源码类别
热门源码
 当前位置:源码 > Java源码 >

Java源码示例:org.springframework.security.web.firewall.FirewalledRequest

示例1
private ResponseEntity<ModelMap> error(Exception exception, HttpServletRequest req, ModelMap model) {
    String url = req.getRequestURL().toString();

    // для "not found" запросов вытаскиваем доп инфо
    if (req instanceof SecurityContextHolderAwareRequestWrapper) {
        ServletRequest request = ((SecurityContextHolderAwareRequestWrapper) req).getRequest();
        if (request instanceof FirewalledRequest) {
            ServletRequest request2 = ((FirewalledRequest) request).getRequest();
            if (request2 instanceof Request) {
                url = String.format("%s [%s]",
                        url, ((Request)request2).getOriginalURI());
            }
        }
    }

    ModelAndView view = ticket.get(url, exception);
    model.mergeAttributes(view.getModel());

    return new ResponseEntity<>(model,
            HttpStatus.INTERNAL_SERVER_ERROR);
}
示例2
private String error(Exception exception, HttpServletRequest req, ModelMap model) {
    String url = req.getRequestURL().toString();

    // для "not found" запросов вытаскиваем доп инфо
    if (req instanceof SecurityContextHolderAwareRequestWrapper) {
        ServletRequest request = ((SecurityContextHolderAwareRequestWrapper) req).getRequest();
        if (request instanceof FirewalledRequest) {
            ServletRequest request2 = ((FirewalledRequest) request).getRequest();
            if (request2 instanceof Request) {
                url = String.format("%s [%s]",
                        url, ((Request)request2).getOriginalURI());
            }
        }
    }

    ModelAndView view = ticket.get(url, exception);
    model.mergeAttributes(view.getModel());

    return view.getViewName();
}
示例3
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
        throws IOException, ServletException {

    if (request instanceof FirewalledRequest) {
        boolean isMustChangePassword =
                SecurityContextHolder.getContext().getAuthentication().getAuthorities().stream().anyMatch(
                        authority -> IdRepoEntitlement.MUST_CHANGE_PASSWORD.equals(authority.getAuthority()));

        FirewalledRequest wrappedRequest = FirewalledRequest.class.cast(request);
        if (isMustChangePassword && !"POST".equalsIgnoreCase(wrappedRequest.getMethod())
                && !"/users/self/changePassword".equals(wrappedRequest.getPathInfo())) {

            throw new AccessDeniedException("Please change your password first");
        }
    }

    chain.doFilter(request, response);
}
示例4
@Override
public FirewalledRequest getFirewalledRequest(
	HttpServletRequest request) throws RequestRejectedException {
	return super.getFirewalledRequest(new PortalHttpServletRequest(request));
}