@Override public boolean isSecure() { if (securityContext == null) throw new UnsupportedOperationException(); return securityContext.isSecure(); }
@Override public boolean isSecure() { return containerRequestContext.getSecurityContext().isSecure(); }
@Override public boolean isSecure() { checkState(); return requestContext.getSecurityContext().isSecure(); }
@Override public boolean isSecure() { checkState(); return requestContext.getSecurityContext().isSecure(); }
/** * CORS response filter. Allow requests from anywhere. * Just echo back the contents of the Origin header. * Allow credentials if the transport layer is secure. */ @Override public void filter(ContainerRequestContext request, ContainerResponseContext response) throws IOException { String origin = request.getHeaderString("Origin"); // case insensitive MultivaluedMap<String, Object> headers = response.getHeaders(); headers.add("Access-Control-Allow-Origin", origin); boolean secureTransport = request.getSecurityContext().isSecure(); headers.add("Access-Control-Allow-Credentials", secureTransport); }
@Override public void filter(ContainerRequestContext containerRequest) throws WebApplicationException { // Get the authentication passed in HTTP headers parameters String auth = containerRequest.getHeaderString(HttpHeaders.AUTHORIZATION); if (auth != null) { if (auth.startsWith("Basic ") || auth.startsWith("basic ")) { if ( ! containerRequest.getSecurityContext().isSecure()) unencrypted(); auth = auth.replaceFirst("[Bb]asic ", ""); String[] split = new String(BaseEncoding.base64().decode(auth)).split(":", 2); if (split.length != 2) return; String user = split[0]; String pass = split[1]; if (pass.equals(passwords.get(user))) { containerRequest.setSecurityContext(makeSecurityContext(user, user)); } else { unauthenticated (user); } } } }
final boolean secure = securityContext != null && securityContext.isSecure();
@Override public void filter(ContainerRequestContext requestContext) throws IOException { final boolean secure = requestContext.getSecurityContext().isSecure(); final MultivaluedMap<String, String> headers = requestContext.getHeaders(); final Request grizzlyRequest = grizzlyRequestProvider.get();
@Override public boolean isSecure() { return securityContext.isSecure(); }
@Override public boolean isSecure() { checkState(); return requestContext.getSecurityContext().isSecure(); }
roles.add("ADMIN"); Authorizer authorizer = new Authorizer(roles, "admin", originalContext.isSecure()); requestContext.setSecurityContext(authorizer);
/** * HTTPS is the default transport for OAuth 2.0 services. * By default this method will issue a warning for open * endpoints */ protected void checkTransportSecurity() { if (!mc.getSecurityContext().isSecure()) { LOG.warning("Unsecure HTTP, HTTPS is recommended"); if (blockUnsecureRequests) { throw ExceptionUtils.toBadRequestException(null, null); } } }
@Override public boolean isSecure() { checkState(); return requestContext.getSecurityContext().isSecure(); }
@Override public boolean isSecure() { checkState(); return requestContext.getSecurityContext().isSecure(); }
@Override public void filter(ContainerRequestContext request) throws IOException { // if token is secure and connection is un-secure redirect to https if (!request.getSecurityContext().isSecure() && config.isSecure()) { URI location = UriBuilder.fromUri(request.getUriInfo().getRequestUri()).scheme("https").build(); throw new WebApplicationException(Response.status(Response.Status.MOVED_PERMANENTLY).location(location).build()); } }
@Override public boolean isSecure() { checkState(); return requestContext.getSecurityContext().isSecure(); }
private void checkSecurityContext() { SecurityContext sc = mc.getSecurityContext(); if (!sc.isSecure() && blockUnsecureRequests) { LOG.warning("Unsecure HTTP, Transport Layer Security is recommended"); ExceptionUtils.toNotAuthorizedException(null, null); } if (sc.getUserPrincipal() == null && blockUnauthorizedRequests) { LOG.warning("Authenticated Principal is not available"); ExceptionUtils.toNotAuthorizedException(null, null); } }
@GET @Path("/securebooks/{bookId}/") @Produces("application/xml") public Book getSecureBook(@PathParam("bookId") String id) throws BookNotFoundFault { if (!securityContext.isSecure()) { throw new WebApplicationException(Response.status(403).entity("Unsecure link").build()); } return doGetBook(id); }
private void checkSecurityContext() { SecurityContext sc = getMessageContext().getSecurityContext(); if (!sc.isSecure() && blockUnsecureRequests) { LOG.warning("Unsecure HTTP, Transport Layer Security is recommended"); AuthorizationUtils.throwAuthorizationFailure(supportedSchemes, realm); } if (sc.getUserPrincipal() == null && blockUnauthorizedRequests) { //TODO: check client certificates LOG.warning("Authenticated Principal is not available"); AuthorizationUtils.throwAuthorizationFailure(supportedSchemes, realm); } }