicationClassLoader);
                Manager manager = request.getContext().getManager();
                ((RedissonSessionManager)manager).store(request.getSession(false));
            } finally {
                Thread.currentThread().setContextClassLoader(classLoader);
            }
        }
    } else {
        getNext().invoke(request, response);
    }
}
 
Example 3
Source File: UpdateValve.java    From redisson with Apache License 2.0 5 votes vote down vote up
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
    if (getNext() == null) {
        return;
    }

    //check if we already filtered/processed this request 
    if (request.getNote(ALREADY_FILTERED_NOTE) == null) {
        request.setNote(ALREADY_FILTERED_NOTE, Boolean.TRUE);
        try {
            getNext().invoke(request, response);
        } finally {
            request.removeNote(ALREADY_FILTERED_NOTE);
            final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
            try {
                ClassLoader applicationClassLoader = request.getContext().getLoader().getClassLoader();
                Thread.currentThread().setContextClassLoader(applicationClassLoader);
                Manager manager = request.getContext().getManager();
                ((RedissonSessionManager)manager).store(request.getSession(false));
            } finally {
                Thread.currentThread().setContextClassLoader(classLoader);
            }
        }
    } else {
        getNext().invoke(request, response);
    }
}
 
Example 4
Source File: UpdateValve.java    From redisson with Apache License 2.0 5 votes vote down vote up
@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
    if (getNext() == null) {
        return;
    }

    //check if we already filtered/processed this request
    if (request.getNote(ALREADY_FILTERED_NOTE) == null) {
        request.setNote(ALREADY_FILTERED_NOTE, Boolean.TRUE);
        try {
            getNext().invoke(request, response);
        } finally {
            request.removeNote(ALREADY_FILTERED_NOTE);
            final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
            try {
                ClassLoader applicationClassLoader = request.getContext().getLoader().getClassLoader();
                Thread.currentThread().setContextClassLoader(applicationClassLoader);
                Manager manager = request.getContext().getManager();
                ((RedissonSessionManager)manager).store(request.getSession(false));
            } finally {
                Thread.currentThread().setContextClassLoader(classLoader);
            }
        }
    } else {
        getNext().invoke(request, response);
    }
}
 
Example 5
Source File: TomEERealm.java    From tomee with Apache License 2.0 5 votes vote down vote up
private Principal logInTomEE(final Principal pcp) {
    if (pcp == null) {
        return null;
    }
    if (securityService == null) { // tomee-embedded get it later than startInternals so we need it this way
        securityService = (TomcatSecurityService) SystemInstance.get().getComponent(SecurityService.class);
    }

    // normally we don't care about oldstate because the listener already contains one
    // which is the previous one
    // so no need to clean twice here
    final Request request = OpenEJBSecurityListener.requests.get();
    if (request != null) {
        final Object securityContext = securityService.enterWebApp(this, pcp, OpenEJBSecurityListener.requests.get().getWrapper().getRunAs());
        request.setNote(SECURITY_NOTE, securityContext);
    } else {
        final CUTask.Context context = CUTask.Context.CURRENT.get();
        if (context != null) {
            final Object state = securityService.enterWebApp(this, pcp, null);
            context.pushExitTask(new Runnable() {
                @Override
                public void run() {
                    securityService.exitWebApp(state);
                }
            });
        } else {
            final Logger instance = Logger.getInstance(LogCategory.OPENEJB_SECURITY, TomEERealm.class);
            if (instance.isDebugEnabled()) {
                instance.debug(
                    "No request or concurrency-utilities context so skipping login context propagation, " +
                    "thread=" + Thread.currentThread().getName());
            }
        }
    }
    return pcp;
}
 
Example 6
Source File: AbstractKeycloakAuthenticatorValve.java    From keycloak with Apache License 2.0 5 votes vote down vote up
protected AdapterTokenStore getTokenStore(Request request, HttpFacade facade, KeycloakDeployment resolvedDeployment) {
    AdapterTokenStore store = (AdapterTokenStore)request.getNote(TOKEN_STORE_NOTE);
    if (store != null) {
        return store;
    }

    if (resolvedDeployment.getTokenStore() == TokenStore.SESSION) {
        store = createSessionTokenStore(request, resolvedDeployment);
    } else {
        store = new CatalinaCookieTokenStore(request, facade, resolvedDeployment, createPrincipalFactory());
    }

    request.setNote(TOKEN_STORE_NOTE, store);
    return store;
}
 
Example 7
Source File: AbstractSamlAuthenticatorValve.java    From keycloak with Apache License 2.0 5 votes vote down vote up
protected SamlSessionStore getSessionStore(Request request, HttpFacade facade, SamlDeployment resolvedDeployment) {
    SamlSessionStore store = (SamlSessionStore)request.getNote(TOKEN_STORE_NOTE);
    if (store != null) {
        return store;
    }

    store = createSessionStore(request, facade, resolvedDeployment);

    request.setNote(TOKEN_STORE_NOTE, store);
    return store;
}
 
Example 8
Source File: AuthenticatorBase.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
private boolean authenticateJaspic(Request request, Response response, JaspicState state,
        boolean requirePrincipal) {

    boolean cachedAuth = checkForCachedAuthentication(request, response, false);
    Subject client = new Subject();
    AuthStatus authStatus;
    try {
        authStatus = state.serverAuthContext.validateRequest(state.messageInfo, client, null);
    } catch (AuthException e) {
        log.debug(sm.getString("authenticator.loginFail"), e);
        return false;
    }

    request.setRequest((HttpServletRequest) state.messageInfo.getRequestMessage());
    response.setResponse((HttpServletResponse) state.messageInfo.getResponseMessage());

    if (authStatus == AuthStatus.SUCCESS) {
        GenericPrincipal principal = getPrincipal(client);
        if (log.isDebugEnabled()) {
            log.debug("Authenticated user: " + principal);
        }
        if (principal == null) {
            request.setUserPrincipal(null);
            request.setAuthType(null);
            if (requirePrincipal) {
                return false;
            }
        } else if (cachedAuth == false ||
                !principal.getUserPrincipal().equals(request.getUserPrincipal())) {
            // Skip registration if authentication credentials were
            // cached and the Principal did not change.
            @SuppressWarnings("rawtypes")// JASPIC API uses raw types
            Map map = state.messageInfo.getMap();
            if (map != null && map.containsKey("javax.servlet.http.registerSession")) {
                register(request, response, principal, "JASPIC", null, null, true, true);
            } else {
                register(request, response, principal, "JASPIC", null, null);
            }
        }
        request.setNote(Constants.REQ_JASPIC_SUBJECT_NOTE, client);
        return true;
    }
    return false;
}
 
Example 9
Source File: SingleSignOn.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
/**
 * Perform single-sign-on support processing for this request.
 *
 * @param request The servlet request we are processing
 * @param response The servlet response we are creating
 *
 * @exception IOException if an input/output error occurs
 * @exception ServletException if a servlet error occurs
 */
@Override
public void invoke(Request request, Response response)
    throws IOException, ServletException {

    request.removeNote(Constants.REQ_SSOID_NOTE);

    // Has a valid user already been authenticated?
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.invoke", request.getRequestURI()));
    }
    if (request.getUserPrincipal() != null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.hasPrincipal",
                    request.getUserPrincipal().getName()));
        }
        getNext().invoke(request, response);
        return;
    }

    // Check for the single sign on cookie
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.cookieCheck"));
    }
    Cookie cookie = null;
    Cookie cookies[] = request.getCookies();
    if (cookies != null) {
        for (int i = 0; i < cookies.length; i++) {
            if (Constants.SINGLE_SIGN_ON_COOKIE.equals(cookies[i].getName())) {
                cookie = cookies[i];
                break;
            }
        }
    }
    if (cookie == null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.cookieNotFound"));
        }
        getNext().invoke(request, response);
        return;
    }

    // Look up the cached Principal associated with this cookie value
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.principalCheck",
                cookie.getValue()));
    }
    SingleSignOnEntry entry = cache.get(cookie.getValue());
    if (entry != null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.principalFound",
                    entry.getPrincipal() != null ? entry.getPrincipal().getName() : "",
                    entry.getAuthType()));
        }
        request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue());
        // Only set security elements if reauthentication is not required
        if (!getRequireReauthentication()) {
            request.setAuthType(entry.getAuthType());
            request.setUserPrincipal(entry.getPrincipal());
        }
    } else {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.principalNotFound",
                    cookie.getValue()));
        }
        // No need to return a valid SSO session ID
        cookie.setValue("REMOVE");
        // Age of zero will trigger removal
        cookie.setMaxAge(0);
        // Domain and path have to match the original cookie to 'replace'
        // the original cookie
        cookie.setPath("/");
        String domain = getCookieDomain();
        if (domain != null) {
            cookie.setDomain(domain);
        }
        // This is going to trigger a Set-Cookie header. While the value is
        // not security sensitive, ensure that expectations for secure and
        // httpOnly are met
        cookie.setSecure(request.isSecure());
        if (request.getServletContext().getSessionCookieConfig().isHttpOnly() ||
                request.getContext().getUseHttpOnly()) {
            cookie.setHttpOnly(true);
        }

        response.addCookie(cookie);
    }

    // Invoke the next Valve in our pipeline
    getNext().invoke(request, response);
}
 
Example 10
Source File: SingleSignOn.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
/**
 * Perform single-sign-on support processing for this request.
 *
 * @param request The servlet request we are processing
 * @param response The servlet response we are creating
 *
 * @exception IOException if an input/output error occurs
 * @exception ServletException if a servlet error occurs
 */
@Override
public void invoke(Request request, Response response)
    throws IOException, ServletException {

    request.removeNote(Constants.REQ_SSOID_NOTE);

    // Has a valid user already been authenticated?
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.invoke", request.getRequestURI()));
    }
    if (request.getUserPrincipal() != null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.hasPrincipal",
                    request.getUserPrincipal().getName()));
        }
        getNext().invoke(request, response);
        return;
    }

    // Check for the single sign on cookie
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.cookieCheck"));
    }
    Cookie cookie = null;
    Cookie cookies[] = request.getCookies();
    if (cookies != null) {
        for (int i = 0; i < cookies.length; i++) {
            if (Constants.SINGLE_SIGN_ON_COOKIE.equals(cookies[i].getName())) {
                cookie = cookies[i];
                break;
            }
        }
    }
    if (cookie == null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.cookieNotFound"));
        }
        getNext().invoke(request, response);
        return;
    }

    // Look up the cached Principal associated with this cookie value
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.principalCheck",
                cookie.getValue()));
    }
    SingleSignOnEntry entry = cache.get(cookie.getValue());
    if (entry != null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.principalFound",
                    entry.getPrincipal() != null ? entry.getPrincipal().getName() : "",
                    entry.getAuthType()));
        }
        request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue());
        // Only set security elements if reauthentication is not required
        if (!getRequireReauthentication()) {
            request.setAuthType(entry.getAuthType());
            request.setUserPrincipal(entry.getPrincipal());
        }
    } else {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.principalNotFound",
                    cookie.getValue()));
        }
        // No need to return a valid SSO session ID
        cookie.setValue("REMOVE");
        // Age of zero will trigger removal
        cookie.setMaxAge(0);
        // Domain and path have to match the original cookie to 'replace'
        // the original cookie
        cookie.setPath("/");
        String domain = getCookieDomain();
        if (domain != null) {
            cookie.setDomain(domain);
        }
        // This is going to trigger a Set-Cookie header. While the value is
        // not security sensitive, ensure that expectations for secure and
        // httpOnly are met
        cookie.setSecure(request.isSecure());
        if (request.getServletContext().getSessionCookieConfig().isHttpOnly() ||
                request.getContext().getUseHttpOnly()) {
            cookie.setHttpOnly(true);
        }

        response.addCookie(cookie);
    }

    // Invoke the next Valve in our pipeline
    getNext().invoke(request, response);
}
 
Example 11
Source File: SingleSignOn.java    From tomcatsrc with Apache License 2.0 4 votes vote down vote up
/**
 * Perform single-sign-on support processing for this request.
 *
 * @param request The servlet request we are processing
 * @param response The servlet response we are creating
 *
 * @exception IOException if an input/output error occurs
 * @exception ServletException if a servlet error occurs
 */
@Override
public void invoke(Request request, Response response)
    throws IOException, ServletException {

    request.removeNote(Constants.REQ_SSOID_NOTE);

    // Has a valid user already been authenticated?
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.invoke", request.getRequestURI()));
    }
    if (request.getUserPrincipal() != null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.hasPrincipal",
                    request.getUserPrincipal().getName()));
        }
        getNext().invoke(request, response);
        return;
    }

    // Check for the single sign on cookie
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.cookieCheck"));
    }
    Cookie cookie = null;
    Cookie cookies[] = request.getCookies();
    if (cookies != null) {
        for (int i = 0; i < cookies.length; i++) {
            if (Constants.SINGLE_SIGN_ON_COOKIE.equals(cookies[i].getName())) {
                cookie = cookies[i];
                break;
            }
        }
    }
    if (cookie == null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.cookieNotFound"));
        }
        getNext().invoke(request, response);
        return;
    }

    // Look up the cached Principal associated with this cookie value
    if (containerLog.isDebugEnabled()) {
        containerLog.debug(sm.getString("singleSignOn.debug.principalCheck",
                cookie.getValue()));
    }
    SingleSignOnEntry entry = cache.get(cookie.getValue());
    if (entry != null) {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.principalFound",
                    entry.getPrincipal() != null ? entry.getPrincipal().getName() : "",
                    entry.getAuthType()));
        }
        request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue());
        // Only set security elements if reauthentication is not required
        if (!getRequireReauthentication()) {
            request.setAuthType(entry.getAuthType());
            request.setUserPrincipal(entry.getPrincipal());
        }
    } else {
        if (containerLog.isDebugEnabled()) {
            containerLog.debug(sm.getString("singleSignOn.debug.principalNotFound",
                    cookie.getValue()));
        }
        // No need to return a valid SSO session ID
        cookie.setValue("REMOVE");
        // Age of zero will trigger removal
        cookie.setMaxAge(0);
        // Domain and path have to match the original cookie to 'replace'
        // the original cookie
        cookie.setPath("/");
        String domain = getCookieDomain();
        if (domain != null) {
            cookie.setDomain(domain);
        }
        // This is going to trigger a Set-Cookie header. While the value is
        // not security sensitive, ensure that expectations for secure and
        // httpOnly are met
        cookie.setSecure(request.isSecure());
        if (request.getServletContext().getSessionCookieConfig().isHttpOnly() ||
                request.getContext().getUseHttpOnly()) {
            cookie.setHttpOnly(true);
        }

        response.addCookie(cookie);
    }

    // Invoke the next Valve in our pipeline
    getNext().invoke(request, response);
}