Skip to content

Antti Väyrynen / Moya

Go to a project
Commit ba11997f by Tuomas Riihimäki
Options

Allow disabling of rest auth for specific url:s

1 parent 28c01812
Inline Side-by-side
Showing with 15 additions and 10 deletions
code/moya-web/src/main/java/fi/codecrew/moya/HostnameFilter.java
...@@ -124,6 +124,12 @@ public class HostnameFilter implements Filter { ...@@ -124,6 +124,12 @@ public class HostnameFilter implements Filter {
/** /**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain) * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/ */
private static final String[] NOAUTH_RESTPATHS = new String[] {
"/reader/EventRole/",
};
@Override @Override
public void doFilter(ServletRequest request, ServletResponse response, public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException { FilterChain chain) throws IOException, ServletException {
...@@ -138,6 +144,7 @@ public class HostnameFilter implements Filter { ...@@ -138,6 +144,7 @@ public class HostnameFilter implements Filter {
// Check if we are logging in with rest // Check if we are logging in with rest
if (RestApplicationEntrypoint.REST_PATH.equals(httpRequest.getServletPath())) { if (RestApplicationEntrypoint.REST_PATH.equals(httpRequest.getServletPath())) {
authtype = AuthType.REST; authtype = AuthType.REST;
if (!restAuth(httpRequest, response)) { if (!restAuth(httpRequest, response)) {
response.reset(); response.reset();
response.getOutputStream().write("Rest auth failed! ".getBytes(UTF8)); response.getOutputStream().write("Rest auth failed! ".getBytes(UTF8));
...@@ -190,6 +197,13 @@ public class HostnameFilter implements Filter { ...@@ -190,6 +197,13 @@ public class HostnameFilter implements Filter {
private boolean restAuth(HttpServletRequest httpRequest, ServletResponse response) { private boolean restAuth(HttpServletRequest httpRequest, ServletResponse response) {
String sp = httpRequest.getPathInfo();
for (String s : NOAUTH_RESTPATHS) {
if (sp.startsWith(s)) {
return true;
}
}
StringBuilder hashBuilder = new StringBuilder(); StringBuilder hashBuilder = new StringBuilder();
hashBuilder.append("rest:"); hashBuilder.append("rest:");
hashBuilder.append(httpRequest.getParameter("appkey")).append(":"); hashBuilder.append(httpRequest.getParameter("appkey")).append(":");
...@@ -213,16 +227,7 @@ public class HostnameFilter implements Filter { ...@@ -213,16 +227,7 @@ public class HostnameFilter implements Filter {
return ret; return ret;
} }
protected void parseHostname(HttpServletRequest httpRequest) protected void parseHostname(HttpServletRequest httpRequest) {
{
// logger.info("Path info {}", httpRequest.getPathInfo()); // null
// logger.info("querystring {}", httpRequest.getQueryString()); // ln=primefaces&v=4.0
// logger.info("ctxpath {}", httpRequest.getContextPath()); // /MoyaWeb
// logger.info("pathTranslated {}", httpRequest.getPathTranslated()); // null
// logger.info("requestUri {}", httpRequest.getRequestURI()); // /MoyaWeb/javax.faces.resource/jquery/jquery.js.jsf
// logger.info("URL {}", httpRequest.getRequestURL().toString()); // http://localhost:8080/MoyaWeb/javax.faces.resource/jquery/jquery.js.jsf
// logger.info("servletpath {}", httpRequest.getServletPath()); // /javax.faces.resource/jquery/jquery.js.jsf
// logger.info("servletCtx {}", httpRequest.getServletContext()); // org.apache.catalina.core.ApplicationContextFacade@6dd89c3d
StringBuffer url = httpRequest.getRequestURL(); StringBuffer url = httpRequest.getRequestURL();
// logger.info("Original hostname {}", url); // logger.info("Original hostname {}", url);
// Subject subj = Subject.getSubject(AccessController.getContext()); // Subject subj = Subject.getSubject(AccessController.getContext());
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!