private GenericMessageInfo createMessageInfo(final HttpServerExchange exchange, final SecurityContext securityContext) { ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); GenericMessageInfo messageInfo = new GenericMessageInfo(); messageInfo.setRequestMessage(servletRequestContext.getServletRequest()); messageInfo.setResponseMessage(servletRequestContext.getServletResponse()); messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", isMandatory(servletRequestContext).toString()); // additional context data, useful to provide access to Undertow resources during the modules processing messageInfo.getMap().put(SECURITY_CONTEXT_ATTACHMENT_KEY, securityContext); messageInfo.getMap().put(HTTP_SERVER_EXCHANGE_ATTACHMENT_KEY, exchange); return messageInfo; }
/** * <p> * Builds the {@code MessageInfo} instance for the {@code cleanSubject()} call. * </p> * * @return the constructed {@code MessageInfo} object. */ private MessageInfo buildMessageInfo() { ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); GenericMessageInfo messageInfo = new GenericMessageInfo(); messageInfo.setRequestMessage(servletRequestContext.getServletRequest()); messageInfo.setResponseMessage(servletRequestContext.getServletResponse()); // when calling cleanSubject, isMandatory must be set to true. messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", "true"); return messageInfo; }
roles.addAll(account.getRoles()); authzDecision = helper.checkResourcePermission(contextMap, request, src.getServletResponse(), caller, PolicyContext.getContextID(), requestURI(src.getExchange()), roles);
HttpServletResponse getHttpServletResponse() { return (HttpServletResponse) servletRequestContext.getServletResponse(); }
/** * Extracts the HTTP servlet response from the HTTP server exchange. * * @param exchange the HTTP server exchange. * @return the HTTP servlet response. */ private static HttpServletResponse extractHttpServletResponse(HttpServerExchange exchange) { ServletRequestContext context = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); return (HttpServletResponse) context.getServletResponse(); }
@Override public OutputStream getOutputStream() { ServletResponse response = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletResponse(); try { return response.getOutputStream(); } catch (IOException e) { throw new RuntimeException(e); } }
public ServletHttpFacade(HttpServerExchange exchange) { super(exchange); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); request = (HttpServletRequest)servletRequestContext.getServletRequest(); response = (HttpServletResponse)servletRequestContext.getServletResponse(); }
public ServletHttpFacade(HttpServerExchange exchange) { super(exchange); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); request = (HttpServletRequest)servletRequestContext.getServletRequest(); response = (HttpServletResponse)servletRequestContext.getServletResponse(); }
private void dispatchRequest(final HttpServerExchange exchange, final ServletRequestContext servletRequestContext, final ServletChain servletChain, final DispatcherType dispatcherType) throws Exception { HttpHandler next=null; try{ //lets get access of superclass private fields using reflection: Field nextField = ServletInitialHandler.class.getDeclaredField("next"); nextField.setAccessible(true); next = (HttpHandler)nextField.get(this); nextField.setAccessible(false); }catch(NoSuchFieldException | IllegalAccessException e){ throw new ServletException(e); } servletRequestContext.setDispatcherType(dispatcherType); servletRequestContext.setCurrentServlet(servletChain); if (dispatcherType == DispatcherType.REQUEST || dispatcherType == DispatcherType.ASYNC) { super.handleFirstRequest(exchange, servletChain, servletRequestContext, servletRequestContext.getServletRequest(), servletRequestContext.getServletResponse()); } else { next.handleRequest(exchange); } }
@Override public Sender getSender() { try { return new BlockingSenderImpl(exchange, getOutputStream()); } catch (IllegalStateException e) { ServletResponse response = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletResponse(); try { return new BlockingWriterSenderImpl(exchange, response.getWriter(), response.getCharacterEncoding()); } catch (IOException e1) { throw new RuntimeException(e1); } } }
private GenericMessageInfo createMessageInfo(final HttpServerExchange exchange, final SecurityContext securityContext) { ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); GenericMessageInfo messageInfo = new GenericMessageInfo(); messageInfo.setRequestMessage(servletRequestContext.getServletRequest()); messageInfo.setResponseMessage(servletRequestContext.getServletResponse()); messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", isMandatory(servletRequestContext).toString()); // additional context data, useful to provide access to Undertow resources during the modules processing messageInfo.getMap().put(SECURITY_CONTEXT_ATTACHMENT_KEY, securityContext); messageInfo.getMap().put(HTTP_SERVER_EXCHANGE_ATTACHMENT_KEY, exchange); return messageInfo; }
private GenericMessageInfo createMessageInfo(final HttpServerExchange exchange, final SecurityContext securityContext) { ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); GenericMessageInfo messageInfo = new GenericMessageInfo(); messageInfo.setRequestMessage(servletRequestContext.getServletRequest()); messageInfo.setResponseMessage(servletRequestContext.getServletResponse()); messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", isMandatory(servletRequestContext).toString()); // additional context data, useful to provide access to Undertow resources during the modules processing messageInfo.getMap().put(SECURITY_CONTEXT_ATTACHMENT_KEY, securityContext); messageInfo.getMap().put(HTTP_SERVER_EXCHANGE_ATTACHMENT_KEY, exchange); return messageInfo; }
private AuthenticationMechanismOutcome handleSAMLResponse(HttpServerExchange exchange, SecurityContext securityContext) throws IOException { ServletRequestContext request = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest httpServletRequest = (HttpServletRequest) request.getServletRequest(); HttpServletResponse response = (HttpServletResponse) request.getServletResponse(); String samlVersion = getSAMLVersion(httpServletRequest); if (!JBossSAMLConstants.VERSION_2_0.get().equals(samlVersion)) { return handleSAML11UnsolicitedResponse(httpServletRequest, response, securityContext); } return handleSAML2Response(exchange, securityContext); }
private AuthenticationMechanismOutcome handleSAMLResponse(HttpServerExchange exchange, SecurityContext securityContext) throws IOException { ServletRequestContext request = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); HttpServletRequest httpServletRequest = (HttpServletRequest) request.getServletRequest(); HttpServletResponse response = (HttpServletResponse) request.getServletResponse(); String samlVersion = getSAMLVersion(httpServletRequest); if (!JBossSAMLConstants.VERSION_2_0.get().equals(samlVersion)) { return handleSAML11UnsolicitedResponse(httpServletRequest, response, securityContext); } return handleSAML2Response(exchange, securityContext); }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletRequest request = servletRequestContext.getServletRequest(); ServletResponse response = servletRequestContext.getServletResponse(); DispatcherType dispatcher = servletRequestContext.getDispatcherType(); Boolean supported = asyncSupported.get(dispatcher); if(supported != null && ! supported) { servletRequestContext.setAsyncSupported(false); } final List<ManagedFilter> filters = this.filters.get(dispatcher); if(filters == null) { next.handleRequest(exchange); } else { final FilterChainImpl filterChain = new FilterChainImpl(exchange, filters, next, allowNonStandardWrappers); filterChain.doFilter(request, response); } }
/** * <p> * Builds the {@code MessageInfo} instance for the {@code cleanSubject()} call. * </p> * * @return the constructed {@code MessageInfo} object. */ private MessageInfo buildMessageInfo() { ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); GenericMessageInfo messageInfo = new GenericMessageInfo(); messageInfo.setRequestMessage(servletRequestContext.getServletRequest()); messageInfo.setResponseMessage(servletRequestContext.getServletResponse()); // when calling cleanSubject, isMandatory must be set to true. messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", "true"); return messageInfo; }
/** * <p> * Builds the {@code MessageInfo} instance for the {@code cleanSubject()} call. * </p> * * @return the constructed {@code MessageInfo} object. */ private MessageInfo buildMessageInfo() { ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); GenericMessageInfo messageInfo = new GenericMessageInfo(); messageInfo.setRequestMessage(servletRequestContext.getServletRequest()); messageInfo.setResponseMessage(servletRequestContext.getServletResponse()); // when calling cleanSubject, isMandatory must be set to true. messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", "true"); return messageInfo; }
@Override public AsyncContext startAsync() throws IllegalStateException { if (!isAsyncSupported()) { throw UndertowServletMessages.MESSAGES.startAsyncNotAllowed(); } else if (asyncStarted) { throw UndertowServletMessages.MESSAGES.asyncAlreadyStarted(); } asyncStarted = true; final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); return asyncContext = new AsyncContextImpl(exchange, servletRequestContext.getServletRequest(), servletRequestContext.getServletResponse(), servletRequestContext, false, asyncContext); }
@Override public void handleRequest(HttpServerExchange exchange) throws Exception { final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); final AuthorizationManager authorizationManager = servletRequestContext.getDeployment().getDeploymentInfo().getAuthorizationManager(); TransportGuaranteeType connectionGuarantee = servletRequestContext.getOriginalRequest().isSecure() ? TransportGuaranteeType.CONFIDENTIAL : TransportGuaranteeType.NONE; TransportGuaranteeType transportGuarantee = authorizationManager.transportGuarantee(connectionGuarantee, servletRequestContext.getTransportGuarenteeType(), servletRequestContext.getOriginalRequest()); servletRequestContext.setTransportGuarenteeType(transportGuarantee); if (TransportGuaranteeType.REJECTED == transportGuarantee) { HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse(); response.sendError(StatusCodes.FORBIDDEN); return; } super.handleRequest(exchange); }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletRequest request = servletRequestContext.getServletRequest(); if (request.getDispatcherType() == DispatcherType.REQUEST) { List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains(); SecurityContext sc = exchange.getSecurityContext(); if (!authorizationManager.canAccessResource(constraints, sc.getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) { HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse(); response.sendError(StatusCodes.FORBIDDEN); return; } } next.handleRequest(exchange); }