/** * Invoke the next Valve in the sequence. When the invoke returns, check * the response state, and output an error report is necessary. * * @param request The servlet request to be processed * @param response The servlet response to be created * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException { // Perform the request context.invokeNext(request, response); response.setSuspended(false); ServletRequest sreq = request.getRequest(); Throwable t = (Throwable) sreq.getAttribute(Globals.EXCEPTION_ATTR); if (t != null) { throwable(request, response, t); } else { status(request, response); } }
/** * Expose the certificates chain if one was included on this request. * * @param request The servlet request to be processed * @param response The servlet response to be created * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException { // Identify the underlying request if this request was wrapped Request actual = request; while (actual instanceof RequestWrapper) actual = ((RequestWrapper) actual).getWrappedRequest(); // if (debug >= 2) // log("Processing request"); // Verify the existence of a certificate chain if appropriate if (certificates) verify(request, actual); // Expose the certificate chain if appropriate expose(request, actual); // Invoke the next Valve in our Pipeline context.invokeNext(request, response); }
public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { // Pass this request on to the next valve in our pipeline valveContext.invokeNext(request, response); System.out.println("Header Logger Valve"); ServletRequest sreq = request.getRequest(); if (sreq instanceof HttpServletRequest) { HttpServletRequest hreq = (HttpServletRequest) sreq; Enumeration headerNames = hreq.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = headerNames.nextElement().toString(); String headerValue = hreq.getHeader(headerName); System.out.println(headerName + ":" + headerValue); } } else System.out.println("Not an HTTP Request"); System.out.println("------------------------------------"); }
/** * Select the appropriate child Host to process this request, * based on the requested server name. If no matching Host can * be found, return an appropriate HTTP error. * * @param request Request to be processed * @param response Response to be produced * @param valveContext Valve context used to forward to the next Valve * * @exception IOException if an input/output error occurred * @exception ServletException if a servlet error occurred */ public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { // Validate the request and response object types if (!(request.getRequest() instanceof HttpServletRequest) || !(response.getResponse() instanceof HttpServletResponse)) { return; // NOTE - Not much else we can do generically } // Validate that any HTTP/1.1 request included a host header HttpServletRequest hrequest = (HttpServletRequest) request; if ("HTTP/1.1".equals(hrequest.getProtocol()) && (hrequest.getServerName() == null)) { ((HttpServletResponse) response.getResponse()).sendError (HttpServletResponse.SC_BAD_REQUEST, sm.getString("standardEngine.noHostHeader", request.getRequest().getServerName())); return; } // Select the Host to be used for this Request StandardEngine engine = (StandardEngine) getContainer(); Host host = (Host) engine.map(request, true); if (host == null) { ((HttpServletResponse) response.getResponse()).sendError (HttpServletResponse.SC_BAD_REQUEST, sm.getString("standardEngine.noHost", request.getRequest().getServerName())); return; } // Ask this Host to process this request host.invoke(request, response); }
public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { valveContext.invokeNext(request, response); ServletRequest servletRequest = request.getRequest(); if (servletRequest instanceof HttpServletRequest) { HttpServletRequest hsr = (HttpServletRequest) request; HttpSession session = hsr.getSession(false); if (session != null) { String ip = IPInfo.getClientAddress(hsr); session.setAttribute(ApplicationSession.LAST_ACCESSED_BY_IP, ip); } } }
public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { SimpleWrapper wrapper = (SimpleWrapper) getContainer(); ServletRequest sreq = request.getRequest(); ServletResponse sres = response.getResponse(); Servlet servlet = null; HttpServletRequest hreq = null; if (sreq instanceof HttpServletRequest) hreq = (HttpServletRequest) sreq; HttpServletResponse hres = null; if (sres instanceof HttpServletResponse) hres = (HttpServletResponse) sres; //-- new addition ----------------------------------- Context context = (Context) wrapper.getParent(); request.setContext(context); //------------------------------------- // Allocate a servlet instance to process this request try { servlet = wrapper.allocate(); if (hres!=null && hreq!=null) { servlet.service(hreq, hres); } else { servlet.service(sreq, sres); } } catch (ServletException e) { } }
public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { // Validate the request and response object types if (!(request.getRequest() instanceof HttpServletRequest) || !(response.getResponse() instanceof HttpServletResponse)) { return; // NOTE - Not much else we can do generically } // Disallow any direct access to resources under WEB-INF or META-INF HttpServletRequest hreq = (HttpServletRequest) request.getRequest(); String contextPath = hreq.getContextPath(); String requestURI = ((HttpRequest) request).getDecodedRequestURI(); String relativeURI = requestURI.substring(contextPath.length()).toUpperCase(); Context context = (Context) getContainer(); // Select the Wrapper to be used for this Request Wrapper wrapper = null; try { wrapper = (Wrapper) context.map(request, true); } catch (IllegalArgumentException e) { badRequest(requestURI, (HttpServletResponse) response.getResponse()); return; } if (wrapper == null) { notFound(requestURI, (HttpServletResponse) response.getResponse()); return; } // Ask this Wrapper to process this Request response.setContext(context); wrapper.invoke(request, response); }
public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { SimpleWrapper wrapper = (SimpleWrapper) getContainer(); ServletRequest sreq = request.getRequest(); ServletResponse sres = response.getResponse(); Servlet servlet = null; HttpServletRequest hreq = null; if (sreq instanceof HttpServletRequest) hreq = (HttpServletRequest) sreq; HttpServletResponse hres = null; if (sres instanceof HttpServletResponse) hres = (HttpServletResponse) sres; // Allocate a servlet instance to process this request try { servlet = wrapper.allocate(); if (hres!=null && hreq!=null) { servlet.service(hreq, hres); } else { servlet.service(sreq, sres); } } catch (ServletException e) { } }
public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { // Pass this request on to the next valve in our pipeline valveContext.invokeNext(request, response); System.out.println("Client IP Logger Valve"); ServletRequest sreq = request.getRequest(); System.out.println(sreq.getRemoteAddr()); System.out.println("------------------------------------"); }
/** * Perform single-sign-on support processing for this request. * * @param request The servlet request we are processing * @param response The servlet response we are creating * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException { // If this is not an HTTP request and response, just pass them on if (!(request instanceof HttpRequest) || !(response instanceof HttpResponse)) { context.invokeNext(request, response); return; } HttpServletRequest hreq = (HttpServletRequest) request.getRequest(); HttpServletResponse hres = (HttpServletResponse) response.getResponse(); request.removeNote(Constants.REQ_SSOID_NOTE); // Has a valid user already been authenticated? if (debug >= 1) log("Process request for '" + hreq.getRequestURI() + "'"); if (hreq.getUserPrincipal() != null) { if (debug >= 1) log(" Principal '" + hreq.getUserPrincipal().getName() + "' has already been authenticated"); context.invokeNext(request, response); return; } // Check for the single sign on cookie if (debug >= 1) log(" Checking for SSO cookie"); Cookie cookie = null; Cookie cookies[] = hreq.getCookies(); if (cookies == null) cookies = new Cookie[0]; for (int i = 0; i < cookies.length; i++) { if (Constants.SINGLE_SIGN_ON_COOKIE.equals(cookies[i].getName())) { cookie = cookies[i]; break; } } if (cookie == null) { if (debug >= 1) log(" SSO cookie is not present"); context.invokeNext(request, response); return; } // Look up the cached Principal associated with this cookie value if (debug >= 1) log(" Checking for cached principal for " + cookie.getValue()); SingleSignOnEntry entry = lookup(cookie.getValue()); if (entry != null) { if (debug >= 1) log(" Found cached principal '" + entry.principal.getName() + "' with auth type '" + entry.authType + "'"); request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue()); ((HttpRequest) request).setAuthType(entry.authType); ((HttpRequest) request).setUserPrincipal(entry.principal); } else { if (debug >= 1) log(" No cached principal found, erasing SSO cookie"); cookie.setMaxAge(0); hres.addCookie(cookie); } // Invoke the next Valve in our pipeline context.invokeNext(request, response); }
/** * Invoke the next Valve in the sequence. When the invoke returns, check * the response state, and output an error report is necessary. * * @param request The servlet request to be processed * @param response The servlet response to be created * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException { // Perform the request context.invokeNext(request, response); ServletRequest sreq = (ServletRequest) request; Throwable throwable = (Throwable) sreq.getAttribute(Globals.EXCEPTION_ATTR); ServletResponse sresp = (ServletResponse) response; if (sresp.isCommitted()) { return; } if (throwable != null) { // The response is an error response.setError(); // Reset the response (if possible) try { sresp.reset(); } catch (IllegalStateException e) { ; } ServletResponse sresponse = (ServletResponse) response; if (sresponse instanceof HttpServletResponse) ((HttpServletResponse) sresponse).sendError (HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } response.setSuspended(false); try { report(request, response, throwable); } catch (Throwable tt) { tt.printStackTrace(); } }
/** * Select the appropriate child Context to process this request, * based on the specified request URI. If no matching Context can * be found, return an appropriate HTTP error. * * @param request Request to be processed * @param response Response to be produced * @param valveContext Valve context used to forward to the next Valve * * @exception IOException if an input/output error occurred * @exception ServletException if a servlet error occurred */ public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { // Validate the request and response object types if (!(request.getRequest() instanceof HttpServletRequest) || !(response.getResponse() instanceof HttpServletResponse)) { return; // NOTE - Not much else we can do generically } // Select the Context to be used for this Request StandardHost host = (StandardHost) getContainer(); Context context = (Context) host.map(request, true); if (context == null) { ((HttpServletResponse) response.getResponse()).sendError (HttpServletResponse.SC_INTERNAL_SERVER_ERROR, sm.getString("standardHost.noContext")); return; } // Bind the context CL to the current thread Thread.currentThread().setContextClassLoader (context.getLoader().getClassLoader()); // Update the session last access time for our session (if any) HttpServletRequest hreq = (HttpServletRequest) request.getRequest(); String sessionId = hreq.getRequestedSessionId(); if (sessionId != null) { Manager manager = context.getManager(); if (manager != null) { Session session = manager.findSession(sessionId); if ((session != null) && session.isValid()) session.access(); } } // Ask this Context to process this request context.invoke(request, response); }
public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException { ServletRequest servRequest = request.getRequest(); if (servRequest instanceof HttpServletRequest) { // we only set the TomcatLoginImpl for gateway paths HttpServletRequest hrequest = ((HttpServletRequest)servRequest); String path = hrequest.getServletPath(); boolean match = false; if (path == null) { // We need to use a slighly-weaker uri match for 4.1 String uri = hrequest.getRequestURI(); match = (uri != null && (uri.indexOf(MESSAGEBROKER_MATCH) != -1 || uri.indexOf(AMF_MATCH) != -1 || uri.indexOf(GATEWAY_MATCH) != -1 || (CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1))); } else { match = (path.startsWith(MESSAGEBROKER_MATCH) || path.startsWith(AMF_MATCH) || path.startsWith(GATEWAY_MATCH) || (CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH))); } if (match) { HttpRequest httpRequest = (HttpRequest)request; TomcatLoginHolder.setLogin(new TomcatLoginImpl(getContainer(), httpRequest)); // copy over user princicpal and auth type values, just like in AuthenticatorBase.invoke() Principal principal = hrequest.getUserPrincipal(); if (principal == null) { Session session = getSession(httpRequest, false); if (session != null) { principal = session.getPrincipal(); if (principal != null) { httpRequest.setAuthType(session.getAuthType()); httpRequest.setUserPrincipal(principal); } } } } } context.invokeNext(request, response); }
/** * Select the appropriate child Wrapper to process this request, * based on the specified request URI. If no matching Wrapper can * be found, return an appropriate HTTP error. * * @param request Request to be processed * @param response Response to be produced * @param valveContext Valve context used to forward to the next Valve * * @exception IOException if an input/output error occurred * @exception ServletException if a servlet error occurred */ public void invoke(Request request, Response response, ValveContext valveContext) throws IOException, ServletException { // Validate the request and response object types if (!(request.getRequest() instanceof HttpServletRequest) || !(response.getResponse() instanceof HttpServletResponse)) { return; // NOTE - Not much else we can do generically } // Disallow any direct access to resources under WEB-INF or META-INF HttpServletRequest hreq = (HttpServletRequest) request.getRequest(); String contextPath = hreq.getContextPath(); String requestURI = ((HttpRequest) request).getDecodedRequestURI(); String relativeURI = requestURI.substring(contextPath.length()).toUpperCase(); if (relativeURI.equals("/META-INF") || relativeURI.equals("/WEB-INF") || relativeURI.startsWith("/META-INF/") || relativeURI.startsWith("/WEB-INF/")) { notFound(requestURI, (HttpServletResponse) response.getResponse()); return; } Context context = (Context) getContainer(); // Select the Wrapper to be used for this Request Wrapper wrapper = null; try { wrapper = (Wrapper) context.map(request, true); } catch (IllegalArgumentException e) { badRequest(requestURI, (HttpServletResponse) response.getResponse()); return; } if (wrapper == null) { notFound(requestURI, (HttpServletResponse) response.getResponse()); return; } // Ask this Wrapper to process this Request response.setContext(context); wrapper.invoke(request, response); }
/** * Extract the desired request property, and pass it (along with the * specified request and response objects) to the protected * <code>process()</code> method to perform the actual filtering. * This method must be implemented by a concrete subclass. * * @param request The servlet request to be processed * @param response The servlet response to be created * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException { process(request.getRequest().getRemoteHost(), request, response, context); }
/** * Extract the desired request property, and pass it (along with the * specified request and response objects) to the protected * <code>process()</code> method to perform the actual filtering. * This method must be implemented by a concrete subclass. * * @param request The servlet request to be processed * @param response The servlet response to be created * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException { process(request.getRequest().getRemoteAddr(), request, response, context); }
/** * Extract the desired request property, and pass it (along with the * specified request and response objects) to the protected * <code>process()</code> method to perform the actual filtering. * This method must be implemented by a concrete subclass. * * @param request The servlet request to be processed * @param response The servlet response to be created * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public abstract void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException;
/** * The implementation-specific logic represented by this Valve. See the * Valve description for the normal design patterns for this method. * <p> * This method <strong>MUST</strong> be provided by a subclass. * * @param request The servlet request to be processed * @param response The servlet response to be created * @param context The valve context used to invoke the next valve * in the current processing pipeline * * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ public abstract void invoke(Request request, Response response, ValveContext context) throws IOException, ServletException;
