@Override public ServletRequestContext run() { return ServletRequestContext.current(); } };
public static ServletRequest getActiveRequest() { ServletRequestContext current; if(System.getSecurityManager() == null) { current = ServletRequestContext.current(); } else { current = AccessController.doPrivileged(CURRENT_CONTEXT); } if(current == null) { return null; } return current.getServletRequest(); } }
private void sessionDestroyedImpl(HttpSessionEvent se) { //we need to get the current account //there are two options here, we can look for the account in the current request //or we can look for the account that has been saved in the session //for maximum compatibility we do both ServletRequestContext src = ServletRequestContext.current(); Account requestAccount = null; if (src != null) { SecurityContext securityContext = src.getExchange().getSecurityContext(); if(securityContext != null) { requestAccount = securityContext.getAuthenticatedAccount(); if (requestAccount != null) { clearAccount(requestAccount); } } } if (se.getSession() instanceof HttpSessionImpl) { final HttpSessionImpl impl = (HttpSessionImpl) se.getSession(); Session session = impl.getSession(); if (session != null) { AuthenticatedSessionManager.AuthenticatedSession authenticatedSession = (AuthenticatedSessionManager.AuthenticatedSession) session.getAttribute(CachedAuthenticatedSessionHandler.class.getName() + ".AuthenticatedSession"); if(authenticatedSession != null) { Account sessionAccount = authenticatedSession.getAccount(); if (sessionAccount != null && !sessionAccount.equals(requestAccount)) { clearAccount(sessionAccount); } } } } }
@Override public boolean canAccessResource(List<SingleConstraintMatch> mappedConstraints, Account account, ServletInfo servletInfo, HttpServletRequest request, Deployment deployment) { ServletRequestContext src = ServletRequestContext.current(); boolean baseDecision = delegate.canAccessResource(mappedConstraints, account, servletInfo, request, deployment); boolean authzDecision = false;
@Override public ServletRequestContext run() { return ServletRequestContext.current(); } };
@Override public ServletRequestContext run() { return ServletRequestContext.current(); } });
@Override public ServletRequestContext run() { return ServletRequestContext.current(); } });
@Override public ServletRequestContext run() { return ServletRequestContext.current(); } });
@Override public ServletRequestContext run() { return ServletRequestContext.current(); } };
@Override public ServletRequestContext run() { return ServletRequestContext.current(); } });
static ServletRequestContext currentServletRequestContext() { if (System.getSecurityManager() == null) { return ServletRequestContext.current(); } else { return AccessController.doPrivileged(new PrivilegedAction<ServletRequestContext>() { @Override public ServletRequestContext run() { return ServletRequestContext.current(); } }); } }
static ServletRequestContext currentServletRequestContext() { if (System.getSecurityManager() == null) { return ServletRequestContext.current(); } else { return AccessController.doPrivileged(new PrivilegedAction<ServletRequestContext>() { @Override public ServletRequestContext run() { return ServletRequestContext.current(); } }); } }
static ServletRequestContext currentServletRequestContext() { if (System.getSecurityManager() == null) { return ServletRequestContext.current(); } else { return AccessController.doPrivileged(new PrivilegedAction<ServletRequestContext>() { @Override public ServletRequestContext run() { return ServletRequestContext.current(); } }); } }
static ServletRequestContext currentServletRequestContext() { if (System.getSecurityManager() == null) { return ServletRequestContext.current(); } else { return AccessController.doPrivileged(new PrivilegedAction<ServletRequestContext>() { @Override public ServletRequestContext run() { return ServletRequestContext.current(); } }); } }
public static ServletRequest getActiveRequest() { ServletRequestContext current; if(System.getSecurityManager() == null) { current = ServletRequestContext.current(); } else { current = AccessController.doPrivileged(CURRENT_CONTEXT); } if(current == null) { return null; } return current.getServletRequest(); } }
public static ServletRequest getActiveRequest() { ServletRequestContext current; if(System.getSecurityManager() == null) { current = ServletRequestContext.current(); } else { current = AccessController.doPrivileged(CURRENT_CONTEXT); } if(current == null) { return null; } return current.getServletRequest(); } }
@Override public T call(HttpServerExchange exchange, C context) throws Exception { if (exchange == null) { return action.call(null, context); } else { ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); final ServletRequestContext old = ServletRequestContext.current(); SecurityActions.setCurrentRequestContext(servletRequestContext); try { return action.call(exchange, context); } finally { ServletRequestContext.setCurrentRequestContext(old); } } } };
public static HttpSessionImpl forSession(final Session session, final ServletContext servletContext, final boolean newSession) { // forSession is called by privileged actions only so no need to do it again ServletRequestContext current = ServletRequestContext.current(); if (current == null) { return new HttpSessionImpl(session, servletContext, newSession, null); } else { HttpSessionImpl httpSession = current.getSession(); if (httpSession == null) { httpSession = new HttpSessionImpl(session, servletContext, newSession, current); current.setSession(httpSession); } else { if(httpSession.session != session) { //in some rare cases it may be that there are two different service contexts involved in the one request //in this case we just return a new session rather than using the thread local version httpSession = new HttpSessionImpl(session, servletContext, newSession, current); } } return httpSession; } }
public static HttpSession forConvergedSession(final Session session, final ServletContext servletContext, final boolean newSession, SessionManager manager) { // forSession is called by privileged actions only so no need to do it again ServletRequestContext current = ServletRequestContext.current(); if (current == null) { return new ConvergedHttpSessionFacade(HttpSessionImpl.forSession(session, servletContext, newSession), manager); } else { HttpSessionImpl httpSession = current.getSession(); if (httpSession == null) { httpSession = HttpSessionImpl.forSession(session, servletContext, newSession); current.setSession(httpSession); } else { if(httpSession.getSession() != session) { //in some rare cases it may be that there are two different service contexts involved in the one request //in this case we just return a new session rather than using the thread local version httpSession = HttpSessionImpl.forSession(session, servletContext, newSession); } } return new ConvergedHttpSessionFacade(httpSession, manager); } }
public static HttpSession forConvergedSession(final Session session, final ServletContext servletContext, final boolean newSession, SessionManager manager) { // forSession is called by privileged actions only so no need to do it again ServletRequestContext current = ServletRequestContext.current(); if (current == null) { return new ConvergedHttpSessionFacade(HttpSessionImpl.forSession(session, servletContext, newSession), manager); } else { HttpSessionImpl httpSession = current.getSession(); if (httpSession == null) { httpSession = HttpSessionImpl.forSession(session, servletContext, newSession); current.setSession(httpSession); } else { if(httpSession.getSession() != session) { //in some rare cases it may be that there are two different service contexts involved in the one request //in this case we just return a new session rather than using the thread local version httpSession = HttpSessionImpl.forSession(session, servletContext, newSession); } } return new ConvergedHttpSessionFacade(httpSession, manager); } }