renamed https offloading to the more widely used ssl offloading
Project: http://git-wip-us.apache.org/repos/asf/struts-extras/repo Commit: http://git-wip-us.apache.org/repos/asf/struts-extras/commit/b3ce14c9 Tree: http://git-wip-us.apache.org/repos/asf/struts-extras/tree/b3ce14c9 Diff: http://git-wip-us.apache.org/repos/asf/struts-extras/diff/b3ce14c9 Branch: refs/heads/master Commit: b3ce14c9e744ca713373b358f71f0659bfb35803 Parents: ba12972 Author: Stefaan Dutry <stefaan.du...@gmail.com> Authored: Tue Mar 28 16:25:06 2017 +0200 Committer: Stefaan Dutry <stefaan.du...@gmail.com> Committed: Tue Mar 28 16:25:06 2017 +0200 ---------------------------------------------------------------------- ...OffloadAwareServletActionRedirectResult.java | 123 ------------ .../HttpsOffloadAwareServletRedirectResult.java | 188 ------------------- ...OffloadAwareServletActionRedirectResult.java | 123 ++++++++++++ .../SslOffloadAwareServletRedirectResult.java | 188 +++++++++++++++++++ 4 files changed, 311 insertions(+), 311 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/struts-extras/blob/b3ce14c9/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletActionRedirectResult.java ---------------------------------------------------------------------- diff --git a/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletActionRedirectResult.java b/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletActionRedirectResult.java deleted file mode 100644 index 0cd1390..0000000 --- a/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletActionRedirectResult.java +++ /dev/null @@ -1,123 +0,0 @@ -/* - * $Id$ - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.struts2.result; - -import java.util.Collection; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.apache.struts2.ServletActionContext; -import org.apache.struts2.dispatcher.mapper.ActionMapping; -import org.apache.struts2.dispatcher.Dispatcher; -import org.apache.struts2.result.ServletRedirectResult; -import org.apache.struts2.views.util.UrlHelper; - -import com.opensymphony.xwork2.ActionContext; -import com.opensymphony.xwork2.ActionInvocation; -import com.opensymphony.xwork2.config.entities.ResultConfig; -import com.opensymphony.xwork2.inject.Inject; - -public class HttpsOffloadAwareServletActionRedirectResult extends HttpsOffloadAwareServletRedirectResult { - /* The default parameter */ - public static final String DEFAULT_PARAM = "actionName"; - - protected String actionName; - protected String namespace; - protected String method; - - public HttpsOffloadAwareServletActionRedirectResult() {} - - public HttpsOffloadAwareServletActionRedirectResult(String actionName) { - this(null, actionName, null, null); - } - - public HttpsOffloadAwareServletActionRedirectResult(String actionName, String method) { - this(null, actionName, method, null); - } - - public HttpsOffloadAwareServletActionRedirectResult(String namespace, String actionName, String method) { - this(namespace, actionName, method, null); - } - - public HttpsOffloadAwareServletActionRedirectResult(String namespace, String actionName, String method, String anchor) { - super(null, anchor); - this.namespace = namespace; - this.actionName = actionName; - this.method = method; - } - - /** - * @see com.opensymphony.xwork2.Result#execute(com.opensymphony.xwork2.ActionInvocation) - */ - public void execute(ActionInvocation invocation) throws Exception { - actionName = conditionalParse(actionName, invocation); - if (namespace == null) { - namespace = invocation.getProxy().getNamespace(); - } else { - namespace = conditionalParse(namespace, invocation); - } - if (method == null) { - method = ""; - } else { - method = conditionalParse(method, invocation); - } - - String tmpLocation = actionMapper.getUriFromActionMapping(new ActionMapping(actionName, namespace, method, null)); - - setLocation(tmpLocation); - - super.execute(invocation); - } - - /** - * Sets the action name - * - * @param actionName The name - */ - public void setActionName(String actionName) { - this.actionName = actionName; - } - - /** - * Sets the namespace - * - * @param namespace The namespace - */ - public void setNamespace(String namespace) { - this.namespace = namespace; - } - - /** - * Sets the method - * - * @param method The method - */ - public void setMethod(String method) { - this.method = method; - } - -} http://git-wip-us.apache.org/repos/asf/struts-extras/blob/b3ce14c9/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletRedirectResult.java ---------------------------------------------------------------------- diff --git a/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletRedirectResult.java b/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletRedirectResult.java deleted file mode 100644 index 3431467..0000000 --- a/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/HttpsOffloadAwareServletRedirectResult.java +++ /dev/null @@ -1,188 +0,0 @@ -/* - * $Id$ - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.struts2.result; - -import java.util.Collection; -import java.util.Enumeration; -import java.util.List; -import java.util.Map; -import java.util.regex.Pattern; -import java.util.regex.Matcher; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.apache.struts2.ServletActionContext; -import org.apache.struts2.dispatcher.mapper.ActionMapping; -import org.apache.struts2.dispatcher.Dispatcher; -import org.apache.struts2.result.ServletRedirectResult; -import org.apache.struts2.views.util.UrlHelper; - -import com.opensymphony.xwork2.ActionContext; -import com.opensymphony.xwork2.ActionInvocation; -import com.opensymphony.xwork2.config.entities.ResultConfig; -import com.opensymphony.xwork2.inject.Inject; - -public class HttpsOffloadAwareServletRedirectResult extends ServletRedirectResult { - private static final long serialVersionUID = -5384946213381645549L; - private static final Logger LOG = LogManager.getLogger(HttpsOffloadAwareServletRedirectResult.class); - private static final Pattern FORWARDED_PROTO_PARAM_HTTPS = Pattern.compile("[^;]proto=https[$;]"); - - private UrlHelper urlHelper; - - @Inject - public void setUrlHelper(UrlHelper urlHelper) { - this.urlHelper = urlHelper; - } - - public HttpsOffloadAwareServletRedirectResult() { - super(); - } - - public HttpsOffloadAwareServletRedirectResult(String location) { - this(location, null); - } - - public HttpsOffloadAwareServletRedirectResult(String location, String anchor) { - super(location, anchor); - } - - /** - * Redirects to the location specified by calling - * {@link HttpServletResponse#sendRedirect(String)}. - * - * @param finalLocation - * the location to redirect to. - * @param invocation - * an encapsulation of the action execution state. - * @throws Exception - * if an error occurs when redirecting. - */ - protected void doExecute(String finalLocation, ActionInvocation invocation) throws Exception { - ActionContext ctx = invocation.getInvocationContext(); - HttpServletRequest request = (HttpServletRequest) ctx.get(ServletActionContext.HTTP_REQUEST); - HttpServletResponse response = (HttpServletResponse) ctx.get(ServletActionContext.HTTP_RESPONSE); - - if (isPathUrl(finalLocation)) { - if (!finalLocation.startsWith("/")) { - ActionMapping mapping = actionMapper.getMapping(request, Dispatcher.getInstance().getConfigurationManager()); - String namespace = null; - if (mapping != null) { - namespace = mapping.getNamespace(); - } - - if ((namespace != null) && (namespace.length() > 0) && (!"/".equals(namespace))) { - finalLocation = namespace + "/" + finalLocation; - } else { - finalLocation = "/" + finalLocation; - } - } - - // if the URL's are relative to the servlet context, append the - // servlet context path - if (prependServletContext && (request.getContextPath() != null) - && (request.getContextPath().length() > 0)) { - finalLocation = request.getContextPath() + finalLocation; - } - - finalLocation = fixSchemeIfNeeded(finalLocation, request); - } - ResultConfig resultConfig = invocation.getProxy().getConfig().getResults().get(invocation.getResultCode()); - if (resultConfig != null) { - Map<String, String> resultConfigParams = resultConfig.getParams(); - - List<String> prohibitedResultParams = getProhibitedResultParams(); - for (Map.Entry<String, String> e : resultConfigParams.entrySet()) { - if (!prohibitedResultParams.contains(e.getKey())) { - Collection<String> values = conditionalParseCollection(e.getValue(), invocation, - suppressEmptyParameters); - if (!suppressEmptyParameters || !values.isEmpty()) { - requestParameters.put(e.getKey(), values); - } - } - } - } - - StringBuilder tmpLocation = new StringBuilder(finalLocation); - urlHelper.buildParametersString(requestParameters, tmpLocation, "&"); - - // add the anchor - if (anchor != null) { - tmpLocation.append('#').append(anchor); - } - - finalLocation = response.encodeRedirectURL(tmpLocation.toString()); - - LOG.debug("Redirecting to finalLocation: {}", finalLocation); - - sendRedirect(response, finalLocation); - } - - protected String fixSchemeIfNeeded(String location, HttpServletRequest request) { - if (shouldFixScheme(request)) { - LOG.debug("https offloading happened, fixing redirectlocation"); - StringBuilder fixedLocation = new StringBuilder(); - fixedLocation.append("https"); - fixedLocation.append("://"); - fixedLocation.append(request.getServerName()); - if (request.getServerPort() != 80) { - fixedLocation.append(':'); - fixedLocation.append(request.getServerPort()); - } - fixedLocation.append(location); - - return fixedLocation.toString(); - } else { - return location; - } - } - - protected boolean shouldFixScheme(HttpServletRequest request) { - return "https".equals(request.getHeader("X-Forwarded-Proto")) || hasForwardedHeaderWithProtoParamHttps(request); - } - - private boolean hasForwardedHeaderWithProtoParamHttps(HttpServletRequest request) { - Enumeration<String> forwardedHeaders = request.getHeaders("Forwarded"); - - if (forwardedHeaders == null) { - return false; - } - - while (forwardedHeaders.hasMoreElements()) { - String forwardedHeader = forwardedHeaders.nextElement(); - String[] forwardedHeaderElements = forwardedHeader.split(","); - - for (String forwardedHeaderElement : forwardedHeaderElements) { - Matcher matcher = FORWARDED_PROTO_PARAM_HTTPS.matcher(forwardedHeaderElement.trim()); - - if (matcher.matches()) { - return true; - } - } - } - - return false; - } - -} http://git-wip-us.apache.org/repos/asf/struts-extras/blob/b3ce14c9/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletActionRedirectResult.java ---------------------------------------------------------------------- diff --git a/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletActionRedirectResult.java b/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletActionRedirectResult.java new file mode 100644 index 0000000..7c812f4 --- /dev/null +++ b/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletActionRedirectResult.java @@ -0,0 +1,123 @@ +/* + * $Id$ + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.struts2.result; + +import java.util.Collection; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.apache.struts2.ServletActionContext; +import org.apache.struts2.dispatcher.mapper.ActionMapping; +import org.apache.struts2.dispatcher.Dispatcher; +import org.apache.struts2.result.ServletRedirectResult; +import org.apache.struts2.views.util.UrlHelper; + +import com.opensymphony.xwork2.ActionContext; +import com.opensymphony.xwork2.ActionInvocation; +import com.opensymphony.xwork2.config.entities.ResultConfig; +import com.opensymphony.xwork2.inject.Inject; + +public class SslOffloadAwareServletActionRedirectResult extends SslOffloadAwareServletRedirectResult { + /* The default parameter */ + public static final String DEFAULT_PARAM = "actionName"; + + protected String actionName; + protected String namespace; + protected String method; + + public SslOffloadAwareServletActionRedirectResult() {} + + public SslOffloadAwareServletActionRedirectResult(String actionName) { + this(null, actionName, null, null); + } + + public SslOffloadAwareServletActionRedirectResult(String actionName, String method) { + this(null, actionName, method, null); + } + + public SslOffloadAwareServletActionRedirectResult(String namespace, String actionName, String method) { + this(namespace, actionName, method, null); + } + + public SslOffloadAwareServletActionRedirectResult(String namespace, String actionName, String method, String anchor) { + super(null, anchor); + this.namespace = namespace; + this.actionName = actionName; + this.method = method; + } + + /** + * @see com.opensymphony.xwork2.Result#execute(com.opensymphony.xwork2.ActionInvocation) + */ + public void execute(ActionInvocation invocation) throws Exception { + actionName = conditionalParse(actionName, invocation); + if (namespace == null) { + namespace = invocation.getProxy().getNamespace(); + } else { + namespace = conditionalParse(namespace, invocation); + } + if (method == null) { + method = ""; + } else { + method = conditionalParse(method, invocation); + } + + String tmpLocation = actionMapper.getUriFromActionMapping(new ActionMapping(actionName, namespace, method, null)); + + setLocation(tmpLocation); + + super.execute(invocation); + } + + /** + * Sets the action name + * + * @param actionName The name + */ + public void setActionName(String actionName) { + this.actionName = actionName; + } + + /** + * Sets the namespace + * + * @param namespace The namespace + */ + public void setNamespace(String namespace) { + this.namespace = namespace; + } + + /** + * Sets the method + * + * @param method The method + */ + public void setMethod(String method) { + this.method = method; + } + +} http://git-wip-us.apache.org/repos/asf/struts-extras/blob/b3ce14c9/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletRedirectResult.java ---------------------------------------------------------------------- diff --git a/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletRedirectResult.java b/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletRedirectResult.java new file mode 100644 index 0000000..399c6f8 --- /dev/null +++ b/struts2-custom-results-plugin/src/main/java/org/apache/struts2/result/SslOffloadAwareServletRedirectResult.java @@ -0,0 +1,188 @@ +/* + * $Id$ + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.struts2.result; + +import java.util.Collection; +import java.util.Enumeration; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; +import java.util.regex.Matcher; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.apache.struts2.ServletActionContext; +import org.apache.struts2.dispatcher.mapper.ActionMapping; +import org.apache.struts2.dispatcher.Dispatcher; +import org.apache.struts2.result.ServletRedirectResult; +import org.apache.struts2.views.util.UrlHelper; + +import com.opensymphony.xwork2.ActionContext; +import com.opensymphony.xwork2.ActionInvocation; +import com.opensymphony.xwork2.config.entities.ResultConfig; +import com.opensymphony.xwork2.inject.Inject; + +public class SslOffloadAwareServletRedirectResult extends ServletRedirectResult { + private static final long serialVersionUID = -5384946213381645549L; + private static final Logger LOG = LogManager.getLogger(SslOffloadAwareServletRedirectResult.class); + private static final Pattern FORWARDED_PROTO_PARAM_HTTPS = Pattern.compile("[^;]proto=https[$;]"); + + private UrlHelper urlHelper; + + @Inject + public void setUrlHelper(UrlHelper urlHelper) { + this.urlHelper = urlHelper; + } + + public SslOffloadAwareServletRedirectResult() { + super(); + } + + public SslOffloadAwareServletRedirectResult(String location) { + this(location, null); + } + + public SslOffloadAwareServletRedirectResult(String location, String anchor) { + super(location, anchor); + } + + /** + * Redirects to the location specified by calling + * {@link HttpServletResponse#sendRedirect(String)}. + * + * @param finalLocation + * the location to redirect to. + * @param invocation + * an encapsulation of the action execution state. + * @throws Exception + * if an error occurs when redirecting. + */ + protected void doExecute(String finalLocation, ActionInvocation invocation) throws Exception { + ActionContext ctx = invocation.getInvocationContext(); + HttpServletRequest request = (HttpServletRequest) ctx.get(ServletActionContext.HTTP_REQUEST); + HttpServletResponse response = (HttpServletResponse) ctx.get(ServletActionContext.HTTP_RESPONSE); + + if (isPathUrl(finalLocation)) { + if (!finalLocation.startsWith("/")) { + ActionMapping mapping = actionMapper.getMapping(request, Dispatcher.getInstance().getConfigurationManager()); + String namespace = null; + if (mapping != null) { + namespace = mapping.getNamespace(); + } + + if ((namespace != null) && (namespace.length() > 0) && (!"/".equals(namespace))) { + finalLocation = namespace + "/" + finalLocation; + } else { + finalLocation = "/" + finalLocation; + } + } + + // if the URL's are relative to the servlet context, append the + // servlet context path + if (prependServletContext && (request.getContextPath() != null) + && (request.getContextPath().length() > 0)) { + finalLocation = request.getContextPath() + finalLocation; + } + + finalLocation = fixSchemeIfNeeded(finalLocation, request); + } + ResultConfig resultConfig = invocation.getProxy().getConfig().getResults().get(invocation.getResultCode()); + if (resultConfig != null) { + Map<String, String> resultConfigParams = resultConfig.getParams(); + + List<String> prohibitedResultParams = getProhibitedResultParams(); + for (Map.Entry<String, String> e : resultConfigParams.entrySet()) { + if (!prohibitedResultParams.contains(e.getKey())) { + Collection<String> values = conditionalParseCollection(e.getValue(), invocation, + suppressEmptyParameters); + if (!suppressEmptyParameters || !values.isEmpty()) { + requestParameters.put(e.getKey(), values); + } + } + } + } + + StringBuilder tmpLocation = new StringBuilder(finalLocation); + urlHelper.buildParametersString(requestParameters, tmpLocation, "&"); + + // add the anchor + if (anchor != null) { + tmpLocation.append('#').append(anchor); + } + + finalLocation = response.encodeRedirectURL(tmpLocation.toString()); + + LOG.debug("Redirecting to finalLocation: {}", finalLocation); + + sendRedirect(response, finalLocation); + } + + protected String fixSchemeIfNeeded(String location, HttpServletRequest request) { + if (shouldFixScheme(request)) { + LOG.debug("https offloading happened, fixing redirectlocation"); + StringBuilder fixedLocation = new StringBuilder(); + fixedLocation.append("https"); + fixedLocation.append("://"); + fixedLocation.append(request.getServerName()); + if (request.getServerPort() != 80) { + fixedLocation.append(':'); + fixedLocation.append(request.getServerPort()); + } + fixedLocation.append(location); + + return fixedLocation.toString(); + } else { + return location; + } + } + + protected boolean shouldFixScheme(HttpServletRequest request) { + return "https".equals(request.getHeader("X-Forwarded-Proto")) || hasForwardedHeaderWithProtoParamHttps(request); + } + + private boolean hasForwardedHeaderWithProtoParamHttps(HttpServletRequest request) { + Enumeration<String> forwardedHeaders = request.getHeaders("Forwarded"); + + if (forwardedHeaders == null) { + return false; + } + + while (forwardedHeaders.hasMoreElements()) { + String forwardedHeader = forwardedHeaders.nextElement(); + String[] forwardedHeaderElements = forwardedHeader.split(","); + + for (String forwardedHeaderElement : forwardedHeaderElements) { + Matcher matcher = FORWARDED_PROTO_PARAM_HTTPS.matcher(forwardedHeaderElement.trim()); + + if (matcher.matches()) { + return true; + } + } + } + + return false; + } + +}