congrats Icon
New! Announcing Tabnine Chat Beta
Learn More
Tabnine Logo
HttpMessageContext.getRequest
Code IndexAdd Tabnine to your IDE (free)

How to use
getRequest
method
in
javax.security.enterprise.authentication.mechanism.http.HttpMessageContext

Best Java code snippets using javax.security.enterprise.authentication.mechanism.http.HttpMessageContext.getRequest (Showing top 20 results out of 315)

origin: javaee-samples/javaee8-samples

/**
 * this function invoked using RememberMe.isRememberMeExpression EL
 * expression
 *
 * @param context
 * @return The remember me flag
 */
public Boolean isRememberMe(HttpMessageContext context) {
  return Boolean.valueOf(context.getRequest().getParameter("rememberme"));
}
origin: javaee-samples/javaee8-samples

/**
 * To extract the JWT from Authorization HTTP header
 *
 * @param context
 * @return The JWT access tokens
 */
private String extractToken(HttpMessageContext context) {
  String authorizationHeader = context.getRequest().getHeader(AUTHORIZATION_HEADER);
  if (authorizationHeader != null && authorizationHeader.startsWith(BEARER)) {
    String token = authorizationHeader.substring(BEARER.length(), authorizationHeader.length());
    return token;
  }
  return null;
}
origin: javax/javaee-web-api

@Override
public HttpServletRequest getRequest() {
  return getWrapped().getRequest();
}
origin: jboss/jboss-javaee-specs

@Override
public HttpServletRequest getRequest() {
  return getWrapped().getRequest();
}
origin: javax.security.enterprise/javax.security.enterprise-api

@Override
public HttpServletRequest getRequest() {
  return getWrapped().getRequest();
}
origin: jakarta.security.enterprise/jakarta.security.enterprise-api

@Override
public HttpServletRequest getRequest() {
  return getWrapped().getRequest();
}
origin: org.glassfish.soteria/javax.security.enterprise

private boolean isOnInitialProtectedURL(HttpMessageContext httpMessageContext) {
  return 
    httpMessageContext.isProtected() &&
    
    // When HttpServletRequest#authenticate is called, it counts as "mandated" authentication
    // which here means isProtected() is true. But we want to use HttpServletRequest#authenticate
    // to resume a dialog started by accessing a protected page, so therefore exclude it here.
    !httpMessageContext.isAuthenticationRequest() &&
    getSavedRequest(httpMessageContext.getRequest()) == null && 
    getSavedAuthentication(httpMessageContext.getRequest()) == null &&
        
    // Some servers consider the Servlet special URL "/j_security_check" as
    // a protected URL
    !httpMessageContext.getRequest().getRequestURI().endsWith("j_security_check");
}
origin: javaee/security-soteria

private boolean isOnProtectedURLWithStaleData(HttpMessageContext httpMessageContext) {
  return
    httpMessageContext.isProtected() && 
    
    // When HttpServletRequest#authenticate is called, it counts as "mandated" authentication
    // which here means isProtected() is true. But we want to use HttpServletRequest#authenticate
    // to resume a dialog started by accessing a protected page, so therefore exclude it here.
    !httpMessageContext.isAuthenticationRequest() &&
    getSavedRequest(httpMessageContext.getRequest()) != null &&
    getSavedAuthentication(httpMessageContext.getRequest()) == null &&
        // Some servers consider the Servlet special URL "/j_security_check" as
    // a protected URL
    !httpMessageContext.getRequest().getRequestURI().endsWith("j_security_check");
}
origin: org.glassfish.soteria/javax.security.enterprise

private boolean isOnProtectedURLWithStaleData(HttpMessageContext httpMessageContext) {
  return
    httpMessageContext.isProtected() && 
    
    // When HttpServletRequest#authenticate is called, it counts as "mandated" authentication
    // which here means isProtected() is true. But we want to use HttpServletRequest#authenticate
    // to resume a dialog started by accessing a protected page, so therefore exclude it here.
    !httpMessageContext.isAuthenticationRequest() &&
    getSavedRequest(httpMessageContext.getRequest()) != null &&
    getSavedAuthentication(httpMessageContext.getRequest()) == null &&
        // Some servers consider the Servlet special URL "/j_security_check" as
    // a protected URL
    !httpMessageContext.getRequest().getRequestURI().endsWith("j_security_check");
}
origin: javaee/security-soteria

private boolean isOnInitialProtectedURL(HttpMessageContext httpMessageContext) {
  return 
    httpMessageContext.isProtected() &&
    
    // When HttpServletRequest#authenticate is called, it counts as "mandated" authentication
    // which here means isProtected() is true. But we want to use HttpServletRequest#authenticate
    // to resume a dialog started by accessing a protected page, so therefore exclude it here.
    !httpMessageContext.isAuthenticationRequest() &&
    getSavedRequest(httpMessageContext.getRequest()) == null && 
    getSavedAuthentication(httpMessageContext.getRequest()) == null &&
        
    // Some servers consider the Servlet special URL "/j_security_check" as
    // a protected URL
    !httpMessageContext.getRequest().getRequestURI().endsWith("j_security_check");
}
origin: org.glassfish.soteria/javax.security.enterprise

private void tryClean(HttpMessageContext httpMessageContext) {
  
  // 1. Check if caller aborted earlier flow and does a new request to protected resource
  if (isOnProtectedURLWithStaleData(httpMessageContext)) {
    removeSavedRequest(httpMessageContext.getRequest());
    removeCallerInitiatedAuthentication(httpMessageContext.getRequest());
  }
  
  // 2. Check if caller aborted earlier flow and explicitly initiated a new authentication dialog 
  if (httpMessageContext.getAuthParameters().isNewAuthentication()) {
    saveCallerInitiatedAuthentication(httpMessageContext.getRequest());
    removeSavedRequest(httpMessageContext.getRequest());
    removeSavedAuthentication(httpMessageContext.getRequest());
  }
}
origin: javaee/security-soteria

private void tryClean(HttpMessageContext httpMessageContext) {
  
  // 1. Check if caller aborted earlier flow and does a new request to protected resource
  if (isOnProtectedURLWithStaleData(httpMessageContext)) {
    removeSavedRequest(httpMessageContext.getRequest());
    removeCallerInitiatedAuthentication(httpMessageContext.getRequest());
  }
  
  // 2. Check if caller aborted earlier flow and explicitly initiated a new authentication dialog 
  if (httpMessageContext.getAuthParameters().isNewAuthentication()) {
    saveCallerInitiatedAuthentication(httpMessageContext.getRequest());
    removeSavedRequest(httpMessageContext.getRequest());
    removeSavedAuthentication(httpMessageContext.getRequest());
  }
}
origin: javaee/security-soteria

private AuthenticationStatus processCallerInitiatedAuthentication(InvocationContext invocationContext, HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws Exception {
  // Try to authenticate with the next interceptor or actual authentication mechanism
  AuthenticationStatus authstatus;
  
  try {
    authstatus = (AuthenticationStatus) invocationContext.proceed();
  } catch (AuthException e) {
    authstatus = AuthenticationStatus.SEND_FAILURE;
  }
  
  if (authstatus == AuthenticationStatus.SUCCESS) {
    
    if (httpMessageContext.getCallerPrincipal() == null) {
      return AuthenticationStatus.SUCCESS;
    }
    
    // Actually authenticated now, so we remove the authentication dialog marker
    removeCallerInitiatedAuthentication(httpMessageContext.getRequest());
    
    // TODO: for some mechanisms, such as OAuth the caller would now likely be at an
    // application OAuth landing page, and should likely be returned to "some other" location
    // (e.g. the page from which a login link was clicked in say a top menu bar)
    //
    // Do we add support for this, e.g. via a watered down savedRequest (saving only a caller provided URL)
    // Or do we leave this as an application responsibility?
  }
  
  return authstatus;
}
origin: org.glassfish.soteria/javax.security.enterprise

private AuthenticationStatus processCallerInitiatedAuthentication(InvocationContext invocationContext, HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws Exception {
  // Try to authenticate with the next interceptor or actual authentication mechanism
  AuthenticationStatus authstatus;
  
  try {
    authstatus = (AuthenticationStatus) invocationContext.proceed();
  } catch (AuthException e) {
    authstatus = AuthenticationStatus.SEND_FAILURE;
  }
  
  if (authstatus == AuthenticationStatus.SUCCESS) {
    
    if (httpMessageContext.getCallerPrincipal() == null) {
      return AuthenticationStatus.SUCCESS;
    }
    
    // Actually authenticated now, so we remove the authentication dialog marker
    removeCallerInitiatedAuthentication(httpMessageContext.getRequest());
    
    // TODO: for some mechanisms, such as OAuth the caller would now likely be at an
    // application OAuth landing page, and should likely be returned to "some other" location
    // (e.g. the page from which a login link was clicked in say a top menu bar)
    //
    // Do we add support for this, e.g. via a watered down savedRequest (saving only a caller provided URL)
    // Or do we leave this as an application responsibility?
  }
  
  return authstatus;
}
origin: javaee/security-soteria

/**
 * Called in response to a {@link HttpServletRequest#logout()} call.
 *
 */
@Override
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
  HttpMessageContext msgContext = new HttpMessageContextImpl(handler, messageInfo, subject);
  
  CDI.current()
    .select(HttpAuthenticationMechanism.class).get()
    .cleanSubject(msgContext.getRequest(), msgContext.getResponse(), msgContext);
}
origin: org.glassfish.soteria/javax.security.enterprise

/**
 * Called in response to a {@link HttpServletRequest#logout()} call.
 *
 */
@Override
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
  HttpMessageContext msgContext = new HttpMessageContextImpl(handler, messageInfo, subject);
  
  CDI.current()
    .select(HttpAuthenticationMechanism.class).get()
    .cleanSubject(msgContext.getRequest(), msgContext.getResponse(), msgContext);
}
origin: javaee/security-soteria

@SuppressWarnings("unchecked")
@AroundInvoke
public Object intercept(InvocationContext invocationContext) throws Exception {
  
  if (isImplementationOf(invocationContext.getMethod(), validateRequestMethod)) {
    
    HttpMessageContext httpMessageContext = (HttpMessageContext)invocationContext.getParameters()[2];
    
    Principal userPrincipal = getPrincipal(httpMessageContext.getRequest());
    
    if (userPrincipal != null) {
      
      httpMessageContext.getHandler().handle(new Callback[] { 
        new CallerPrincipalCallback(httpMessageContext.getClientSubject(), userPrincipal) }
      );
                 return SUCCESS;
    }
    
    Object outcome = invocationContext.proceed();
    
    if (SUCCESS.equals(outcome)) {
      httpMessageContext.getMessageInfo().getMap().put("javax.servlet.http.registerSession", TRUE.toString());
    }
    
    return outcome;
  }
  
  return invocationContext.proceed();
}
origin: org.glassfish.soteria/javax.security.enterprise

@SuppressWarnings("unchecked")
@AroundInvoke
public Object intercept(InvocationContext invocationContext) throws Exception {
  
  if (isImplementationOf(invocationContext.getMethod(), validateRequestMethod)) {
    
    HttpMessageContext httpMessageContext = (HttpMessageContext)invocationContext.getParameters()[2];
    
    Principal userPrincipal = getPrincipal(httpMessageContext.getRequest());
    
    if (userPrincipal != null) {
      
      httpMessageContext.getHandler().handle(new Callback[] { 
        new CallerPrincipalCallback(httpMessageContext.getClientSubject(), userPrincipal) }
      );
                 return SUCCESS;
    }
    
    Object outcome = invocationContext.proceed();
    
    if (SUCCESS.equals(outcome)) {
      httpMessageContext.getMessageInfo().getMap().put("javax.servlet.http.registerSession", TRUE.toString());
    }
    
    return outcome;
  }
  
  return invocationContext.proceed();
}
origin: org.glassfish.soteria/javax.security.enterprise

@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
  HttpMessageContext msgContext = new HttpMessageContextImpl(handler, messageInfo, null);
  try {
    AuthenticationStatus status = CDI.current()
                     .select(HttpAuthenticationMechanism.class).get()
                     .secureResponse(
                       msgContext.getRequest(), 
                       msgContext.getResponse(), 
                       msgContext);
    AuthStatus authStatus = fromAuthenticationStatus(status);
    if (authStatus == AuthStatus.SUCCESS) {
      return AuthStatus.SEND_SUCCESS;
    }
    return authStatus;
  } catch (AuthenticationException e) {
    throw (AuthException) new AuthException("Secure response failure in HttpAuthenticationMechanism").initCause(e);
  } finally {
    if (cdiPerRequestInitializer != null) {
      cdiPerRequestInitializer.destroy(msgContext.getRequest());
    }
  }
}
origin: javaee/security-soteria

@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
  HttpMessageContext msgContext = new HttpMessageContextImpl(handler, messageInfo, null);
  try {
    AuthenticationStatus status = CDI.current()
                     .select(HttpAuthenticationMechanism.class).get()
                     .secureResponse(
                       msgContext.getRequest(), 
                       msgContext.getResponse(), 
                       msgContext);
    AuthStatus authStatus = fromAuthenticationStatus(status);
    if (authStatus == AuthStatus.SUCCESS) {
      return AuthStatus.SEND_SUCCESS;
    }
    return authStatus;
  } catch (AuthenticationException e) {
    throw (AuthException) new AuthException("Secure response failure in HttpAuthenticationMechanism").initCause(e);
  } finally {
    if (cdiPerRequestInitializer != null) {
      cdiPerRequestInitializer.destroy(msgContext.getRequest());
    }
  }
}
javax.security.enterprise.authentication.mechanism.httpHttpMessageContextgetRequest

Javadoc

Returns the request object associated with the current request.

Popular methods of HttpMessageContext

  • doNothing
    Instructs the container to "do nothing". When intending to do nothing, a JSR 375 authentication mech
  • getResponse
    Returns the response object associated with the current request.
  • isProtected
    Checks if the currently requested resource is protected or not. A protected resource is a resource (
  • notifyContainerAboutLogin
    Convenience method intended to pass the CredentialValidationResult result of an identity store direc
  • responseUnauthorized
    Sets the response status to 401 (unauthorized). As a convenience this method returns SEND_FAILURE, s
  • forward
    Forwards to another resource (servlet, JSP file, or HTML file) on the server. As a convenience this
  • getAuthParameters
    Returns the parameters that were provided with the SecurityContext#authenticate(AuthParameters) call
  • getCallerPrincipal
    Gets the Principal set by a call to notifyContainerAboutLogin().
  • getClientSubject
    Returns the subject for which authentication is to take place.Note: This is a low level object that
  • getGroups
    Gets the groups set by a call to notifyContainerAboutLogin().
  • getHandler
    Returns the low level JSR 196 handler that the runtime provided when creating this HttpMessageContex
  • getMessageInfo
    Returns the the low level JSR 196 message info instance for the current request.Note: This is a low
  • getHandler,
  • getMessageInfo,
  • isAuthenticationRequest,
  • redirect,
  • withRequest,
  • cleanClientSubject,
  • isRegisterSession,
  • responseNotFound,
  • setRegisterSession

Popular in Java

  • Parsing JSON documents to java classes using gson
  • scheduleAtFixedRate (Timer)
  • getResourceAsStream (ClassLoader)
  • startActivity (Activity)
  • GridLayout (java.awt)
    The GridLayout class is a layout manager that lays out a container's components in a rectangular gri
  • Rectangle (java.awt)
    A Rectangle specifies an area in a coordinate space that is enclosed by the Rectangle object's top-
  • EOFException (java.io)
    Thrown when a program encounters the end of a file or stream during an input operation.
  • Selector (java.nio.channels)
    A controller for the selection of SelectableChannel objects. Selectable channels can be registered w
  • Date (java.util)
    A specific moment in time, with millisecond precision. Values typically come from System#currentTime
  • Manifest (java.util.jar)
    The Manifest class is used to obtain attribute information for a JarFile and its entries.
  • From CI to AI: The AI layer in your organization
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now