@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { SecurityContext sc = exchange.getAttachment(UndertowSecurityAttachments.SECURITY_CONTEXT_ATTACHMENT); RunAsIdentityMetaData identity = null; RunAs old = null; try { final ServletChain servlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet(); identity = runAsIdentityMetaDataMap.get(servlet.getManagedServlet().getServletInfo().getName()); RunAsIdentity runAsIdentity = null; if (identity != null) { UndertowLogger.ROOT_LOGGER.tracef("%s, runAs: %s", servlet.getManagedServlet().getServletInfo().getName(), identity); runAsIdentity = new RunAsIdentity(identity.getRoleName(), identity.getPrincipalName(), identity.getRunAsRoles()); } old = SecurityActions.setRunAsIdentity(runAsIdentity, sc); // Perform the request next.handleRequest(exchange); } finally { if (identity != null) { SecurityActions.setRunAsIdentity(old, sc); } } }
private ServletPathMatch handleMatch(final String path, final PathMatch match, final int extensionPos) { if (match.extensionMatches.isEmpty()) { return new ServletPathMatch(match.defaultHandler, path, match.requireWelcomeFileMatch); } if (extensionPos == -1) { return new ServletPathMatch(match.defaultHandler, path, match.requireWelcomeFileMatch); } final String ext; ext = path.substring(extensionPos + 1, path.length()); ServletChain handler = match.extensionMatches.get(ext); if (handler != null) { return new ServletPathMatch(handler, path, handler.getManagedServlet().getServletInfo().isRequireWelcomeFileMapping()); } return new ServletPathMatch(match.defaultHandler, path, match.requireWelcomeFileMatch); }
@Override public boolean resolve(HttpServerExchange exchange) { ServletRequestContext src = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); return src.getCurrentServlet().getManagedServlet().getServletInfo().getServletClass().equals(WSFServlet.class); }
@Override public boolean resolve(HttpServerExchange exchange) { ServletRequestContext src = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); return src.getCurrentServlet().getManagedServlet().getServletInfo().getServletClass().equals(WSFServlet.class); }
public ServletChain(final ServletChain other, String pattern, MappingMatch mappingMatch) { this(other.getHandler(), other.getManagedServlet(), other.getServletPath(), other.isDefaultServletMapping(), mappingMatch, pattern, other.filters, false); }
static SecurityIdentity mapIdentity(SecurityIdentity securityIdentity, SecurityDomain securityDomain, HttpServerExchange exchange, Function<String, RunAsIdentityMetaData> runAsMapper) { final ServletChain servlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet(); RunAsIdentityMetaData runAsMetaData = runAsMapper.apply(servlet.getManagedServlet().getServletInfo().getName()); return performMapping(securityIdentity, securityDomain, runAsMetaData); }
@Override public Servlet getServlet(final String name) throws ServletException { return deployment.getServletPaths().getServletHandlerByName(name).getManagedServlet().getServlet().getInstance(); }
@Override public void setCharacterEncoding(final String env) throws UnsupportedEncodingException { if (readStarted) { return; } try { characterEncoding = Charset.forName(env); final ManagedServlet originalServlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getOriginalServletPathMatch().getServletChain().getManagedServlet(); final FormDataParser parser = originalServlet.getFormParserFactory().createParser(exchange); if (parser != null) { parser.setCharacterEncoding(env); } } catch (UnsupportedCharsetException e) { throw new UnsupportedEncodingException(); } }
@Override public String readAttribute(final HttpServerExchange exchange) { ServletRequestContext src = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); return src.getCurrentServlet().getManagedServlet().getServletInfo().getName(); }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { ServletRequestContext context = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletInfo servletInfo = context.getCurrentServlet().getManagedServlet().getServletInfo(); MetricsHandler handler = servletHandlers.get(servletInfo.getName()); if(handler != null) { handler.handleRequest(exchange); } else { next.handleRequest(exchange); } } }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { ServletRequestContext context = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletInfo servletInfo = context.getCurrentServlet().getManagedServlet().getServletInfo(); MetricsHandler handler = servletHandlers.get(servletInfo.getName()); if(handler != null) { handler.handleRequest(exchange); } else { next.handleRequest(exchange); } } }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { ServletRequestContext context = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletInfo servletInfo = context.getCurrentServlet().getManagedServlet().getServletInfo(); MetricsHandler handler = servletHandlers.get(servletInfo.getName()); if(handler != null) { handler.handleRequest(exchange); } else { next.handleRequest(exchange); } } }
private FormData parseFormData() { if(formParsingException != null) { throw formParsingException; } if (parsedFormData == null) { if (readStarted) { return null; } final ManagedServlet originalServlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet().getManagedServlet(); final FormDataParser parser = originalServlet.getFormParserFactory().createParser(exchange); if (parser == null) { return null; } readStarted = true; try { return parsedFormData = parser.parseBlocking(); } catch (RequestTooBigException | MultiPartParserDefinition.FileTooLargeException e) { throw formParsingException = new IllegalStateException(e); } catch (RuntimeException e) { throw formParsingException = e; } catch (IOException e) { throw formParsingException = new RuntimeException(e); } } return parsedFormData; }
private void verifyMultipartServlet() { ServletRequestContext src = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); MultipartConfigElement multipart = src.getServletPathMatch().getServletChain().getManagedServlet().getMultipartConfig(); if(multipart == null) { throw UndertowServletMessages.MESSAGES.multipartConfigNotPresent(); } }
private void loadParts() throws IOException, ServletException { final ServletRequestContext requestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); if (parts == null) { final List<Part> parts = new ArrayList<>(); String mimeType = exchange.getRequestHeaders().getFirst(Headers.CONTENT_TYPE); if (mimeType != null && mimeType.startsWith(MultiPartParserDefinition.MULTIPART_FORM_DATA)) { FormData formData = parseFormData(); if(formData != null) { for (final String namedPart : formData) { for (FormData.FormValue part : formData.get(namedPart)) { parts.add(new PartImpl(namedPart, part, requestContext.getOriginalServletPathMatch().getServletChain().getManagedServlet().getMultipartConfig(), servletContext, this)); } } } } else { throw UndertowServletMessages.MESSAGES.notAMultiPartRequest(); } this.parts = parts; } }
@Override public boolean isUserInRole(final String role) { if (role == null) { return false; } //according to the servlet spec this aways returns false if (role.equals("*")) { return false; } SecurityContext sc = exchange.getSecurityContext(); Account account = sc.getAuthenticatedAccount(); if (account == null) { return false; } ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); if (role.equals("**")) { Set<String> roles = servletRequestContext.getDeployment().getDeploymentInfo().getSecurityRoles(); if (!roles.contains("**")) { return true; } } final ServletChain servlet = servletRequestContext.getCurrentServlet(); final Deployment deployment = servletContext.getDeployment(); final AuthorizationManager authorizationManager = deployment.getDeploymentInfo().getAuthorizationManager(); return authorizationManager.isUserInRole(role, account, servlet.getManagedServlet().getServletInfo(), this, deployment); }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { SecurityContext sc = exchange.getAttachment(UndertowSecurityAttachments.SECURITY_CONTEXT_ATTACHMENT); RunAsIdentityMetaData identity = null; RunAs old = null; try { final ServletChain servlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet(); identity = runAsIdentityMetaDataMap.get(servlet.getManagedServlet().getServletInfo().getName()); RunAsIdentity runAsIdentity = null; if (identity != null) { UndertowLogger.ROOT_LOGGER.tracef("%s, runAs: %s", servlet.getManagedServlet().getServletInfo().getName(), identity); runAsIdentity = new RunAsIdentity(identity.getRoleName(), identity.getPrincipalName(), identity.getRunAsRoles()); } old = SecurityActions.setRunAsIdentity(runAsIdentity, sc); // Perform the request next.handleRequest(exchange); } finally { if (identity != null) { SecurityActions.setRunAsIdentity(old, sc); } } }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { SecurityContext sc = exchange.getAttachment(UndertowSecurityAttachments.SECURITY_CONTEXT_ATTACHMENT); RunAsIdentityMetaData identity = null; RunAs old = null; try { final ServletChain servlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet(); identity = runAsIdentityMetaDataMap.get(servlet.getManagedServlet().getServletInfo().getName()); RunAsIdentity runAsIdentity = null; if (identity != null) { UndertowLogger.ROOT_LOGGER.tracef("%s, runAs: %s", servlet.getManagedServlet().getServletInfo().getName(), identity); runAsIdentity = new RunAsIdentity(identity.getRoleName(), identity.getPrincipalName(), identity.getRunAsRoles()); } old = SecurityActions.setRunAsIdentity(runAsIdentity, sc); // Perform the request next.handleRequest(exchange); } finally { if (identity != null) { SecurityActions.setRunAsIdentity(old, sc); } } }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletRequest request = servletRequestContext.getServletRequest(); if (request.getDispatcherType() == DispatcherType.REQUEST) { List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains(); SecurityContext sc = exchange.getSecurityContext(); if (!authorizationManager.canAccessResource(constraints, sc.getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) { HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse(); response.sendError(StatusCodes.FORBIDDEN); return; } } next.handleRequest(exchange); }
public void doErrorDispatch(int sc, String error) throws IOException { writer = null; responseState = ResponseState.NONE; resetBuffer(); treatAsCommitted = false; final String location = servletContext.getDeployment().getErrorPages().getErrorLocation(sc); if (location != null) { RequestDispatcherImpl requestDispatcher = new RequestDispatcherImpl(location, servletContext); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); try { requestDispatcher.error(servletRequestContext, servletRequestContext.getServletRequest(), servletRequestContext.getServletResponse(), exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet().getManagedServlet().getServletInfo().getName(), error); } catch (ServletException e) { throw new RuntimeException(e); } } else if (error != null) { setContentType("text/html"); setCharacterEncoding("UTF-8"); if(servletContext.getDeployment().getDeploymentInfo().isEscapeErrorMessage()) { getWriter().write("<html><head><title>Error</title></head><body>" + escapeHtml(error) + "</body></html>"); } else { getWriter().write("<html><head><title>Error</title></head><body>" + error + "</body></html>"); } getWriter().close(); } responseDone(); }