diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2020-08-31 10:22:11 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2020-08-31 10:22:11 +0200 |
commit | e10256fe93208ef786d2e38a68a98e2548d501ee (patch) | |
tree | a5c1c97936cdd635db7a24164f796be6be5413ee /id/server/idserverlib/src | |
parent | c4633dffe99d4cc41e25fe165b6b8b5013ea34bd (diff) | |
download | moa-id-spss-e10256fe93208ef786d2e38a68a98e2548d501ee.tar.gz moa-id-spss-e10256fe93208ef786d2e38a68a98e2548d501ee.tar.bz2 moa-id-spss-e10256fe93208ef786d2e38a68a98e2548d501ee.zip |
fix SSRF bug in SAML1 parameter validator
Diffstat (limited to 'id/server/idserverlib/src')
6 files changed, 730 insertions, 76 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index ead80b117..03fd225e0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -42,6 +42,7 @@ import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; +import at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -182,14 +183,14 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ List<String> defaulTemplateURLList = authConfig.getSLRequestTemplates(); - if ( templateURLList != null && templateURLList.size() > 0 + if ( templateURLList != null && !templateURLList.isEmpty() && MiscUtil.isNotEmpty(templateURLList.get(0)) ) { templateURL = FileUtils.makeAbsoluteURL( oaParam.getTemplateURL().get(0), authConfig.getRootConfigFileDir()); Logger.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")"); - } else if ( (defaulTemplateURLList.size() > 0) && MiscUtil.isNotEmpty(defaulTemplateURLList.get(0))) { + } else if ( !defaulTemplateURLList.isEmpty() && MiscUtil.isNotEmpty(defaulTemplateURLList.get(0))) { templateURL = FileUtils.makeAbsoluteURL( defaulTemplateURLList.get(0), authConfig.getRootConfigFileDir()); @@ -203,8 +204,13 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ } - if (!ParamValidatorUtils.isValidTemplate(req, templateURL, oaParam.getTemplateURL())) + if (!ParamValidatorUtils.isValidTemplate(req, templateURL, oaParam.getTemplateURL(), + authConfig.getBasicConfigurationBoolean( + PropertyBasedAuthConfigurationProvider.PROP_STRICT_SAML1_PARAM_VALIDATION, + false))) { throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12"); + + } protocolReq.setRawDataToTransaction( MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java index 94bcae672..cf3e0efd7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java @@ -57,4 +57,19 @@ public class AuthConfigurationProviderFactory { return instance; } + + /** + * Set AuthConfig programmatically + * + * @param authConfig + */ + public static void setAuthConfig(AuthConfiguration authConfig) { + if (instance != null) { + throw new RuntimeException("AuthConfig can ONLY set once!"); + + } + + instance = authConfig; + + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index f299e0e94..1ffdaa524 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -52,6 +52,8 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide public static final String PROP_MOAID_MODE = "general.moaidmode.active"; + public static final String PROP_STRICT_SAML1_PARAM_VALIDATION = + "configuration.validate.saml1.parameter.strict"; private static final boolean TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT = true; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index a44d8c1b6..065615666 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -220,11 +220,11 @@ public class ParamValidatorUtils extends MOAIDAuthConstants{ }
// check if template is a valid URL
- try {
+ try {
+ URL bkuUrl = new URL(bkuURI);
// check if bku url starts with http or https
- if (bkuURI.startsWith("http") || bkuURI.startsWith("https")) {
- new URL(bkuURI);
-
+ if (bkuUrl.getProtocol().equals("http") || bkuUrl.getProtocol().equals("https")) {
+
// check if bkuURI is a local BKU
if (bkuURI.compareToIgnoreCase("https://localhost:3496/https-security-layer-request") == 0 ||
bkuURI.compareToIgnoreCase("http://localhost:3495/http-security-layer-request") == 0 ||
@@ -232,8 +232,8 @@ public class ParamValidatorUtils extends MOAIDAuthConstants{ bkuURI.compareToIgnoreCase("https://127.0.0.1:3496/https-security-layer-request") == 0) {
Logger.debug("Parameter bkuURI erfolgreich ueberprueft");
return true;
- }
- else {
+
+ } else {
Logger.debug("Parameter bkuURI ist keine lokale BKU. Ueberpruefe Liste der vertrauenswuerdigen BKUs.");
boolean b = allowedBKUs.contains(bkuURI);
if (b) {
@@ -246,17 +246,17 @@ public class ParamValidatorUtils extends MOAIDAuthConstants{ return false;
}
}
- }
- else if (MOAIDAuthConstants.REQ_BKU_TYPES.contains(bkuURI)) {
+
+ } else if (MOAIDAuthConstants.REQ_BKU_TYPES.contains(bkuURI)) {
Logger.debug("Parameter bkuURI from configuration is used.");
return true;
} else {
Logger.error("Fehler Ueberpruefung Parameter bkuURI. bkuURI beginnt nicht mit http or https");
return false;
+
}
-
} catch (MalformedURLException e) {
Logger.error("Fehler Ueberpruefung Parameter bkuURI", e);
return false;
@@ -268,9 +268,12 @@ public class ParamValidatorUtils extends MOAIDAuthConstants{ * Checks if the given template is valid
* @param req
* @param template
+ * @param oaSlTemplates
+ * @param useStrictValidation Enables strict validation with URLs from configuration, otherwise always allow templates from same host.
* @return
*/
- public static boolean isValidTemplate(HttpServletRequest req, String template, List<String> oaSlTemplates) {
+ public static boolean isValidTemplate(HttpServletRequest req, String template,
+ List<String> oaSlTemplates, boolean useStrictValidation) {
Logger.debug("Ueberpruefe Parameter Template bzw. bkuSelectionTemplateURL");
@@ -282,65 +285,38 @@ public class ParamValidatorUtils extends MOAIDAuthConstants{ // check if template is a valid URL
try {
-
- // check if template url starts with http or https
- if (template.startsWith("http") || template.startsWith("https")) {
-
- // check if template url is from same server
- String name = req.getServerName();
- String httpName = "http://" + name;
- String httpsName = "https://" + name;
-
- if (template.startsWith(httpName) || template.startsWith(httpsName)) {
- new URL(template);
- Logger.debug("Parameter Template bzw. bkuSelectionTemplateURL erfolgreich ueberprueft");
- return true;
- }
- else {
- //check against configured trustet template urls
- AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance();
- List<String> trustedTemplateURLs = authConf.getSLRequestTemplates();
-
- //get OA specific template URLs
- if (oaSlTemplates != null && oaSlTemplates.size() > 0) {
- for (String el : oaSlTemplates)
- if (MiscUtil.isNotEmpty(el))
- trustedTemplateURLs.add(el);
- }
-
- boolean b = trustedTemplateURLs.contains(template);
- if (b) {
- Logger.debug("Parameter Template erfolgreich ueberprueft");
- return true;
- }
- else {
- Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL. Parameter liegt nicht am gleichen Server wie die MOA-Instanz (" + req.getServerName() + ") bzw. ist nicht auf Liste der vertrauenswuerdigen Template URLs (Konfigurationselement: MOA-IDConfiguration/TrustedTemplateURLs)");
- return false;
- }
-
- }
-
- } else if (template.startsWith("file")){
- new URL(template);
- Logger.debug("Parameter Template bzw. bkuSelectionTemplateURL erfolgreich ueberprueft");
- Logger.debug("Load SL-Layer Template from local filesystem " + template);
- return true;
-
- } else {
- Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL. Paramter beginnt nicht mit http oder https.");
- return false;
- }
+ if (useStrictValidation) {
+ Logger.trace("Use strict validation of Template bzw. bkuSelectionTemplateURL");
+ return validateTemplateUrlToWhiteList(template, oaSlTemplates);
+
+ } else {
+ Logger.trace("Use lazy validation of Template bzw. bkuSelectionTemplateURL");
+ URL templateUrl = new URL(template);
+ String serverName = req.getServerName();
+
+ // check if template url starts with http or https
+ if (((templateUrl.getProtocol().startsWith("http")
+ || templateUrl.getProtocol().startsWith("https")))
+ && templateUrl.getHost().equals(serverName)) {
+ Logger.debug("Parameter Template bzw. bkuSelectionTemplateURL erfolgreich ueberprueft"
+ + " Lazy check is activ and template is on same host as MOA-ID");
+ return true;
+
+
+ } else {
+ return validateTemplateUrlToWhiteList(template, oaSlTemplates);
+
+ }
+ }
- } catch (MalformedURLException e) {
+ } catch (MalformedURLException | ConfigurationException e) {
Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL.", e);
return false;
- } catch (ConfigurationException e) {
- Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL.", e);
- return false;
- }
+
+ }
}
- /**
+ /**
* Checks if the given sessionID is valid
* @param target HTTP parameter from request
* @return
@@ -540,13 +516,44 @@ public class ParamValidatorUtils extends MOAIDAuthConstants{ } catch (WrongParametersException e) {
return false;
+
}
- if (StringUtils.isEmpty(bkuURL) && StringUtils.isEmpty(useeIDAS))
+ if (StringUtils.isEmpty(bkuURL) && StringUtils.isEmpty(useeIDAS)) {
return false;
- else
+
+ } else {
return true;
+
+ }
}
+
+ private static boolean validateTemplateUrlToWhiteList(String template, List<String> oaSlTemplates)
+ throws ConfigurationException {
+ //check against configured trustet template urls
+ AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance();
+ List<String> trustedTemplateURLs = authConf.getSLRequestTemplates();
+
+ //get OA specific template URLs
+ if (oaSlTemplates != null && oaSlTemplates.size() > 0) {
+ for (String el : oaSlTemplates)
+ if (MiscUtil.isNotEmpty(el))
+ trustedTemplateURLs.add(el);
+ }
+
+ boolean b = trustedTemplateURLs.contains(template);
+ if (b) {
+ Logger.debug("Parameter Template erfolgreich ueberprueft");
+ return true;
+
+ } else {
+ Logger.error("Fehler Ueberpruefung Parameter Template bzw. bkuSelectionTemplateURL. "
+ + "Parameter ist nicht auf Liste der vertrauenswuerdigen Template URLs "
+ + "(Konfigurationselement: MOA-IDConfiguration/TrustedTemplateURLs)");
+ return false;
+
+ }
+ }
}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java index 1ab54471c..7707f3b90 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/DummyAuthConfig.java @@ -26,6 +26,9 @@ public class DummyAuthConfig implements AuthConfiguration { private Boolean isIDLEscapingEnabled = null; + private Map<String, String> basicConfig = new HashMap<>(); + private List<String> slRequestTemplates; + @Override public String getRootConfigFileDir() { // TODO Auto-generated method stub @@ -100,7 +103,10 @@ public class DummyAuthConfig implements AuthConfiguration { } else if (UserRestrictionTask.CONFIG_PROPS_CSV_USER_SECTOR.equals(key)) { return "urn:publicid:gv.at:cdid+ZP-MH"; - } + } else if (basicConfig.containsKey(key)) { + return basicConfig.get(key); + + } return null; @@ -108,8 +114,13 @@ public class DummyAuthConfig implements AuthConfiguration { @Override public String getBasicConfiguration(String key, String defaultValue) { - // TODO Auto-generated method stub - return null; + if (basicConfig.containsKey(key)) { + return basicConfig.get(key); + + } else { + return defaultValue; + + } } @Override @@ -235,8 +246,8 @@ public class DummyAuthConfig implements AuthConfiguration { @Override public List<String> getSLRequestTemplates() throws ConfigurationException { - // TODO Auto-generated method stub - return null; + return slRequestTemplates; + } @Override @@ -428,8 +439,14 @@ public class DummyAuthConfig implements AuthConfiguration { } + if (basicConfig.containsKey(key)) { + return Boolean.parseBoolean(basicConfig.get(key)); + + } else { + return defaultValue; + + } - return false; } @Override @@ -462,8 +479,27 @@ public class DummyAuthConfig implements AuthConfiguration { @Override public Boolean getBasicConfigurationBoolean(String key) { - // TODO Auto-generated method stub + if (basicConfig.containsKey(key)) { + return Boolean.parseBoolean(basicConfig.get(key)); + + } + return null; } + public void putIntoBasicConfig(String key, String value) { + basicConfig.put(key, value); + + } + + public void removeFromBasicConfig(String key) { + basicConfig.remove(key); + + } + + public void setSlRequestTemplateUrls(List<String> templates) { + slRequestTemplates = templates; + + } + } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java new file mode 100644 index 000000000..ad9e2c90e --- /dev/null +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java @@ -0,0 +1,588 @@ +package test.at.gv.egovernment.moa.id.util; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.Principal; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Enumeration; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +import javax.servlet.AsyncContext; +import javax.servlet.DispatcherType; +import javax.servlet.RequestDispatcher; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.ServletInputStream; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import javax.servlet.http.Part; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.BlockJUnit4ClassRunner; + +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.data.DummyAuthConfig; +import at.gv.egovernment.moa.id.util.ParamValidatorUtils; + +@RunWith(BlockJUnit4ClassRunner.class) +public class ParamValidatorUtilsTest { + + private static DummyAuthConfig config; + + @BeforeClass + public static void classInitializer() { + config = new DummyAuthConfig(); + AuthConfigurationProviderFactory.setAuthConfig(config); + config.setSlRequestTemplateUrls(new ArrayList<String>()); + + } + + @Test + public void templateStrictWhitelistFirst() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "https://aaaa.com/bbbb"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertTrue("Template should be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, true)); + + } + + @Test + public void templateStrictWhitelistSecond() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "file://aaaa.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertFalse("Template should NOT be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, true)); + + } + + @Test + public void templateLazyWhitelistFirst() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "https://aaaa.com/bbbb"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertTrue("Template should be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLaczWhitelistSecond() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "file://aaaa.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertFalse("Template should NOT be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLaczWhitelistThird() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "https://aaaa.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertFalse("Template should NOT be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLaczWhitelistFour() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "http://aaaa.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertFalse("Template should NOT be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLaczWhitelistFife() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "http://junit.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertTrue("Template should be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLaczWhitelistSix() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "https://junit.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertTrue("Template should be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + @Test + public void templateLaczWhitelistSeven() { + + HttpServletRequest req = getDummyHttpRequest("junit.com"); + String template = "file://junit.com/ccc"; + List<String> oaSlTemplates = Arrays.asList( + "http://aaaa.com/bbbb", + "https://aaaa.com/bbbb", + "file://aaaa.com/bbbb"); + + Assert.assertFalse("Template should Not be valid", + ParamValidatorUtils.isValidTemplate(req, template, oaSlTemplates, false)); + + } + + private HttpServletRequest getDummyHttpRequest(final String serverName) { + return new HttpServletRequest() { + + @Override + public AsyncContext startAsync(ServletRequest servletRequest, ServletResponse servletResponse) + throws IllegalStateException { + // TODO Auto-generated method stub + return null; + } + + @Override + public AsyncContext startAsync() throws IllegalStateException { + // TODO Auto-generated method stub + return null; + } + + @Override + public void setCharacterEncoding(String env) throws UnsupportedEncodingException { + // TODO Auto-generated method stub + + } + + @Override + public void setAttribute(String name, Object o) { + // TODO Auto-generated method stub + + } + + @Override + public void removeAttribute(String name) { + // TODO Auto-generated method stub + + } + + @Override + public boolean isSecure() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isAsyncSupported() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isAsyncStarted() { + // TODO Auto-generated method stub + return false; + } + + @Override + public ServletContext getServletContext() { + // TODO Auto-generated method stub + return null; + } + + @Override + public int getServerPort() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public String getServerName() { + return serverName; + + } + + @Override + public String getScheme() { + // TODO Auto-generated method stub + return null; + } + + @Override + public RequestDispatcher getRequestDispatcher(String path) { + // TODO Auto-generated method stub + return null; + } + + @Override + public int getRemotePort() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public String getRemoteHost() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getRemoteAddr() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getRealPath(String path) { + // TODO Auto-generated method stub + return null; + } + + @Override + public BufferedReader getReader() throws IOException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getProtocol() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String[] getParameterValues(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Enumeration<String> getParameterNames() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Map<String, String[]> getParameterMap() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getParameter(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Enumeration<Locale> getLocales() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Locale getLocale() { + // TODO Auto-generated method stub + return null; + } + + @Override + public int getLocalPort() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public String getLocalName() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getLocalAddr() { + // TODO Auto-generated method stub + return null; + } + + @Override + public ServletInputStream getInputStream() throws IOException { + // TODO Auto-generated method stub + return null; + } + + @Override + public DispatcherType getDispatcherType() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getContentType() { + // TODO Auto-generated method stub + return null; + } + + @Override + public int getContentLength() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public String getCharacterEncoding() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Enumeration<String> getAttributeNames() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Object getAttribute(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public AsyncContext getAsyncContext() { + // TODO Auto-generated method stub + return null; + } + + @Override + public void logout() throws ServletException { + // TODO Auto-generated method stub + + } + + @Override + public void login(String username, String password) throws ServletException { + // TODO Auto-generated method stub + + } + + @Override + public boolean isUserInRole(String role) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isRequestedSessionIdValid() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isRequestedSessionIdFromUrl() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isRequestedSessionIdFromURL() { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean isRequestedSessionIdFromCookie() { + // TODO Auto-generated method stub + return false; + } + + @Override + public Principal getUserPrincipal() { + // TODO Auto-generated method stub + return null; + } + + @Override + public HttpSession getSession(boolean create) { + // TODO Auto-generated method stub + return null; + } + + @Override + public HttpSession getSession() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getServletPath() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getRequestedSessionId() { + // TODO Auto-generated method stub + return null; + } + + @Override + public StringBuffer getRequestURL() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getRequestURI() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getRemoteUser() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getQueryString() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getPathTranslated() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getPathInfo() { + // TODO Auto-generated method stub + return null; + } + + @Override + public Collection<Part> getParts() throws IOException, ServletException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Part getPart(String name) throws IOException, ServletException { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getMethod() { + // TODO Auto-generated method stub + return null; + } + + @Override + public int getIntHeader(String name) { + // TODO Auto-generated method stub + return 0; + } + + @Override + public Enumeration<String> getHeaders(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public Enumeration<String> getHeaderNames() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getHeader(String name) { + // TODO Auto-generated method stub + return null; + } + + @Override + public long getDateHeader(String name) { + // TODO Auto-generated method stub + return 0; + } + + @Override + public Cookie[] getCookies() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getContextPath() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getAuthType() { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean authenticate(HttpServletResponse response) throws IOException, ServletException { + // TODO Auto-generated method stub + return false; + } + }; + } +} |