Develop

cws-core/src/main/java/jpl/cws/core/web/CwsCamundaSecurityFilter.java

@@ -70,6 +70,8 @@ public void doFilter(
 
 		log.trace("doFilter path " + req.getContextPath());
 
+
+
 		if (log.isTraceEnabled()) {
 			log.trace("PATH = " + path);
 			Enumeration<String> reqHeaderNames = req.getHeaderNames();
@@ -91,6 +93,8 @@ public void doFilter(
 			}
 		}
 
+
+
 		// If skipping resource...
 		//
 		if (isSecurityExemptResource(path)) {
@@ -108,6 +112,7 @@ public void doFilter(
 			// FIXME:  add similar logic as above to redirect Camunda login pages..
 
 			chain.doFilter(request, resp); // continue onwards with chain
+			statusOverride(resp, req);
 			return;
 		}
 		else {

cws-core/src/main/java/jpl/cws/core/web/CwsLdapSecurityFilter.java

@@ -58,6 +58,8 @@ public void doFilter(
 			return;
 		}
 
+
+
 		// If skipping resource...
 		//
 		if (isSecurityExemptResource(path)) {
@@ -75,6 +77,7 @@ public void doFilter(
 			// FIXME:  add similar logic as above to redirect Camunda login pages..
 
 			chain.doFilter(request, resp); // continue onwards with chain
+			statusOverride(resp, req);
 			return;
 		}
 		else {

cws-core/src/main/java/jpl/cws/core/web/CwsSecurityFilter.java

@@ -41,6 +41,7 @@ public abstract class CwsSecurityFilter implements javax.servlet.Filter {
 	private static final Logger log = LoggerFactory.getLogger(CwsSecurityFilter.class);
 
 	public static final String CWS_TOKEN_COOKIE_NAME = "cwsToken";
+	public static final String CWS_USERNAME_COOKIE_NAME = "cwsUsername";
 
 	static final String COOKIES_HEADER = "Set-Cookie";
 
@@ -51,11 +52,19 @@ public abstract class CwsSecurityFilter implements javax.servlet.Filter {
 	protected AuthorizationService authorizationService;
 
 	protected String cwsSecurityScheme;
-
+
+	private String cwsWebPort;
+	private String cwsSSLPort;
+
 	public void init(FilterConfig filterConfig) {
 		try {
 			cwsSecurityScheme = filterConfig.getInitParameter("identityPluginType");
+			cwsWebPort = filterConfig.getInitParameter("cwsWebPort");
+			cwsSSLPort = filterConfig.getInitParameter("cwsSSLPort");
 			log.debug("CWS Security scheme is: " + cwsSecurityScheme);
+			log.debug("CWS cwsWebPort is: " + cwsWebPort);
+			log.debug("CWS cwsSSLPort is: " + cwsSSLPort);
+
 
 			this.contextPath = filterConfig.getServletContext().getContextPath();
 
@@ -303,8 +312,18 @@ else if (path.toLowerCase().endsWith("/logout")) {
 
 		return false;  // DON'T skip
 	}
-
-
+
+	// Simple override of http return for redirect code when http request is valid
+	protected void statusOverride(HttpServletResponse resp, HttpServletRequest req){
+		if (resp.getStatus() == 200){
+			resp.setStatus(301);
+			String newURL = getBaseUrl(req);
+			newURL = newURL.replaceFirst("http:", "https:");
+			newURL = newURL.replaceFirst(cwsWebPort, cwsSSLPort);
+			resp.setHeader("Location", newURL);
+		}
+	}
+
 	protected void logRequestInfo(HttpServletRequest req) {
 		// Log all of the headers
 		Enumeration<String> reqHeaderNames = req.getHeaderNames();
@@ -546,6 +565,7 @@ else if (resourceId.startsWith("process/")) {
 	protected void setCwsTokenCookie(HttpServletRequest req, HttpServletResponse resp) {
 		String cwsToken = req.getSession().getId();
 		WebUtils.addCookie(CWS_TOKEN_COOKIE_NAME, cwsToken, null, "/", resp);
+		WebUtils.addUnsecureCookie(CWS_USERNAME_COOKIE_NAME, getUsernameFromReq(req), null, "/", resp);
 		cwsSecurityService.addNewCwsTokenToDb(cwsToken, getUsernameFromReq(req));
 		//addCwsSessionId(getUsernameFromReq(req), req.getSession().getId());
 	}

cws-core/src/main/java/jpl/cws/core/web/JsonResponse.java

@@ -1,6 +1,7 @@
 package jpl.cws.core.web;
 
 import com.google.gson.GsonBuilder;
+import org.apache.commons.lang.StringEscapeUtils;
 
 public class JsonResponse {
 	public enum Status {
@@ -25,6 +26,8 @@ public String getMessage() {
 	}
 
 	public String toString() {
-		return new GsonBuilder().setPrettyPrinting().create().toJson(this);
+		String json = new GsonBuilder().setPrettyPrinting().create().toJson(this);
+
+		return StringEscapeUtils.unescapeJava(json);
 	}
 }

cws-core/src/main/java/jpl/cws/core/web/WebUtils.java

@@ -71,7 +71,7 @@ public static RestCallResult restCall(String urlString, String method, String da
 	 * 
 	 */
 	public static RestCallResult restCall(String urlString, String method, String data, String cookie, String acceptType, String contentType, Boolean allowInsecureRequests, String username, String password) throws Exception {
-		log.trace("urlString = " + urlString);
+		log.debug("urlString = " + urlString);
 		HttpURLConnection connection = null;
 		try {
 
@@ -212,6 +212,15 @@ public static void addCookie(String name, String value, String domain, String pa
 		Cookie cookie = constructCookie(name, value, domain, path);
 		resp.addCookie(cookie);
 	}
+
+	public static void addUnsecureCookie(String name, String value, String domain, String path, HttpServletResponse resp) {
+		if (!isValidCookieString(name) || !isValidCookieString(value)) {
+			throw new IllegalArgumentException("Cookie name and/or value is invalid (contains unacceptable characters)!");
+		}
+		Cookie cookie = constructCookie(name, value, domain, path);
+		cookie.setHttpOnly(false);
+		resp.addCookie(cookie);
+	}