/**
* Mark Request that processed at primary node with attribute primaryIndicatorName
*
* @param request
* @throws IOException
*/
protected void createPrimaryIndicator(Request request) throws IOException {
String id = request.getRequestedSessionId();
if ((id != null) && (id.length() > 0)) {
Manager manager = request.getContext().getManager();
Session session = manager.findSession(id);
if (session instanceof ClusterSession) {
ClusterSession cses = (ClusterSession) session;
if (log.isDebugEnabled())
log.debug(
sm.getString(
"ReplicationValve.session.indicator",
request.getContext().getName(),
id,
primaryIndicatorName,
Boolean.valueOf(cses.isPrimarySession())));
request.setAttribute(
primaryIndicatorName, cses.isPrimarySession() ? Boolean.TRUE : Boolean.FALSE);
} else {
if (log.isDebugEnabled()) {
if (session != null) {
log.debug(
sm.getString("ReplicationValve.session.found", request.getContext().getName(), id));
} else {
log.debug(
sm.getString(
"ReplicationValve.session.invalid", request.getContext().getName(), id));
}
}
}
}
}
@Test
public final void testRequestUrlIgnorePatternIsSkippedIfPrimaryMemcachedNodeIsDown()
throws IOException, ServletException {
when(_memcachedNodesManager.isNodeAvailable(PRIMARY_NODE_IDENTIFIER)).thenReturn(false);
when(_request.getRequestedSessionId()).thenReturn(SESSION_ID);
_sessionTrackerValve.invoke(_request, _response);
verify(_request).setNote(RequestTrackingHostValve.REQUEST_PROCESS, Boolean.TRUE);
}
@Test
public final void testRequestFinishedShouldBeInvokedForIgnoredResources()
throws IOException, ServletException {
when(_request.getRequestedSessionId()).thenReturn("foo");
when(_request.getRequestURI()).thenReturn("/pixel.gif");
_sessionTrackerValve.invoke(_request, _response);
verify(_service).requestFinished(eq("foo"), anyString());
}
@Test
public final void testBackupSessionNotInvokedWhenNoSessionIdPresent()
throws IOException, ServletException {
when(_request.getRequestedSessionId()).thenReturn(null);
when(_response.getHeader(eq("Set-Cookie"))).thenReturn(null);
_sessionTrackerValve.invoke(_request, _response);
verify(_service, never()).backupSession(anyString(), anyBoolean(), anyString());
}
@Test
public final void testBackupSessionInvokedWhenResponseCookiePresent()
throws IOException, ServletException {
when(_request.getRequestedSessionId()).thenReturn(null);
final Cookie cookie = new Cookie(_sessionTrackerValve.getSessionCookieName(), "foo");
setupGetResponseSetCookieHeadersExpectations(
_response, new String[] {generateCookieString(cookie)});
_sessionTrackerValve.invoke(_request, _response);
verify(_service).backupSession(eq("foo"), eq(false), anyString());
}
@Test
public final void testChangeSessionIdForRelocatedSession() throws IOException, ServletException {
final String sessionId = "bar";
final String newSessionId = "newId";
when(_request.getNote(eq(RequestTrackingHostValve.SESSION_ID_CHANGED)))
.thenReturn(Boolean.TRUE);
when(_request.getRequestedSessionId()).thenReturn(sessionId);
final Cookie cookie = new Cookie(_sessionTrackerValve.getSessionCookieName(), newSessionId);
setupGetResponseSetCookieHeadersExpectations(
_response, new String[] {generateCookieString(cookie)});
_sessionTrackerValve.invoke(_request, _response);
verify(_service).backupSession(eq(newSessionId), eq(true), anyString());
}
/**
* Log the interesting request parameters, invoke the next Valve in the sequence, and log the
* interesting response parameters.
*
* @param request The servlet request to be processed
* @param response The servlet response to be created
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void invoke(Request request, Response response) throws IOException, ServletException {
Log log = container.getLogger();
// Log pre-service information
log.info("REQUEST URI =" + request.getRequestURI());
log.info(" authType=" + request.getAuthType());
log.info(" characterEncoding=" + request.getCharacterEncoding());
log.info(" contentLength=" + request.getContentLength());
log.info(" contentType=" + request.getContentType());
log.info(" contextPath=" + request.getContextPath());
Cookie cookies[] = request.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++)
log.info(" cookie=" + cookies[i].getName() + "=" + cookies[i].getValue());
}
Enumeration hnames = request.getHeaderNames();
while (hnames.hasMoreElements()) {
String hname = (String) hnames.nextElement();
Enumeration hvalues = request.getHeaders(hname);
while (hvalues.hasMoreElements()) {
String hvalue = (String) hvalues.nextElement();
log.info(" header=" + hname + "=" + hvalue);
}
}
log.info(" locale=" + request.getLocale());
log.info(" method=" + request.getMethod());
Enumeration pnames = request.getParameterNames();
while (pnames.hasMoreElements()) {
String pname = (String) pnames.nextElement();
String pvalues[] = request.getParameterValues(pname);
StringBuffer result = new StringBuffer(pname);
result.append('=');
for (int i = 0; i < pvalues.length; i++) {
if (i > 0) result.append(", ");
result.append(pvalues[i]);
}
log.info(" parameter=" + result.toString());
}
log.info(" pathInfo=" + request.getPathInfo());
log.info(" protocol=" + request.getProtocol());
log.info(" queryString=" + request.getQueryString());
log.info(" remoteAddr=" + request.getRemoteAddr());
log.info(" remoteHost=" + request.getRemoteHost());
log.info(" remoteUser="******"requestedSessionId=" + request.getRequestedSessionId());
log.info(" scheme=" + request.getScheme());
log.info(" serverName=" + request.getServerName());
log.info(" serverPort=" + request.getServerPort());
log.info(" servletPath=" + request.getServletPath());
log.info(" isSecure=" + request.isSecure());
log.info("---------------------------------------------------------------");
// Perform the request
getNext().invoke(request, response);
// Log post-service information
log.info("---------------------------------------------------------------");
log.info(" authType=" + request.getAuthType());
log.info(" contentLength=" + response.getContentLength());
log.info(" contentType=" + response.getContentType());
Cookie rcookies[] = response.getCookies();
for (int i = 0; i < rcookies.length; i++) {
log.info(
" cookie="
+ rcookies[i].getName()
+ "="
+ rcookies[i].getValue()
+ "; domain="
+ rcookies[i].getDomain()
+ "; path="
+ rcookies[i].getPath());
}
String rhnames[] = response.getHeaderNames();
for (int i = 0; i < rhnames.length; i++) {
String rhvalues[] = response.getHeaderValues(rhnames[i]);
for (int j = 0; j < rhvalues.length; j++)
log.info(" header=" + rhnames[i] + "=" + rhvalues[j]);
}
log.info(" message=" + response.getMessage());
log.info(" remoteUser="******" status=" + response.getStatus());
log.info("===============================================================");
}
/**
* Enforce any user data constraint required by the security constraint guarding this request URI.
* Return <code>true</code> if this constraint was not violated and processing should continue, or
* <code>false</code> if we have created a response already.
*
* @param request Request we are processing
* @param response Response we are creating
* @param constraints Security constraint being checked
* @exception IOException if an input/output error occurs
*/
@Override
public boolean hasUserDataPermission(
Request request, Response response, SecurityConstraint[] constraints) throws IOException {
// Is there a relevant user data constraint?
if (constraints == null || constraints.length == 0) {
if (log.isDebugEnabled()) log.debug(" No applicable security constraint defined");
return (true);
}
for (int i = 0; i < constraints.length; i++) {
SecurityConstraint constraint = constraints[i];
String userConstraint = constraint.getUserConstraint();
if (userConstraint == null) {
if (log.isDebugEnabled()) log.debug(" No applicable user data constraint defined");
return (true);
}
if (userConstraint.equals(Constants.NONE_TRANSPORT)) {
if (log.isDebugEnabled()) log.debug(" User data constraint has no restrictions");
return (true);
}
}
// Validate the request against the user data constraint
if (request.getRequest().isSecure()) {
if (log.isDebugEnabled()) log.debug(" User data constraint already satisfied");
return (true);
}
// Initialize variables we need to determine the appropriate action
int redirectPort = request.getConnector().getRedirectPort();
// Is redirecting disabled?
if (redirectPort <= 0) {
if (log.isDebugEnabled()) log.debug(" SSL redirect is disabled");
response.sendError(HttpServletResponse.SC_FORBIDDEN, request.getRequestURI());
return (false);
}
// Redirect to the corresponding SSL port
StringBuilder file = new StringBuilder();
String protocol = "https";
String host = request.getServerName();
// Protocol
file.append(protocol).append("://").append(host);
// Host with port
if (redirectPort != 443) {
file.append(":").append(redirectPort);
}
// URI
file.append(request.getRequestURI());
String requestedSessionId = request.getRequestedSessionId();
if ((requestedSessionId != null) && request.isRequestedSessionIdFromURL()) {
file.append(";");
file.append(SessionConfig.getSessionUriParamName(request.getContext()));
file.append("=");
file.append(requestedSessionId);
}
String queryString = request.getQueryString();
if (queryString != null) {
file.append('?');
file.append(queryString);
}
if (log.isDebugEnabled()) log.debug(" Redirecting to " + file.toString());
response.sendRedirect(file.toString());
return (false);
}
