API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 29th, 2016
78
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.81 KB | None | 0 0
raw download clone embed print report
  1. @RequestMapping(method = RequestMethod.POST)
  2. @ResponseStatus(value = HttpStatus.OK)
  3. public ResponseEntity<?> auth(FormData formData, HttpServletRequest req, HttpServletResponse resp) {
  4. System.out.println("11111111111111 inside POST");
  5. HttpHeaders responseHeaders = new HttpHeaders();
  6. boolean passedTheTest = true;//ACTUAL LOGIC IS OMITTED HERE FOR SIMPLICITY
  7. if (passedTheTest) {
  8. //SOME OFF TOPIC LOGIC HERE IS OMITTED
  9. CsrfToken csrf = (CsrfToken) req.getAttribute(CsrfToken.class.getName());
  10. String updateCsrf = csrf.getToken();
  11. responseHeaders.set("XSRF-TOKEN", updateCsrf);
  12. if(resp.getHeaders("Cache-Control")!=null){responseHeaders.put("Cache-Control" , new ArrayList<String>(resp.getHeaders("Cache-Control")));}
  13. if(resp.getHeader("Content-Language")!=null){responseHeaders.set("Content-Language" , resp.getHeader("Content-Language"));}
  14. if(resp.getHeader("Content-Length")!=null){responseHeaders.set("Content-Length" , resp.getHeader("Content-Length"));}
  15. if(resp.getHeader("Date")!=null){responseHeaders.set("Date" , resp.getHeader("Date"));}
  16. if(resp.getHeader("Expires")!=null){responseHeaders.set("Expires" , resp.getHeader("Expires"));}
  17. if(resp.getHeader("Pragma")!=null){responseHeaders.set("Pragma" , resp.getHeader("Pragma"));}
  18. if(resp.getHeader("Server")!=null){responseHeaders.set("Server" , resp.getHeader("Server"));}
  19. if(resp.getHeader("X-Application-Context")!=null){responseHeaders.set("X-Application-Context" , resp.getHeader("X-Application-Context"));}
  20. if(resp.getHeader("X-Frame-Options")!=null){responseHeaders.set("X-Frame-Options" , resp.getHeader("X-Frame-Options"));}
  21. if(resp.getHeader("X-XSS-Protection")!=null){responseHeaders.set("X-XSS-Protection" , resp.getHeader("X-XSS-Protection"));}
  22. if(resp.getHeader("x-content-type-options")!=null){responseHeaders.set("x-content-type-options" , resp.getHeader("x-content-type-options"));}
  23. if(req.getSession().getAttribute("forwardTo")!=null){
  24. String redirectTo = getValidUriFromAnotherFunction();
  25. try {
  26. URI location = new URI(redirectTo);
  27. responseHeaders.setLocation(location);
  28. } catch (URISyntaxException e) {e.printStackTrace();}
  29. ResponseEntity<Void> forwardResponseEntity = new ResponseEntity<Void>(responseHeaders, HttpStatus.CREATED);
  30. return forwardResponseEntity;
  31. }
  32. };
  33. return new ResponseEntity<String>("aDifferentViewTemplateName", responseHeaders, HttpStatus.CREATED);
  34. }
  35.  
  36. Host: localhost:7777
  37. User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0
  38. Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  39. Accept-Language: en-US,en;q=0.5
  40. Accept-Encoding: gzip, deflate
  41. Referer: http://localhost:7777/path/to/controller_method
  42. Cookie: JSESSIONID=911B34457B69F7729091DD97A160AD79; JSESSIONID=95AA730306330CF15E3776C495807354; XSRF-TOKEN=04ae2a0c-3c58-4e85-88bd-3818bb10402a
  43. Connection: keep-alive
  44.  
  45. Cache-Control: no-cache, no-store, max-age=0, must-revalidate, no-cache, no-store, max-age=0, must-revalidate
  46. Content-Length: 0
  47. Date: Sun, 29 May 2016 21:48:24 GMT
  48. Expires: 0, 0
  49. Location: http://localhost:7777/path/to/forward_destination?long_querystring
  50. Pragma: no-cache, no-cache
  51. Server: Apache-Coyote/1.1
  52. X-Application-Context: application:7777, application:7777
  53. X-Content-Type-Options: nosniff, nosniff
  54. X-Frame-Options: DENY, DENY
  55. X-XSS-Protection: 1; mode=block, 1; mode=block
  56. XSRF-TOKEN: 04ae2a0c-3c58-4e85-88bd-3818bb10402a
  57.  
  58. 11111111111111 inside POST
  59. redirectTo is: http://localhost:7777/path/to/forward_destination?long_querystring
  60.  
  61. 2016-05-29 14:48:24.489 DEBUG 5533 --- [io-7777-exec-10] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
  62. 2016-05-29 14:48:24.489 DEBUG 5533 --- [io-7777-exec-10] w.c.HttpSessionSecurityContextRepository : SecurityContext 'org.springframework.security.core.context.SecurityContextImpl@42259e42: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@42259e42: Principal: org.springframework.security.core.userdetails.User@40fecce: Username: SomeUser; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ONE,ROLE_TWO; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe3f86: RemoteIpAddress: 127.0.0.1; SessionId: 02A95844E8A829868542290D471503F5; Granted Authorities: ROLE_ONE, ROLE_TWO, ROLE_THREE' stored to HttpSession: 'org.apache.catalina.session.StandardSessionFacade@64307ead
  63. 2016-05-29 14:48:24.489 DEBUG 5533 --- [io-7777-exec-10] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!