@Override public void handleRequest(HttpServerExchange exchange) throws Exception { final String incomingSessionId = servletContext.getSessionConfig().findSessionId(exchange); if (incomingSessionId == null || !data.containsKey(incomingSessionId)) { next.handleRequest(exchange); return; } // we have some old data PersistentSession result = data.remove(incomingSessionId); if (result != null) { long time = System.currentTimeMillis(); if (time < result.getExpiration().getTime()) { final HttpSessionImpl session = servletContext.getSession(exchange, true); final HttpSessionEvent event = new HttpSessionEvent(session); for (Map.Entry<String, Object> entry : result.getSessionData().entrySet()) { if (entry.getValue() instanceof HttpSessionActivationListener) { ((HttpSessionActivationListener) entry.getValue()).sessionDidActivate(event); } if (entry.getKey().startsWith(HttpSessionImpl.IO_UNDERTOW)) { session.getSession().setAttribute(entry.getKey(), entry.getValue()); } else { session.setAttribute(entry.getKey(), entry.getValue()); } } } } next.handleRequest(exchange); }
@Override public void handleRequest(HttpServerExchange exchange) throws Exception { UndertowHttpFacade facade = new OIDCServletUndertowHttpFacade(exchange); final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); SessionManagementBridge bridge = new SessionManagementBridge( userSessionManagement, servletRequestContext.getDeployment().getSessionManager()); PreAuthActionsHandler handler = new PreAuthActionsHandler(bridge, deploymentContext, facade); if (handler.handleRequest()) return; next.handleRequest(exchange); }
@Override public void parse(HttpHandler handler) throws Exception { if (exchange.getAttachment(FORM_DATA) != null) { handler.handleRequest(exchange); return; } this.handler = handler; StreamSourceChannel channel = exchange.getRequestChannel(); if (channel == null) { throw new IOException(UndertowMessages.MESSAGES.requestChannelAlreadyProvided()); } else { doParse(channel); if (state != 4) { channel.getReadSetter().set(this); channel.resumeReads(); } else { exchange.dispatch(SameThreadExecutor.INSTANCE, handler); } } }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY); ServletRequest request = servletRequestContext.getServletRequest(); if (request.getDispatcherType() == DispatcherType.REQUEST) { List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains(); SecurityContext sc = exchange.getSecurityContext(); if (!authorizationManager.canAccessResource( constraints, sc.getAuthenticatedAccount(), servletRequestContext.getCurrentServlet().getManagedServlet().getServletInfo(), servletRequestContext.getOriginalRequest(), servletRequestContext.getDeployment())) { HttpServletResponse response = (HttpServletResponse) servletRequestContext.getServletResponse(); response.sendError(403); return; } } next.handleRequest(exchange); }
public void handleRequest(final HttpServerExchange exchange) throws Exception { final ProxyClient.ProxyTarget target = proxyClient.findTarget(exchange); if (target == null) { log.debugf("No proxy target for request to %s", exchange.getRequestURL()); next.handleRequest(exchange); return; } final long timeout = maxRequestTime > 0 ? System.currentTimeMillis() + maxRequestTime : 0; final ProxyClientHandler clientHandler = new ProxyClientHandler(exchange, target, timeout, maxConnectionRetries); if (timeout > 0) { final XnioExecutor.Key key = exchange .getIoThread() .executeAfter( new Runnable() { @Override public void run() { clientHandler.cancel(exchange); } }, maxRequestTime, TimeUnit.MILLISECONDS); exchange.putAttachment(TIMEOUT_KEY, key); exchange.addExchangeCompleteListener( new ExchangeCompletionListener() { @Override public void exchangeEvent(HttpServerExchange exchange, NextListener nextListener) { key.remove(); nextListener.proceed(); } }); } exchange.dispatch( exchange.isInIoThread() ? SameThreadExecutor.INSTANCE : exchange.getIoThread(), clientHandler); }
@Override public void handleRequest(HttpServerExchange exchange) throws Exception { HeaderMap requestHeaders = exchange.getRequestHeaders(); final String sessionId = requestHeaders.getFirst(SSL_SESSION_ID); if (sessionId != null) { final String cipher = requestHeaders.getFirst(SSL_CIPHER); String clientCert = requestHeaders.getFirst(SSL_CLIENT_CERT); // the proxy client replaces \n with ' ' if (clientCert != null && clientCert.length() > 28) { StringBuilder sb = new StringBuilder(clientCert.length() + 1); sb.append(Certificates.BEGIN_CERT); sb.append('\n'); sb.append( clientCert .replace(' ', '\n') .substring(28, clientCert.length() - 26)); // core certificate data sb.append('\n'); sb.append(Certificates.END_CERT); clientCert = sb.toString(); } try { SSLSessionInfo info = new BasicSSLSessionInfo(sessionId, cipher, clientCert); exchange.setRequestScheme(HTTPS); exchange.getConnection().setSslSessionInfo(info); exchange.addExchangeCompleteListener(CLEAR_SSL_LISTENER); } catch (java.security.cert.CertificateException e) { UndertowLogger.REQUEST_LOGGER.debugf( e, "Could not create certificate from header %s", clientCert); } catch (CertificateException e) { UndertowLogger.REQUEST_LOGGER.debugf( e, "Could not create certificate from header %s", clientCert); } } next.handleRequest(exchange); }
@Override public void handleRequest(final HttpServerExchange exchange) throws Exception { exchange.setRelativePath(CanonicalPathUtils.canonicalize(exchange.getRelativePath())); next.handleRequest(exchange); }