Allow disabling of rest auth for specific url:s

Tuomas Riihimäki
Commit ba11997f authored Dec 26, 2014 by Tuomas Riihimäki
Showing with 15 additions and 10 deletions
code/moya-web/src/main/java/fi/codecrew/moya/HostnameFilter.java
--- a/code/moya-web/src/main/java/fi/codecrew/moya/HostnameFilter.java
+++ b/code/moya-web/src/main/java/fi/codecrew/moya/HostnameFilter.java
@@ -124,6 +124,12 @@ public class HostnameFilter implements Filter {
 	/**
 	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
 	 */
+
+	private static final String[] NOAUTH_RESTPATHS = new String[] {
+			"/reader/EventRole/",
+
+	};
+
 	@Override
 	public void doFilter(ServletRequest request, ServletResponse response,
 			FilterChain chain) throws IOException, ServletException {
@@ -138,6 +144,7 @@ public class HostnameFilter implements Filter {
 				// Check if we are logging in with rest
 				if (RestApplicationEntrypoint.REST_PATH.equals(httpRequest.getServletPath())) {
 					authtype = AuthType.REST;
+
 					if (!restAuth(httpRequest, response)) {
 						response.reset();
 						response.getOutputStream().write("Rest auth failed! ".getBytes(UTF8));
@@ -190,6 +197,13 @@ public class HostnameFilter implements Filter {

 	private boolean restAuth(HttpServletRequest httpRequest, ServletResponse response) {

+		String sp = httpRequest.getPathInfo();
+		for (String s : NOAUTH_RESTPATHS) {
+			if (sp.startsWith(s)) {
+				return true;
+			}
+		}
+
 		StringBuilder hashBuilder = new StringBuilder();
 		hashBuilder.append("rest:");
 		hashBuilder.append(httpRequest.getParameter("appkey")).append(":");
@@ -213,16 +227,7 @@ public class HostnameFilter implements Filter {
 		return ret;
 	}

-	protected void parseHostname(HttpServletRequest httpRequest)
-	{
-		//		logger.info("Path info {}", httpRequest.getPathInfo()); // null
-		//		logger.info("querystring {}", httpRequest.getQueryString()); // ln=primefaces&amp;v=4.0
-		//		logger.info("ctxpath {}", httpRequest.getContextPath()); // /MoyaWeb
-		//		logger.info("pathTranslated {}", httpRequest.getPathTranslated()); // null
-		//		logger.info("requestUri {}", httpRequest.getRequestURI()); //  /MoyaWeb/javax.faces.resource/jquery/jquery.js.jsf
-		//		logger.info("URL {}", httpRequest.getRequestURL().toString()); // http://localhost:8080/MoyaWeb/javax.faces.resource/jquery/jquery.js.jsf
-		//		logger.info("servletpath {}", httpRequest.getServletPath()); // /javax.faces.resource/jquery/jquery.js.jsf
-		//		logger.info("servletCtx {}", httpRequest.getServletContext()); // org.apache.catalina.core.ApplicationContextFacade@6dd89c3d
+	protected void parseHostname(HttpServletRequest httpRequest) {
 		StringBuffer url = httpRequest.getRequestURL();
 		// logger.info("Original hostname {}", url);
 		// Subject subj = Subject.getSubject(AccessController.getContext());