@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { HttpSession httpSession = (HttpSession) request.getHttpSession(); super.modifyHandshake(config, request, response); if (httpSession == null) { LOGGER.info("httpSession == null after modifyHandshake"); httpSession = (HttpSession) request.getHttpSession(); } if (httpSession == null) { LOGGER.info("httpSession == null"); return; } config.getUserProperties().put("httpSession", httpSession); httpSession = (HttpSession) request.getHttpSession(); LOGGER.info("modifyHandshake " + httpSession.getId()); }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { super.modifyHandshake(sec, request, response); if ( token == null || token.isEmpty() ) { Log.log(Level.FINEST, this, "No token set for room, skipping validation"); } else { Log.log(Level.FINEST, this, "Validating WS handshake"); SignedRequestHmac wsHmac = new SignedRequestHmac("", token, "", request.getRequestURI().getRawPath()); try { wsHmac.checkHeaders(new SignedRequestMap.MLS_StringMap(request.getHeaders())) .verifyFullSignature() .wsResignRequest(new SignedRequestMap.MLS_StringMap(response.getHeaders())); Log.log(Level.INFO, this, "validated and resigned", wsHmac); } catch(Exception e) { Log.log(Level.WARNING, this, "Failed to validate HMAC, unable to establish connection", e); response.getHeaders().replace(HandshakeResponse.SEC_WEBSOCKET_ACCEPT, Collections.emptyList()); } } }
@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { Map<String, List<String>> headers = request.getHeaders(); if (headers != null && headers.containsKey(WatcherSecurityKey.HTTP_HEADER)) { List<String> header = headers.get(WatcherSecurityKey.HTTP_HEADER); if (header.size() > 0) { config.getUserProperties().put(WatcherSecurityKey.HTTP_HEADER, header. get(0)); } } HttpSession httpSession = (HttpSession) request.getHttpSession(); String user = request.getUserPrincipal().getName(); config.getUserProperties().put("httpSession", httpSession); config.getUserProperties().put("user", user); logger.log(Level.INFO, "Hand shake for upgrade to websocket by: {0}", user); }
/** * Intercept the handshake operation so that we can take a hold of the * ServletContext instance to be able to retrieve attributes stored to it * such as the database object and other similar class instances * <p/> * @param config * @param request * @param response */ @Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { HttpSession httpSession = (HttpSession) request.getHttpSession(); ServletContext context = (ServletContext) httpSession.getServletContext(); config.getUserProperties().put("httpSession", httpSession); config.getUserProperties().put("user", request.getUserPrincipal().getName()); /* * store these attributes to servletContext so that they are available to * every created user socket session */ config.getUserProperties().put("protocol", context.getAttribute("protocol")); }
@Override public void afterResponse(HandshakeResponse hr) { super.afterResponse(hr); if( wsHmac != null ) { try { Log.log(Level.FINEST, drain, "Validating HMAC supplied for WS"); wsHmac.wsVerifySignature(new SignedRequestMap.MLS_StringMap(hr.getHeaders())); Log.log(Level.FINEST, drain, "Validating HMAC result is {0}", responseValid); } catch (Exception e) { Log.log(Level.FINEST, drain, "Failed to validate HMAC, unable to establish connection", e); } } else { Log.log(Level.INFO, drain, "No token supplied for room, skipping WS handshake validation"); responseValid = true; } }
@Override public Set<ServerEndpointConfig> getEndpointConfigs(Set<Class<? extends Endpoint>> set) { return new HashSet<ServerEndpointConfig>() {{ add(ServerEndpointConfig.Builder .create(MyEndpoint.class, "/websocket") .configurator(new ServerEndpointConfig.Configurator() { @Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { HttpSession session = (HttpSession)request.getHttpSession(); System.out.println("HttpSession id: " + session.getId()); System.out.println("HttpSession creation time: " + session.getCreationTime()); super.modifyHandshake(sec, request, response); } }) .build()); }}; }
public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { HttpServletRequest _request = (HttpServletRequest) GenericReflection.NoThrow.getValue(_HandshakeRequest, request); Request _requestFaced = (Request) GenericReflection.NoThrow.getValue(Core.requestField, _request); MimeHeaders mime = new MimeHeaders(); Enumeration<String> enuns = _requestFaced.getHeaderNames(); while(enuns.hasMoreElements()){ String param = (String) enuns.nextElement(); mime.addValue(param).setString(_requestFaced.getHeader(param)); } Map<String, Object> properties = config.getUserProperties(); properties.put("httpRequest", _request); properties.put("httpResponse", _request.getAttribute("httpResponse")); properties.put("httpSession", _request.getSession()); properties.put("context", _requestFaced.getContext()); properties.put("headers", mime); properties.put("remoteHost", _request.getRemoteHost()); properties.put("localPort", _request.getLocalPort()); properties.put("remoteAddr", _request.getRemoteAddr()); }
@Override public void afterResponse(HandshakeResponse hr) { Map<String, List<String>> headers = hr.getHeaders(); if (headers.containsKey(SEC_WEB_SOCKET_PROTOCOL_STRING.toLowerCase(Locale.ENGLISH))) { receivedSubProtocol = headers.get(SEC_WEB_SOCKET_PROTOCOL_STRING.toLowerCase(Locale.ENGLISH)).get(0); } else { receivedSubProtocol = null; } receiveLatch.countDown(); }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { HttpSession httpSession = (HttpSession) request.getHttpSession(); sec.getUserProperties().put(HttpSession.class.getName(), httpSession); }
@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { HttpSession httpSession = (HttpSession) request.getHttpSession(); if (null != httpSession) { config.getUserProperties().put(HttpSession.class.getName(), httpSession); } }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { System.out.println("modifyHandshake() Current thread " + Thread.currentThread().getName()); String user = request.getParameterMap().get("user").get(0); sec.getUserProperties().put(user, request.getHttpSession()); System.out.println("modifyHandshake() User " + user + " with http session ID " + ((HttpSession) request.getHttpSession()).getId()); }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { final HttpSession httpSession = (HttpSession) request.getHttpSession(); if (request.getUserPrincipal() == null) { return; } final SecurityContext securityCtx = new WebSocketSecurityContext(request); sec.getUserProperties().put(key(httpSession.getId()), securityCtx); }
@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { super.modifyHandshake(config, request, response); // Store tunnel request and tunnel request service for retrieval // upon WebSocket open Map<String, Object> userProperties = config.getUserProperties(); userProperties.clear(); userProperties.put(TUNNEL_REQUEST_PROPERTY, new WebSocketTunnelRequest(request)); userProperties.put(TUNNEL_REQUEST_SERVICE_PROPERTY, tunnelRequestServiceProvider.get()); }
@Override public void modifyHandshake(final ServerEndpointConfig config, final HandshakeRequest request, final HandshakeResponse response) { final HttpSession httpSession = (HttpSession) request.getHttpSession(); config.getUserProperties().put(HttpSession.class.getName(), httpSession); }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { final Principal principal = request.getUserPrincipal(); final Subject subject = SecurityActions.getSubject(); final Object credential = SecurityActions.getCredential(); sec.getUserProperties().put(WebsocketSecurityInterceptor.SESSION_PRINCIPAL, principal); sec.getUserProperties().put(WebsocketSecurityInterceptor.SESSION_SUBJECT, subject); sec.getUserProperties().put(WebsocketSecurityInterceptor.SESSION_CREDENTIAL, credential); }
@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { HttpSession session = (HttpSession) request.getHttpSession(); if (null != session) { config.getUserProperties().put("demo", 1L); } }
private Configurator createConfigurator() { return new Configurator() { @Override public void modifyHandshake( ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { super.modifyHandshake(sec, request, response); final HttpSession httpSession = (HttpSession) request.getHttpSession(); if (httpSession != null) { sec.getUserProperties().put(HTTP_SESSION_ATTRIBUTE, httpSession); } sec.getUserProperties().put(SECURITY_CONTEXT, createSecurityContext(request)); sec.getUserProperties().put(ENVIRONMENT_CONTEXT, EnvironmentContext.getCurrent()); } }; }
private ServerEndpointConfig.Configurator configuratorFor(final String prefix, final boolean isRaw) { return new ServerEndpointConfig.Configurator() { @Override public <T> T getEndpointInstance(Class<T> endpointClass) throws InstantiationException { try { return endpointClass.getConstructor(SockJsServer.class, String.class, String.class) .newInstance(sockJsServer, context.getContextPath(), prefix); } catch (Exception e) { throw new RuntimeException(e); } } @Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { if (isRaw) { // We have no reliable key (like session id) to save // headers with for raw websocket requests return; } String path = request.getRequestURI().getPath(); Matcher matcher = SESSION_PATTERN.matcher(path); if (matcher.matches()) { String sessionId = matcher.group(1); saveHeaders(sessionId, request.getHeaders()); } } }; }
@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { HttpSession httpSession = (HttpSession) request.getHttpSession(); config.getUserProperties() .put(HttpSession.class.getName(), httpSession); }
private ServerEndpointConfig.Configurator configuratorFor(final String prefix, final boolean isRaw) { return new ServerEndpointConfig.Configurator() { @Override public <T> T getEndpointInstance(Class<T> endpointClass) throws InstantiationException { try { return endpointClass.getConstructor(SockJsServer.class, String.class, String.class) .newInstance(sockJsServer, getServletContext().getContextPath(), prefix); } catch (Exception e) { throw new RuntimeException(e); } } @Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { if (isRaw) { // We have no reliable key (like session id) to save // headers with for raw websocket requests return; } String path = request.getRequestURI().getPath(); Matcher matcher = SESSION_PATTERN.matcher(path); if (matcher.matches()) { String sessionId = matcher.group(1); saveHeaders(sessionId, request.getHeaders()); } } }; }
public static final RequestAgent getWsRequestAgent(HandshakeRequest request, HandshakeResponse response) { // this is an abstraction point. this class can be loaded from configuration. if (request instanceof HttpServletRequest) { return new RequestAgent.HTTP((HttpServletRequest) request, (HttpServletResponse) response); } else { return null; } }
/** * Test of modifyHandshake method, of class OcelotRequestConfigurator. */ @Test public void testModifyHandshake() { System.out.println("testModifyHandshake"); ServerEndpointConfig sec = mock(ServerEndpointConfig.class); Map<String, Object> userProperties = new HashMap<>(); HandshakeRequest request = mock(HandshakeRequest.class); HandshakeResponse response = mock(HandshakeResponse.class); when(sec.getUserProperties()).thenReturn(userProperties); instance.modifyHandshake(sec, request, response); assertThat(userProperties.get(Constants.HANDSHAKEREQUEST)).isEqualTo(request); }
@Override public void afterResponse(HandshakeResponse response) { System.out.println("afterResponse:"); for (String h : response.getHeaders().keySet()) { for (String k : response.getHeaders().get(h)) { System.out.println("Header: " + h + ", " + k); } } }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { super.modifyHandshake(sec, request, response); System.out.println("Handshake Request:"); System.out.println("Serving at: " + request.getRequestURI()); System.out.println("Handshake Response:"); for (String h : response.getHeaders().keySet()) { for (String k : response.getHeaders().get(h)) { System.out.println("Header: " + h + ", " + k); } } }
@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { HttpSession httpSession = (HttpSession)request.getHttpSession(); config.getUserProperties().put(HttpSession.class.getName(),httpSession); }
@Override public void modifyHandshake(final ServerEndpointConfig config, final HandshakeRequest request, final HandshakeResponse response) { final HttpSession httpSession = (HttpSession) request.getHttpSession(); config.getUserProperties().put(HTTP_SESSION_KEY, httpSession); }
@Override public void afterResponse( HandshakeResponse hr ) { try { if ( loginContext != null ) { loginContext.logout(); } } catch ( LoginException e ) { e.printStackTrace(); //work is done just ignore } }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { String url = endpointConfig.getUrl(); if (endpointConfig.isDynamicAddressing()) { // url = request.getRequestURI().substring(request.getContextPath().length()); } ClientChannel clientChannel = endpointConfig.getClientChannelFor(url); String username = null; try { username = clientChannel.authenticate(endpointConfig.getAuthenticationProvider(), request); } catch (AuthenticationException e) { LOG.warn("Unauthorized access for " + request, e); throw new SecurityException("Unauthorized access for " + request); } client = endpointConfig.getClientBuilder(clientChannel).get(request) .username(username) .url(url) .protocol(selectedProtocol, endpointConfig.getProtocolRepository()) .build(); }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { delegate.modifyHandshake(sec, request, response); }
@Override public void modifyHandshake(ServerEndpointConfig config, HandshakeRequest request, HandshakeResponse response) { config.getUserProperties().put(HandshakeRequest.SEC_WEBSOCKET_PROTOCOL,request.getHeaders().get(HandshakeRequest.SEC_WEBSOCKET_PROTOCOL)); }
public HttpResponse(int status, HandshakeResponse handshakeResponse) { this.status = status; this.handshakeResponse = handshakeResponse; }
public HandshakeResponse getHandshakeResponse() { return handshakeResponse; }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { // NO-OP }
public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { fetchContainerDefaultConfigurator().modifyHandshake(sec, request, response); }
@Override public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) { }
