|
1 |
| |
|
2 |
| |
|
3 |
| |
|
4 |
| |
|
5 |
| |
|
6 |
| |
|
7 |
| |
|
8 |
| |
|
9 |
| |
|
10 |
| |
|
11 |
| |
|
12 |
| |
|
13 |
| |
|
14 |
| |
|
15 |
| |
|
16 |
| package org.acegisecurity.securechannel; |
|
17 |
| |
|
18 |
| import org.acegisecurity.ConfigAttribute; |
|
19 |
| import org.acegisecurity.ConfigAttributeDefinition; |
|
20 |
| import org.acegisecurity.intercept.web.FilterInvocation; |
|
21 |
| import org.acegisecurity.intercept.web.FilterInvocationDefinitionSource; |
|
22 |
| |
|
23 |
| import org.apache.commons.logging.Log; |
|
24 |
| import org.apache.commons.logging.LogFactory; |
|
25 |
| |
|
26 |
| import org.springframework.beans.factory.InitializingBean; |
|
27 |
| import org.springframework.util.Assert; |
|
28 |
| |
|
29 |
| import java.io.IOException; |
|
30 |
| |
|
31 |
| import java.util.HashSet; |
|
32 |
| import java.util.Iterator; |
|
33 |
| import java.util.Set; |
|
34 |
| |
|
35 |
| import javax.servlet.Filter; |
|
36 |
| import javax.servlet.FilterChain; |
|
37 |
| import javax.servlet.FilterConfig; |
|
38 |
| import javax.servlet.ServletException; |
|
39 |
| import javax.servlet.ServletRequest; |
|
40 |
| import javax.servlet.ServletResponse; |
|
41 |
| import javax.servlet.http.HttpServletRequest; |
|
42 |
| import javax.servlet.http.HttpServletResponse; |
|
43 |
| |
|
44 |
| |
|
45 |
| |
|
46 |
| |
|
47 |
| |
|
48 |
| |
|
49 |
| |
|
50 |
| |
|
51 |
| |
|
52 |
| |
|
53 |
| |
|
54 |
| |
|
55 |
| |
|
56 |
| |
|
57 |
| |
|
58 |
| |
|
59 |
| |
|
60 |
| |
|
61 |
| |
|
62 |
| |
|
63 |
| |
|
64 |
| |
|
65 |
| |
|
66 |
| |
|
67 |
| |
|
68 |
| |
|
69 |
| public class ChannelProcessingFilter implements InitializingBean, Filter { |
|
70 |
| |
|
71 |
| |
|
72 |
| private static final Log logger = LogFactory.getLog(ChannelProcessingFilter.class); |
|
73 |
| |
|
74 |
| |
|
75 |
| |
|
76 |
| private ChannelDecisionManager channelDecisionManager; |
|
77 |
| private FilterInvocationDefinitionSource filterInvocationDefinitionSource; |
|
78 |
| |
|
79 |
| |
|
80 |
| |
|
81 |
7
| public void setChannelDecisionManager(
|
|
82 |
| ChannelDecisionManager channelDecisionManager) { |
|
83 |
7
| this.channelDecisionManager = channelDecisionManager;
|
|
84 |
| } |
|
85 |
| |
|
86 |
1
| public ChannelDecisionManager getChannelDecisionManager() {
|
|
87 |
1
| return channelDecisionManager;
|
|
88 |
| } |
|
89 |
| |
|
90 |
7
| public void setFilterInvocationDefinitionSource(
|
|
91 |
| FilterInvocationDefinitionSource filterInvocationDefinitionSource) { |
|
92 |
7
| this.filterInvocationDefinitionSource = filterInvocationDefinitionSource;
|
|
93 |
| } |
|
94 |
| |
|
95 |
1
| public FilterInvocationDefinitionSource getFilterInvocationDefinitionSource() {
|
|
96 |
1
| return filterInvocationDefinitionSource;
|
|
97 |
| } |
|
98 |
| |
|
99 |
5
| public void afterPropertiesSet() throws Exception {
|
|
100 |
5
| Assert.notNull(filterInvocationDefinitionSource, "filterInvocationDefinitionSource must be specified");
|
|
101 |
4
| Assert.notNull(channelDecisionManager, "channelDecisionManager must be specified");
|
|
102 |
| |
|
103 |
3
| Iterator iter = this.filterInvocationDefinitionSource
|
|
104 |
| .getConfigAttributeDefinitions(); |
|
105 |
| |
|
106 |
3
| if (iter == null) {
|
|
107 |
1
| if (logger.isWarnEnabled()) {
|
|
108 |
1
| logger.warn("Could not validate configuration attributes as the FilterInvocationDefinitionSource did not return a ConfigAttributeDefinition Iterator");
|
|
109 |
| } |
|
110 |
| |
|
111 |
1
| return;
|
|
112 |
| } |
|
113 |
| |
|
114 |
2
| Set set = new HashSet();
|
|
115 |
| |
|
116 |
2
| while (iter.hasNext()) {
|
|
117 |
2
| ConfigAttributeDefinition def = (ConfigAttributeDefinition) iter
|
|
118 |
| .next(); |
|
119 |
2
| Iterator attributes = def.getConfigAttributes();
|
|
120 |
| |
|
121 |
2
| while (attributes.hasNext()) {
|
|
122 |
3
| ConfigAttribute attr = (ConfigAttribute) attributes.next();
|
|
123 |
| |
|
124 |
3
| if (!this.channelDecisionManager.supports(attr)) {
|
|
125 |
1
| set.add(attr);
|
|
126 |
| } |
|
127 |
| } |
|
128 |
| } |
|
129 |
| |
|
130 |
2
| if (set.size() == 0) {
|
|
131 |
1
| if (logger.isInfoEnabled()) {
|
|
132 |
0
| logger.info("Validated configuration attributes");
|
|
133 |
| } |
|
134 |
| } else { |
|
135 |
1
| throw new IllegalArgumentException("Unsupported configuration attributes: " + set.toString());
|
|
136 |
| } |
|
137 |
| } |
|
138 |
| |
|
139 |
1
| public void destroy() {}
|
|
140 |
| |
|
141 |
5
| public void doFilter(ServletRequest request, ServletResponse response,
|
|
142 |
| FilterChain chain) throws IOException, ServletException { |
|
143 |
5
| if (!(request instanceof HttpServletRequest)) {
|
|
144 |
1
| throw new ServletException("HttpServletRequest required");
|
|
145 |
| } |
|
146 |
| |
|
147 |
4
| if (!(response instanceof HttpServletResponse)) {
|
|
148 |
1
| throw new ServletException("HttpServletResponse required");
|
|
149 |
| } |
|
150 |
| |
|
151 |
3
| FilterInvocation fi = new FilterInvocation(request, response, chain);
|
|
152 |
3
| ConfigAttributeDefinition attr = this.filterInvocationDefinitionSource
|
|
153 |
| .getAttributes(fi); |
|
154 |
| |
|
155 |
3
| if (attr != null) {
|
|
156 |
2
| if (logger.isDebugEnabled()) {
|
|
157 |
0
| logger.debug("Request: " + fi.getFullRequestUrl()
|
|
158 |
| + "; ConfigAttributes: " + attr.toString()); |
|
159 |
| } |
|
160 |
| |
|
161 |
2
| channelDecisionManager.decide(fi, attr);
|
|
162 |
| |
|
163 |
2
| if (fi.getResponse().isCommitted()) {
|
|
164 |
1
| return;
|
|
165 |
| } |
|
166 |
| } |
|
167 |
| |
|
168 |
2
| chain.doFilter(request, response);
|
|
169 |
| } |
|
170 |
| |
|
171 |
1
| public void init(FilterConfig filterConfig) throws ServletException {}
|
|
172 |
| } |
