protected Cookie toServletCookie(org.apache.commons.httpclient.Cookie commonsCookie) {

    Cookie cookie = new Cookie(commonsCookie.getName(), commonsCookie.getValue());

    String domain = commonsCookie.getDomain();

    if (Validator.isNotNull(domain)) {
      cookie.setDomain(domain);
    }

    Date expiryDate = commonsCookie.getExpiryDate();

    if (expiryDate != null) {
      int maxAge = (int) (expiryDate.getTime() - System.currentTimeMillis());

      maxAge = maxAge / 1000;

      if (maxAge > -1) {
        cookie.setMaxAge(maxAge);
      }
    }

    String path = commonsCookie.getPath();

    if (Validator.isNotNull(path)) {
      cookie.setPath(path);
    }

    cookie.setSecure(commonsCookie.getSecure());
    cookie.setVersion(commonsCookie.getVersion());

    return cookie;
  }
    /* ------------------------------------------------------------ */
    protected void onResponseHeader(Buffer name, Buffer value) throws IOException {
      super.onResponseHeader(name, value);
      if (HttpHeaders.CACHE.getOrdinal(name) == HttpHeaders.SET_COOKIE_ORDINAL) {
        String cname = null;
        String cvalue = null;

        QuotedStringTokenizer tok = new QuotedStringTokenizer(value.toString(), "=;", false, false);
        tok.setSingle(false);

        if (tok.hasMoreElements()) cname = tok.nextToken();
        if (tok.hasMoreElements()) cvalue = tok.nextToken();

        Cookie cookie = new Cookie(cname, cvalue);

        while (tok.hasMoreTokens()) {
          String token = tok.nextToken();
          if ("Version".equalsIgnoreCase(token))
            cookie.setVersion(Integer.parseInt(tok.nextToken()));
          else if ("Comment".equalsIgnoreCase(token)) cookie.setComment(tok.nextToken());
          else if ("Path".equalsIgnoreCase(token)) cookie.setPath(tok.nextToken());
          else if ("Domain".equalsIgnoreCase(token)) cookie.setDomain(tok.nextToken());
          else if ("Expires".equalsIgnoreCase(token)) {
            tok.nextToken();
            // TODO
          } else if ("Max-Age".equalsIgnoreCase(token)) {
            tok.nextToken();
            // TODO
          } else if ("Secure".equalsIgnoreCase(token)) cookie.setSecure(true);
        }

        BayeuxClient.this.setCookie(cookie);
      }
    }
Esempio n. 3
0
  public static void addCookie(
      HttpServletRequest request, HttpServletResponse response, Cookie cookie, boolean secure) {

    if (!_SESSION_ENABLE_PERSISTENT_COOKIES || _TCK_URL) {
      return;
    }

    // LEP-5175

    String name = cookie.getName();

    String originalValue = cookie.getValue();
    String encodedValue = originalValue;

    if (isEncodedCookie(name)) {
      encodedValue = UnicodeFormatter.bytesToHex(originalValue.getBytes());

      if (_log.isDebugEnabled()) {
        _log.debug("Add encoded cookie " + name);
        _log.debug("Original value " + originalValue);
        _log.debug("Hex encoded value " + encodedValue);
      }
    }

    cookie.setSecure(secure);
    cookie.setValue(encodedValue);
    cookie.setVersion(0);

    // Setting a cookie will cause the TCK to lose its ability to track
    // sessions

    response.addCookie(cookie);
  }
Esempio n. 4
0
  /**
   * Sets a cookie according to request parameters
   *
   * @param request
   * @param response
   */
  public void setCookie(HttpServletRequest request, HttpServletResponse response) {
    // Set obligatory cookie data
    final String cookieName = request.getParameter("name");
    final String cookieValue = request.getParameter("value");
    javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(cookieName, cookieValue);

    // Optional data is set only when given in request
    final String comment = request.getParameter("comment");
    if (comment != null) {
      cookie.setComment(comment);
    }
    final String domain = request.getParameter("domain");
    if (domain != null) {
      cookie.setDomain(domain);
    }
    final String maxAge = request.getParameter("max-age");
    if (maxAge != null) {
      cookie.setMaxAge(Integer.parseInt(maxAge));
    }
    final String path = request.getParameter("path");
    if (path != null) {
      cookie.setPath(path);
    }
    final String secure = request.getParameter("secure");
    if (secure != null) {
      cookie.setSecure(Boolean.parseBoolean(secure));
    }
    final String version = request.getParameter("cookie-version");
    if (version != null) {
      cookie.setVersion(Integer.parseInt(version));
    }

    response.addCookie(cookie);
  }
 @Override
 public Cookie deserialize(JsonParser jp, DeserializationContext ctxt)
     throws IOException, JsonProcessingException {
   ObjectMapper mapper = (ObjectMapper) jp.getCodec();
   JsonNode jsonNode = mapper.readTree(jp);
   Cookie cookie =
       new Cookie(
           readJsonNode(jsonNode, "name").asText(), readJsonNode(jsonNode, "value").asText());
   cookie.setComment(readJsonNode(jsonNode, "comment").asText());
   cookie.setDomain(readJsonNode(jsonNode, "domain").asText());
   cookie.setMaxAge(readJsonNode(jsonNode, "maxAge").asInt(-1));
   cookie.setSecure(readJsonNode(jsonNode, "secure").asBoolean());
   cookie.setVersion(readJsonNode(jsonNode, "version").asInt());
   cookie.setPath(readJsonNode(jsonNode, "path").asText());
   cookie.setHttpOnly(readJsonNode(jsonNode, "httpOnly").asBoolean());
   return cookie;
 }
  /**
   * Adds an IdP session cookie to the outbound response.
   *
   * @param httpRequest current request
   * @param httpResponse current response
   * @param userSession user's session
   */
  protected void addSessionCookie(
      HttpServletRequest httpRequest, HttpServletResponse httpResponse, Session userSession) {
    httpRequest.setAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE, userSession);

    byte[] remoteAddress = httpRequest.getRemoteAddr().getBytes();
    byte[] sessionId = userSession.getSessionID().getBytes();

    String signature = null;
    try {
      MessageDigest digester = MessageDigest.getInstance("SHA");
      digester.update(userSession.getSessionSecret());
      digester.update(remoteAddress);
      digester.update(sessionId);
      signature = Base64.encodeBytes(digester.digest());
    } catch (GeneralSecurityException e) {
      LOG.error("Unable to compute signature over session cookie material", e);
    }

    LOG.debug("Adding IdP session cookie to HTTP response");
    StringBuilder cookieValue = new StringBuilder();
    cookieValue.append(Base64.encodeBytes(remoteAddress, Base64.DONT_BREAK_LINES)).append("|");
    cookieValue.append(Base64.encodeBytes(sessionId, Base64.DONT_BREAK_LINES)).append("|");
    cookieValue.append(signature);

    String cookieDomain = HttpServletHelper.getCookieDomain(context);

    Cookie sessionCookie =
        new Cookie(IDP_SESSION_COOKIE_NAME, HTTPTransportUtils.urlEncode(cookieValue.toString()));
    sessionCookie.setVersion(1);
    if (cookieDomain != null) {
      sessionCookie.setDomain(cookieDomain);
    }
    sessionCookie.setPath(
        "".equals(httpRequest.getContextPath()) ? "/" : httpRequest.getContextPath());
    sessionCookie.setSecure(httpRequest.isSecure());
    httpResponse.addCookie(sessionCookie);
  }
Esempio n. 7
0
 @Override
 public void setVersion(final int version) {
   cookie.setVersion(version);
 }
 public void addCookie(String cookieName, String cookieValue, int age) {
   Cookie cookie = new Cookie(cookieName, cookieValue);
   cookie.setVersion(1);
   cookie.setMaxAge(age);
   this.response.addCookie(cookie);
 }
 /**
  * Sets the version of the cookie protocol this cookie complies with. Version 0 complies with the
  * original Netscape cookie specification. Version 1 complies with RFC 2109.
  *
  * <p>Since RFC 2109 is still somewhat new, consider version 1 as experimental; do not use it yet
  * on production sites.
  *
  * @param v 0 if the cookie should comply with the original Netscape specification; 1 if the
  *     cookie should comply with RFC 2109
  * @see #getVersion
  */
 @Override
 public void setVersion(int v) {
   wrappedCookie.setVersion(v);
 }
Esempio n. 10
0
 public void setVersion(int version) {
   cookie.setVersion(version);
 }