本文整理汇总了Java中javax.servlet.ServletRequest.isSecure方法的典型用法代码示例。如果您正苦于以下问题:Java ServletRequest.isSecure方法的具体用法?Java ServletRequest.isSecure怎么用?Java ServletRequest.isSecure使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.servlet.ServletRequest的用法示例。
在下文中一共展示了ServletRequest.isSecure方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doFilter
import javax.servlet.ServletRequest; //导入方法依赖的package包/类
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
try {
if (servletResponse instanceof HttpServletResponse) {
HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
String uri = httpServletRequest.getRequestURI();
if (this.enableCacheControl && !uri.endsWith(".css") && !uri.endsWith(".js") && !uri.endsWith(".png") && !uri.endsWith(".jpg") && !uri.endsWith(".ico") && !uri.endsWith(".jpeg") && !uri.endsWith(".bmp") && !uri.endsWith(".gif")) {
httpServletResponse.addHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
httpServletResponse.addHeader("Pragma", "no-cache");
httpServletResponse.addIntHeader("Expires", 0);
LOGGER.fine("Adding Cache Control response headers for " + uri);
}
if (this.enableStrictTransportSecurity && servletRequest.isSecure() &&
this.hasNoHeaderValue(httpServletResponse, "Strict-Transport-Security", "max-age=15768000; includeSubDomains")) {
httpServletResponse.addHeader("Strict-Transport-Security", "max-age=15768000; includeSubDomains");
LOGGER.fine("Adding HSTS response headers for " + uri);
}
if (this.enableXContentTypeOptions &&
this.hasNoHeaderValue(httpServletResponse, "X-Content-Type-Options", "nosniff")) {
httpServletResponse.addHeader("X-Content-Type-Options", "nosniff");
LOGGER.fine("Adding X-Content Type response headers for " + uri);
}
if (this.enableXFrameOptions &&
this.hasNoHeaderValue(httpServletResponse, "X-Frame-Options", "DENY")) {
httpServletResponse.addHeader("X-Frame-Options", "DENY");
LOGGER.fine("Adding X-Frame Options response headers for " + uri);
}
if (this.enableXSSProtection &&
this.hasNoHeaderValue(httpServletResponse, "X-XSS-Protection", "1; mode=block")) {
httpServletResponse.addHeader("X-XSS-Protection", "1; mode=block");
LOGGER.fine("Adding X-XSS Protection response headers for " + uri);
}
}
} catch (Exception var7) {
FilterUtils.logException(LOGGER, new ServletException(this.getClass().getSimpleName() + " is blocking this request. Examine the cause in this stack trace to understand why.", var7));
}
filterChain.doFilter(servletRequest, servletResponse);
}
示例2: doFilter
import javax.servlet.ServletRequest; //导入方法依赖的package包/类
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
if (response instanceof HttpServletResponse) {
HttpServletResponse httpResponse = (HttpServletResponse) response;
if (response.isCommitted()) {
throw new ServletException(sm.getString("httpHeaderSecurityFilter.committed"));
}
// HSTS
if (hstsEnabled && request.isSecure()) {
httpResponse.setHeader(HSTS_HEADER_NAME, hstsHeaderValue);
}
// anti click-jacking
if (antiClickJackingEnabled) {
httpResponse.setHeader(ANTI_CLICK_JACKING_HEADER_NAME, antiClickJackingHeaderValue);
}
// Block content type sniffing
if (blockContentTypeSniffingEnabled) {
httpResponse.setHeader(BLOCK_CONTENT_TYPE_SNIFFING_HEADER_NAME,
BLOCK_CONTENT_TYPE_SNIFFING_HEADER_VALUE);
}
// cross-site scripting filter protection
if (xssProtectionEnabled) {
httpResponse.setHeader(XSS_PROTECTION_HEADER_NAME, XSS_PROTECTION_HEADER_VALUE);
}
}
chain.doFilter(request, response);
}
示例3: doFilter
import javax.servlet.ServletRequest; //导入方法依赖的package包/类
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
if (response instanceof HttpServletResponse) {
HttpServletResponse httpResponse = (HttpServletResponse) response;
if (response.isCommitted()) {
throw new ServletException(sm.getString("httpHeaderSecurityFilter.committed"));
}
// HSTS
if (hstsEnabled && request.isSecure()) {
httpResponse.setHeader(HSTS_HEADER_NAME, hstsHeaderValue);
}
// anti click-jacking
if (antiClickJackingEnabled) {
httpResponse.setHeader(ANTI_CLICK_JACKING_HEADER_NAME, antiClickJackingHeaderValue);
}
// Block content type sniffing
if (blockContentTypeSniffingEnabled) {
httpResponse.setHeader(BLOCK_CONTENT_TYPE_SNIFFING_HEADER_NAME,
BLOCK_CONTENT_TYPE_SNIFFING_HEADER_VALUE);
}
// cross-site scripting filter protection
if (xssProtectionEnabled) {
httpResponse.setHeader(XSS_PROTECTION_HEADER_NAME, XSS_PROTECTION_HEADER_VALUE);
}
}
chain.doFilter(request, response);
}
示例4: doFilter
import javax.servlet.ServletRequest; //导入方法依赖的package包/类
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
// Only require authentication from an identity provider if the NiFi registry is running securely.
if (!servletRequest.isSecure()) {
// Otherwise, requests will be "authenticated" by the AnonymousIdentityFilter
filterChain.doFilter(servletRequest, servletResponse);
return;
}
if (identityProvider == null) {
logger.warn("Identity Filter configured with NULL identity provider. Credentials will not be extracted.");
filterChain.doFilter(servletRequest, servletResponse);
return;
}
if (credentialsAlreadyPresent()) {
logger.debug("Credentials already extracted for {}, skipping credentials extraction filter for {}",
SecurityContextHolder.getContext().getAuthentication().getPrincipal(),
identityProvider.getClass().getSimpleName());
filterChain.doFilter(servletRequest, servletResponse);
return;
}
logger.debug("Attempting to extract user credentials using {}", identityProvider.getClass().getSimpleName());
try {
AuthenticationRequest authenticationRequest = identityProvider.extractCredentials((HttpServletRequest)servletRequest);
if (authenticationRequest != null) {
Authentication authentication = new AuthenticationRequestToken(authenticationRequest, identityProvider.getClass(), servletRequest.getRemoteAddr());
logger.debug("Adding credentials claim to SecurityContext to be authenticated. Credentials extracted by {}: {}",
identityProvider.getClass().getSimpleName(),
authenticationRequest);
SecurityContextHolder.getContext().setAuthentication(authentication);
// This filter's job, which is merely to search for and extract an identity claim, is done.
// The actual authentication of the identity claim will be handled by a corresponding IdentityAuthenticationProvider
}
} catch (Exception e) {
logger.debug("Exception occurred while extracting credentials:", e);
}
filterChain.doFilter(servletRequest, servletResponse);
}