Example 1 with Filter
use of jakarta.servlet.Filter in project spring-security by spring-projects.
the class WebSecurity method getRequestMatcherPrivilegeEvaluatorsEntry.
private RequestMatcherEntry<List<WebInvocationPrivilegeEvaluator>> getRequestMatcherPrivilegeEvaluatorsEntry(SecurityFilterChain securityFilterChain) {
List<WebInvocationPrivilegeEvaluator> privilegeEvaluators = new ArrayList<>();
for (Filter filter : securityFilterChain.getFilters()) {
if (filter instanceof FilterSecurityInterceptor) {
DefaultWebInvocationPrivilegeEvaluator defaultWebInvocationPrivilegeEvaluator = new DefaultWebInvocationPrivilegeEvaluator((FilterSecurityInterceptor) filter);
defaultWebInvocationPrivilegeEvaluator.setServletContext(this.servletContext);
privilegeEvaluators.add(defaultWebInvocationPrivilegeEvaluator);
continue;
}
if (filter instanceof AuthorizationFilter) {
AuthorizationManager<HttpServletRequest> authorizationManager = ((AuthorizationFilter) filter).getAuthorizationManager();
privilegeEvaluators.add(new AuthorizationManagerWebInvocationPrivilegeEvaluator(authorizationManager));
}
}
return new RequestMatcherEntry<>(securityFilterChain::matches, privilegeEvaluators);
}
Also used :
DefaultWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator)
HttpServletRequest(jakarta.servlet.http.HttpServletRequest)
WebInvocationPrivilegeEvaluator(org.springframework.security.web.access.WebInvocationPrivilegeEvaluator)
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.RequestMatcherDelegatingWebInvocationPrivilegeEvaluator)
AuthorizationManagerWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator)
DefaultWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.DefaultWebInvocationPrivilegeEvaluator)
AuthorizationFilter(org.springframework.security.web.access.intercept.AuthorizationFilter)
Filter(jakarta.servlet.Filter)
DebugFilter(org.springframework.security.web.debug.DebugFilter)
AuthorizationFilter(org.springframework.security.web.access.intercept.AuthorizationFilter)
FilterSecurityInterceptor(org.springframework.security.web.access.intercept.FilterSecurityInterceptor)
ArrayList(java.util.ArrayList)
RequestMatcherEntry(org.springframework.security.web.util.matcher.RequestMatcherEntry)
AuthorizationManagerWebInvocationPrivilegeEvaluator(org.springframework.security.web.access.AuthorizationManagerWebInvocationPrivilegeEvaluator)
Example 2 with Filter
use of jakarta.servlet.Filter in project atmosphere by Atmosphere.
the class MeteorServlet method init.
@Override
public void init(final ServletConfig sc) throws ServletException {
if (!framework().isInit) {
super.init(sc);
if (delegate == null) {
loadDelegateViaConfig(sc);
} else {
ReflectorServletProcessor r = new ReflectorServletProcessor(delegate);
for (Filter f : filters) {
r.addFilter(f);
}
framework().getBroadcasterFactory().remove(delegateMapping);
framework().addAtmosphereHandler(delegateMapping, r);
framework().checkWebSocketSupportState();
}
}
}
Also used :
Filter(jakarta.servlet.Filter)
ReflectorServletProcessor(org.atmosphere.handler.ReflectorServletProcessor)
Example 3 with Filter
use of jakarta.servlet.Filter in project atmosphere by Atmosphere.
the class ReflectorServletProcessor method loadFilterInstances.
private void loadFilterInstances(ServletConfig sc) {
for (Filter f : filters) {
FilterConfigImpl fc = new FilterConfigImpl(sc);
fc.setFilter(f);
fc.setFilterName(f.getClass().getSimpleName());
filterChain.addFilter(fc);
logger.info("Installing Filter {}", f.getClass().getSimpleName());
}
}
Also used :
FilterConfigImpl(org.atmosphere.util.FilterConfigImpl)
Filter(jakarta.servlet.Filter)
Example 4 with Filter
use of jakarta.servlet.Filter in project atmosphere by Atmosphere.
the class AtmosphereFilterChain method doFilter.
/**
* Invoke the next filter in this chain, passing the specified request
* and response. If there are no more filters in this chain, invoke
* the <code>service()</code> method of the servlet itself.
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
* @throws IOException if an input/output error occurs
* @throws ServletException if a servlet exception occurs
*/
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
// Call the next filter if there is one
AtomicInteger pos = ((AtomicInteger) request.getAttribute("pos"));
if (pos.get() < n) {
FilterConfigImpl filterConfig = filters[pos.getAndIncrement()];
Filter filter = null;
try {
filter = filterConfig.getFilter();
filter.doFilter(request, response, this);
} catch (IOException e) {
throw e;
} catch (ServletException e) {
throw e;
} catch (RuntimeException e) {
throw e;
} catch (Throwable e) {
throw new ServletException("Throwable", e);
}
return;
}
try {
if (servlet != null) {
servlet.service(request, response);
} else {
RequestDispatcher rd = configImpl.getServletContext().getNamedDispatcher("default");
if (rd == null) {
throw new ServletException("No Servlet Found");
}
rd.forward(request, response);
}
} catch (IOException e) {
throw e;
} catch (ServletException e) {
throw e;
} catch (RuntimeException e) {
throw e;
} catch (Throwable e) {
throw new ServletException("Throwable", e);
}
}
Also used :
ServletException(jakarta.servlet.ServletException)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
Filter(jakarta.servlet.Filter)
IOException(java.io.IOException)
RequestDispatcher(jakarta.servlet.RequestDispatcher)
Example 5 with Filter
use of jakarta.servlet.Filter in project spring-security by spring-projects.
the class HttpInterceptUrlTests method loadConfig.
private void loadConfig(String... configLocations) {
for (int i = 0; i < configLocations.length; i++) {
configLocations[i] = getClass().getName().replaceAll("\\.", "/") + "-" + configLocations[i];
}
XmlWebApplicationContext context = new XmlWebApplicationContext();
context.setConfigLocations(configLocations);
context.setServletContext(new MockServletContext());
context.refresh();
this.context = context;
context.getAutowireCapableBeanFactory().autowireBean(this);
Filter springSecurityFilterChain = context.getBean("springSecurityFilterChain", Filter.class);
this.mockMvc = MockMvcBuilders.standaloneSetup(new FooController()).addFilters(springSecurityFilterChain).build();
}
Also used :
XmlWebApplicationContext(org.springframework.web.context.support.XmlWebApplicationContext)
Filter(jakarta.servlet.Filter)
MockServletContext(org.springframework.mock.web.MockServletContext)
Aggregations
Filter (jakarta.servlet.Filter)37
Test (org.junit.jupiter.api.Test)9
ServletContext (jakarta.servlet.ServletContext)8
FilterRegistration (jakarta.servlet.FilterRegistration)6
ServletException (jakarta.servlet.ServletException)5
IOException (java.io.IOException)5
FilterChainProxy (org.springframework.security.web.FilterChainProxy)5
DelegatingFilterProxy (org.springframework.web.filter.DelegatingFilterProxy)5
FilterSecurityInterceptor (org.springframework.security.web.access.intercept.FilterSecurityInterceptor)4
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)3
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)3
ArrayList (java.util.ArrayList)3
SecurityContextPersistenceFilter (org.springframework.security.web.context.SecurityContextPersistenceFilter)3
CsrfFilter (org.springframework.security.web.csrf.CsrfFilter)3
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2
FilterConfigImpl (org.atmosphere.util.FilterConfigImpl)2
AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)2
DefaultSecurityFilterChain (org.springframework.security.web.DefaultSecurityFilterChain)2
SecurityFilterChain (org.springframework.security.web.SecurityFilterChain)2
UsernamePasswordAuthenticationFilter (org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter)2
