shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "buom (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SHIRO-503) [DefaultWebSessionManager] Cannot get data w/ httpMethod="POST" and "Content-Type: application/x-www-form-urlencoded"
Date Tue, 27 May 2014 12:55:01 GMT

     [ https://issues.apache.org/jira/browse/SHIRO-503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

buom updated SHIRO-503:
-----------------------

    Description: 
*web.xml*

{code}
<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns="http://java.sun.com/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
         version="3.0">

    <context-param>
        <param-name>shiroConfigLocations</param-name>
        <param-value>classpath:shiro.ini</param-value>
    </context-param>

        <listener>
            <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
        </listener>

        <filter>
            <filter-name>ShiroFilter</filter-name>
            <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
        </filter>

        <filter-mapping>
            <filter-name>ShiroFilter</filter-name>
            <url-pattern>/*</url-pattern>
            <dispatcher>REQUEST</dispatcher>
            <dispatcher>FORWARD</dispatcher>
            <dispatcher>INCLUDE</dispatcher>
            <dispatcher>ERROR</dispatcher>
        </filter-mapping>
</web-app>
{code}

*ShiroServlet.java*
{code}
package shiro;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.io.IOUtils;

/**
 * Created by buom on 5/27/14.
 */
@WebServlet(urlPatterns = "/shiro")
public class ShiroServlet extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {

        String payload = IOUtils.toString(request.getInputStream());
        String output = "payload: " + payload +  "\n" +
            "contentType: " + request.getContentType() + "\n" +
            "method: " + request.getMethod();

        response.getWriter().write(output);

    }
}
{code}

*Test 1:*

_shiro.ini_

{code}
[main]

# Create a Session Manager
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager

[filters]
authc.successUrl = /index.jsp
{code}

*Run*
{code}
$ curl -i -XPOST -H'Content-Type: application/x-www-form-urlencoded' -d'name=buom' http://localhost:8080/coz/shiro
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 69
Date: Tue, 27 May 2014 12:48:41 GMT

payload: 
contentType: application/x-www-form-urlencoded
method: POST
{code}

*Test 2:*

_shiro.ini_

{code}
[main]

# Create a Session Manager
#sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
#securityManager.sessionManager = $sessionManager

[filters]
authc.successUrl = /index.jsp
{code}

*Run*
{code}
$ curl -i -XPOST -H'Content-Type: application/x-www-form-urlencoded' -d'name=buom' http://localhost:8080/coz/shiro
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 78
Date: Tue, 27 May 2014 12:47:39 GMT

payload: name=buom
contentType: application/x-www-form-urlencoded
method: POST
{code}

*Conclusion*
Fail in the *Test 1*

  was:
*web.xml*

{code}
<?xml version="1.0" encoding="UTF-8"?>

<web-app xmlns="http://java.sun.com/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
         version="3.0">

    <context-param>
        <param-name>shiroConfigLocations</param-name>
        <param-value>classpath:shiro.ini</param-value>
    </context-param>

        <listener>
            <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
        </listener>

        <filter>
            <filter-name>ShiroFilter</filter-name>
            <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
        </filter>

        <filter-mapping>
            <filter-name>ShiroFilter</filter-name>
            <url-pattern>/*</url-pattern>
            <dispatcher>REQUEST</dispatcher>
            <dispatcher>FORWARD</dispatcher>
            <dispatcher>INCLUDE</dispatcher>
            <dispatcher>ERROR</dispatcher>
        </filter-mapping>
</web-app>
{code}

*ShiroServlet.java*
{code}
package shiro;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.io.IOUtils;

/**
 * Created by buom on 5/27/14.
 */
@WebServlet(urlPatterns = "/shiro")
public class ShiroServlet extends HttpServlet {
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {

        String payload = IOUtils.toString(request.getInputStream());
        String output = "payload: " + payload +  "\n" +
            "contentType: " + request.getContentType() + "\n" +
            "method: " + request.getMethod();

        response.getWriter().write(output);

    }
}
{code}

*Test 1:*

_shiro.ini_

{code}
[main]

# Create a Session Manager
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.sessionManager = $sessionManager

[filters]
authc.successUrl = /index.jsp
{code}

*Run*
{code}
$ curl -i -XPOST -H'Content-Type: application/x-www-form-urlencoded' -d'{"name": "buom"}'
http://localhost:8080/coz/shiro
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 69
Date: Tue, 27 May 2014 12:38:45 GMT

payload: 
contentType: application/x-www-form-urlencoded
method: POST
{code}

*Test 2:*

_shiro.ini_

{code}
[main]

# Create a Session Manager
#sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
#securityManager.sessionManager = $sessionManager

[filters]
authc.successUrl = /index.jsp
{code}

*Run*
{code}
$ curl -i -XPOST -H'Content-Type: application/x-www-form-urlencoded' -d'{"name": "buom"}'
http://localhost:8080/coz/shiro
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 85
Date: Tue, 27 May 2014 12:41:14 GMT

payload: {"name": "buom"}
contentType: application/x-www-form-urlencoded
method: POST
{code}

*Conclusion*
Fail in the *Test 1*


> [DefaultWebSessionManager] Cannot get data w/ httpMethod="POST" and "Content-Type: application/x-www-form-urlencoded"
> ---------------------------------------------------------------------------------------------------------------------
>
>                 Key: SHIRO-503
>                 URL: https://issues.apache.org/jira/browse/SHIRO-503
>             Project: Shiro
>          Issue Type: Bug
>          Components: Web
>    Affects Versions: 1.2.2, 1.2.3
>            Reporter: buom
>
> *web.xml*
> {code}
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app xmlns="http://java.sun.com/xml/ns/javaee"
>          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>          xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
>          version="3.0">
>     <context-param>
>         <param-name>shiroConfigLocations</param-name>
>         <param-value>classpath:shiro.ini</param-value>
>     </context-param>
>         <listener>
>             <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
>         </listener>
>         <filter>
>             <filter-name>ShiroFilter</filter-name>
>             <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
>         </filter>
>         <filter-mapping>
>             <filter-name>ShiroFilter</filter-name>
>             <url-pattern>/*</url-pattern>
>             <dispatcher>REQUEST</dispatcher>
>             <dispatcher>FORWARD</dispatcher>
>             <dispatcher>INCLUDE</dispatcher>
>             <dispatcher>ERROR</dispatcher>
>         </filter-mapping>
> </web-app>
> {code}
> *ShiroServlet.java*
> {code}
> package shiro;
> import java.io.IOException;
> import javax.servlet.ServletException;
> import javax.servlet.annotation.WebServlet;
> import javax.servlet.http.HttpServlet;
> import javax.servlet.http.HttpServletRequest;
> import javax.servlet.http.HttpServletResponse;
> import org.apache.commons.io.IOUtils;
> /**
>  * Created by buom on 5/27/14.
>  */
> @WebServlet(urlPatterns = "/shiro")
> public class ShiroServlet extends HttpServlet {
>     @Override
>     protected void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {
>         String payload = IOUtils.toString(request.getInputStream());
>         String output = "payload: " + payload +  "\n" +
>             "contentType: " + request.getContentType() + "\n" +
>             "method: " + request.getMethod();
>         response.getWriter().write(output);
>     }
> }
> {code}
> *Test 1:*
> _shiro.ini_
> {code}
> [main]
> # Create a Session Manager
> sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
> securityManager.sessionManager = $sessionManager
> [filters]
> authc.successUrl = /index.jsp
> {code}
> *Run*
> {code}
> $ curl -i -XPOST -H'Content-Type: application/x-www-form-urlencoded' -d'name=buom' http://localhost:8080/coz/shiro
> HTTP/1.1 200 OK
> Server: Apache-Coyote/1.1
> Content-Length: 69
> Date: Tue, 27 May 2014 12:48:41 GMT
> payload: 
> contentType: application/x-www-form-urlencoded
> method: POST
> {code}
> *Test 2:*
> _shiro.ini_
> {code}
> [main]
> # Create a Session Manager
> #sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
> #securityManager.sessionManager = $sessionManager
> [filters]
> authc.successUrl = /index.jsp
> {code}
> *Run*
> {code}
> $ curl -i -XPOST -H'Content-Type: application/x-www-form-urlencoded' -d'name=buom' http://localhost:8080/coz/shiro
> HTTP/1.1 200 OK
> Server: Apache-Coyote/1.1
> Content-Length: 78
> Date: Tue, 27 May 2014 12:47:39 GMT
> payload: name=buom
> contentType: application/x-www-form-urlencoded
> method: POST
> {code}
> *Conclusion*
> Fail in the *Test 1*



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message