protected boolean isCredDelegationRequired(Message message) { return MessageUtils.getContextualBoolean(message, PROPERTY_REQUIRE_CRED_DELEGATION, credDelegation); }
protected String getResponseMessage() throws IOException { boolean b = MessageUtils.getContextualBoolean(this.outMessage, SET_REASON_PHRASE_NOT_NULL, SET_REASON_PHRASE); if (connection.getResponseMessage() == null && b) { //some http server like tomcat 8.5+ won't return the //reason phrase in response, return a informative value //to tell user no reason phrase in the response instead of null return "no reason phrase in the response"; } return connection.getResponseMessage(); } protected InputStream getPartialResponse() throws IOException {
private static String convertToAbsoluteUrlIfNeeded(String conduitName, String lastURL, String newURL, Message message) throws IOException { if (newURL != null && !newURL.startsWith("http")) { if (MessageUtils.getContextualBoolean(message, AUTO_REDIRECT_ALLOW_REL_URI)) { return URI.create(lastURL).resolve(newURL).toString(); } String msg = "Relative Redirect detected on Conduit '" + conduitName + "' on '" + newURL + "'"; LOG.log(Level.INFO, msg); throw new IOException(msg); } return newURL; }
/** * This procedure sets the URLConnection request properties * from the PROTOCOL_HEADERS in the message. */ private void transferProtocolHeadersToURLConnection(URLConnection connection) { boolean addHeaders = MessageUtils.getContextualBoolean(message, ADD_HEADERS_PROPERTY, false); for (Map.Entry<String, List<String>> entry : headers.entrySet()) { String header = entry.getKey(); if (HttpHeaderHelper.CONTENT_TYPE.equalsIgnoreCase(header)) { continue; } List<String> headerList = entry.getValue(); if (addHeaders || HttpHeaderHelper.COOKIE.equalsIgnoreCase(header)) { headerList.forEach(s -> connection.addRequestProperty(header, s)); } else { connection.setRequestProperty(header, String.join(",", headerList)); } } // make sure we don't add more than one User-Agent header if (connection.getRequestProperty("User-Agent") == null) { connection.addRequestProperty("User-Agent", USER_AGENT); } }
public void writeToMessageHeaders(Message message) { //Do we need to maintain a session? maintainSession = MessageUtils.getContextualBoolean(message, Message.MAINTAIN_SESSION, false); //If we have any cookies and we are maintaining sessions, then use them if (maintainSession && !sessionCookies.isEmpty()) { new Headers(message).writeSessionCookies(sessionCookies); } }
private static void checkAllowedRedirectUri(String conduitName, String lastURL, String newURL, Message message) throws IOException { if (newURL != null) { URI newUri = URI.create(newURL); if (MessageUtils.getContextualBoolean(message, AUTO_REDIRECT_SAME_HOST_ONLY)) { URI lastUri = URI.create(lastURL); // This can be further restricted to make sure newURL completely contains lastURL // though making sure the same HTTP scheme and host are preserved should be enough if (!newUri.getScheme().equals(lastUri.getScheme()) || !newUri.getHost().equals(lastUri.getHost())) { String msg = "Different HTTP Scheme or Host Redirect detected on Conduit '" + conduitName + "' on '" + newURL + "'"; LOG.log(Level.INFO, msg); throw new IOException(msg); } } String allowedRedirectURI = (String)message.getContextualProperty(AUTO_REDIRECT_ALLOWED_URI); if (allowedRedirectURI != null && !newURL.startsWith(allowedRedirectURI)) { String msg = "Forbidden Redirect URI " + newURL + "detected on Conduit '" + conduitName; LOG.log(Level.INFO, msg); throw new IOException(msg); } } }
private boolean doProcessResponse(Message message, int responseCode) { // 1. Not oneWay if (!isOneway(message.getExchange())) { return true; } // 2. Robust OneWays could have a fault return responseCode == 500 && MessageUtils.getContextualBoolean(message, Message.ROBUST_ONEWAY, false); }
boolean addHeaders = MessageUtils.getContextualBoolean(message, ADD_HEADERS_PROPERTY, false); for (Map.Entry<String, List<String>> entry : headers.entrySet()) { String header = entry.getKey();
public String getAuthorization(AuthorizationPolicy authPolicy, URI currentURI, Message message) { if (!HttpAuthHeader.AUTH_TYPE_NEGOTIATE.equals(authPolicy.getAuthorizationType())) { return null; } try { String spn = getCompleteServicePrincipalName(currentURI); boolean useKerberosOid = MessageUtils.getContextualBoolean(message, PROPERTY_USE_KERBEROS_OID); Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID); byte[] token = getToken(authPolicy, spn, oid, message); return HttpAuthHeader.AUTH_TYPE_NEGOTIATE + " " + Base64Utility.encode(token); } catch (LoginException | GSSException e) { throw new RuntimeException(e.getMessage(), e); } }
protected int doProcessResponseCode() throws IOException { Exchange exchange = outMessage.getExchange(); int rc = getResponseCode(); if (rc == -1) { LOG.warning("HTTP Response code appears to be corrupted"); } if (exchange != null) { exchange.put(Message.RESPONSE_CODE, rc); if (rc == 404 || rc == 503) { exchange.put("org.apache.cxf.transport.service_not_available", true); } } // "org.apache.cxf.transport.no_io_exceptions" property should be set in case the exceptions // should not be handled here; for example jax rs uses this // "org.apache.cxf.transport.process_fault_on_http_400" property should be set in case a // soap fault because of a HTTP 400 should be returned back to the client (SOAP 1.2 spec) if (rc >= 400 && rc != 500 && !MessageUtils.getContextualBoolean(outMessage, NO_IO_EXCEPTIONS) && (rc > 400 || !MessageUtils.getContextualBoolean(outMessage, PROCESS_FAULT_ON_HTTP_400))) { throw new HTTPException(rc, getResponseMessage(), url.toURL()); } return rc; }
.getContextualBoolean(ex.getInMessage(), PARTIAL_RESPONSE_SENT_PROPERTY, false); if ((cp == null) && uam.always() || decoupledEndpoints) { JaxwsServerHandler handler = new JaxwsServerHandler(null);
connection.setRequestMethod(httpRequestMethod); } catch (java.net.ProtocolException ex) { boolean b = MessageUtils.getContextualBoolean(message, HTTPURL_CONNECTION_METHOD_REFLECTION, DEFAULT_USE_REFLECTION);
&& MessageUtils.getContextualBoolean(exchange.getInMessage(), "jaxws.provider.interpretNullAsOneway", true) } catch (Fault f) { if (MessageUtils.getContextualBoolean(exchange.getInMessage(), COPY_SOAP_HEADERS_BY_FAULT, true)) { updateHeader(exchange, ctx);
public UriInfoImpl(Message m, MultivaluedMap<String, String> templateParams) { this.message = m; this.templateParams = templateParams; if (m != null) { this.stack = m.get(OperationResourceInfoStack.class); this.caseInsensitiveQueries = MessageUtils.getContextualBoolean(m, CASE_INSENSITIVE_QUERIES); this.queryValueIsCollection = MessageUtils.getContextualBoolean(m, PARSE_QUERY_VALUE_AS_COLLECTION); } }
if (message != null) { includeLocationOnly = MessageUtils .getContextualBoolean(message, "org.apache.cxf.wsa.metadata.wsdlLocationOnly", false);
updateResponseHeaders(inMessage); inMessage.put(Message.RESPONSE_CODE, responseCode); if (MessageUtils.getContextualBoolean(outMessage, SET_HTTP_RESPONSE_MESSAGE, false)) { inMessage.put(HTTP_RESPONSE_MESSAGE, getResponseMessage()); in = getPartialResponse(); if (in == null || !MessageUtils.getContextualBoolean(outMessage, Message.PROCESS_ONEWAY_RESPONSE, false)) {
public static boolean checkBooleanProperty(JoseHeaders headers, Properties props, Message m, String propertyName) { if (headers == null) { return false; } if (props.containsKey(propertyName)) { return PropertyUtils.isTrue(props.get(propertyName)); } return MessageUtils.getContextualBoolean(m, propertyName, false); }
public void setProperty(String prop, Object value) { if (prop.equals(org.apache.cxf.message.Message.class.getName())) { org.apache.cxf.message.Message m = (org.apache.cxf.message.Message)value; veventHandler = getValidationEventHandler(m, JAXBDataBinding.WRITER_VALIDATION_EVENT_HANDLER); if (veventHandler == null) { veventHandler = databinding.getValidationEventHandler(); } setEventHandler = MessageUtils.getContextualBoolean(m, JAXBDataBinding.SET_VALIDATION_EVENT_HANDLER, true); } }
public void writeToMessageHeaders(Message message) { //Do we need to maintain a session? maintainSession = MessageUtils.getContextualBoolean(message, Message.MAINTAIN_SESSION, false); //If we have any cookies and we are maintaining sessions, then use them if (maintainSession && !sessionCookies.isEmpty()) { new Headers(message).writeSessionCookies(sessionCookies); } }
protected void autoClose(Class<?> cls, boolean exception) { if (!entityBufferred && !JAXRSUtils.isStreamingOutType(cls) && (exception || MessageUtils.getContextualBoolean(outMessage, "response.stream.auto.close"))) { close(); } }