Examples with FilterChain javax.servlet.FilterChain used on opensource projects

Example 31 with FilterChain

use of javax.servlet.FilterChain in project nhin-d by DirectProject.

the class BasicAuthFilter_doFilterTest method testDoFilter_existingSession.

@Test
public void testDoFilter_existingSession() throws Exception {
    final HttpSession session = mock(HttpSession.class);
    final BasicAuthFilter filter = buildFilter();
    final HttpServletRequest request = mock(HttpServletRequest.class);
    final HttpServletResponse response = mock(HttpServletResponse.class);
    final FilterChain chain = mock(FilterChain.class);
    when(request.getSession(true)).thenReturn(session);
    when(session.getAttribute("NHINDAuthPrincipalAttr")).thenReturn(new NHINDPrincipal("gm2552", "admin"));
    filter.doFilter(request, response, chain);
    verify(chain, times(1)).doFilter((HttpServletRequest) any(), eq(response));
    verify(session, never()).setAttribute(eq("NHINDAuthPrincipalAttr"), (Principal) any());
    verify(response, never()).sendError(eq(HttpServletResponse.SC_UNAUTHORIZED));
    verify(request, never()).getHeader(eq("Authorization"));
}

Example 32 with FilterChain

use of javax.servlet.FilterChain in project lucene-solr by apache.

the class DelegationTokenKerberosFilter method doFilter.

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    // HttpClient 4.4.x throws NPE if query string is null and parsed through URLEncodedUtils.
    // See HTTPCLIENT-1746 and HADOOP-12767
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    String queryString = httpRequest.getQueryString();
    final String nonNullQueryString = queryString == null ? "" : queryString;
    HttpServletRequest requestNonNullQueryString = new HttpServletRequestWrapper(httpRequest) {

        @Override
        public String getQueryString() {
            return nonNullQueryString;
        }
    };
    // include Impersonator User Name in case someone (e.g. logger) wants it
    FilterChain filterChainWrapper = new FilterChain() {

        @Override
        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
            HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
            UserGroupInformation ugi = HttpUserGroupInformation.get();
            if (ugi != null && ugi.getAuthenticationMethod() == UserGroupInformation.AuthenticationMethod.PROXY) {
                UserGroupInformation realUserUgi = ugi.getRealUser();
                if (realUserUgi != null) {
                    httpRequest.setAttribute(KerberosPlugin.IMPERSONATOR_USER_NAME, realUserUgi.getShortUserName());
                }
            }
            filterChain.doFilter(servletRequest, servletResponse);
        }
    };
    super.doFilter(requestNonNullQueryString, response, filterChainWrapper);
}

Example 33 with FilterChain

use of javax.servlet.FilterChain in project lucene-solr by apache.

the class MockAuthenticationPlugin method doAuthenticate.

@Override
public boolean doAuthenticate(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
    String user = null;
    if (predicate != null) {
        if (predicate.test(request)) {
            user = (String) request.getAttribute(Principal.class.getName());
            request.removeAttribute(Principal.class.getName());
        }
    }
    final FilterChain ffc = filterChain;
    final AtomicBoolean requestContinues = new AtomicBoolean(false);
    forward(user, request, response, new FilterChain() {

        @Override
        public void doFilter(ServletRequest req, ServletResponse res) throws IOException, ServletException {
            ffc.doFilter(req, res);
            requestContinues.set(true);
        }
    });
    return requestContinues.get();
}

Example 34 with FilterChain

use of javax.servlet.FilterChain in project sling by apache.

the class SlingRequestProcessorImpl method doProcessRequest.

/**
     * This method is directly called by the Sling main servlet.
     */
public void doProcessRequest(final HttpServletRequest servletRequest, final HttpServletResponse servletResponse, final ResourceResolver resourceResolver) throws IOException {
    // setting the Sling request and response
    final RequestData requestData = new RequestData(this, servletRequest, servletResponse);
    final SlingHttpServletRequest request = requestData.getSlingRequest();
    final SlingHttpServletResponse response = requestData.getSlingResponse();
    // record the request for the web console display
    RequestHistoryConsolePlugin.recordRequest(request);
    try {
        final ServletResolver sr = this.servletResolver;
        // check that we have all required services
        if (resourceResolver == null) {
            throw new UnavailableException("ResourceResolver");
        } else if (sr == null) {
            throw new UnavailableException("ServletResolver");
        }
        // initialize the request data - resolve resource and servlet
        Resource resource = requestData.initResource(resourceResolver);
        requestData.initServlet(resource, sr);
        FilterHandle[] filters = filterManager.getFilters(FilterChainType.REQUEST);
        if (filters != null) {
            FilterChain processor = new RequestSlingFilterChain(this, filters);
            request.getRequestProgressTracker().log("Applying " + FilterChainType.REQUEST + "filters");
            processor.doFilter(request, response);
        } else {
            // no filters, directly call resource level filters and servlet
            processComponent(request, response, FilterChainType.COMPONENT);
        }
    } catch (final SlingHttpServletResponseImpl.WriterAlreadyClosedException wace) {
        log.error("Writer has already been closed.", wace);
    } catch (ResourceNotFoundException rnfe) {
        // send this exception as a 404 status
        log.info("service: Resource {} not found", rnfe.getResource());
        handleError(HttpServletResponse.SC_NOT_FOUND, rnfe.getMessage(), request, response);
    } catch (final SlingException se) {
        // we assume, that this is the name of the causing servlet
        if (requestData.getActiveServletName() != null) {
            request.setAttribute(ERROR_SERVLET_NAME, requestData.getActiveServletName());
        }
        // send this exception as is (albeit unwrapping and wrapped
        // exception.
        Throwable t = se;
        while (t instanceof SlingException && t.getCause() != null) {
            t = t.getCause();
        }
        log.error("service: Uncaught SlingException", t);
        handleError(t, request, response);
    } catch (AccessControlException ace) {
        // SLING-319 if anything goes wrong, send 403/FORBIDDEN
        log.info("service: Authenticated user {} does not have enough rights to executed requested action", request.getRemoteUser());
        handleError(HttpServletResponse.SC_FORBIDDEN, null, request, response);
    } catch (UnavailableException ue) {
        // exception is thrown before the SlingHttpServletRequest/Response
        // is properly set up due to missing dependencies. In this case
        // we must not use the Sling error handling infrastructure but
        // just return a 503 status response handled by the servlet
        // container environment
        final int status = HttpServletResponse.SC_SERVICE_UNAVAILABLE;
        final String errorMessage = ue.getMessage() + " service missing, cannot service requests";
        log.error("{} , sending status {}", errorMessage, status);
        servletResponse.sendError(status, errorMessage);
    } catch (IOException ioe) {
        // forward IOException up the call chain to properly handle it
        throw ioe;
    } catch (Throwable t) {
        // we assume, that this is the name of the causing servlet
        if (requestData.getActiveServletName() != null) {
            request.setAttribute(ERROR_SERVLET_NAME, requestData.getActiveServletName());
        }
        log.error("service: Uncaught Throwable", t);
        handleError(t, request, response);
    } finally {
        if (mbean != null) {
            mbean.addRequestData(requestData);
        }
    }
}

Example 35 with FilterChain

use of javax.servlet.FilterChain in project sling by apache.

the class SlingRequestProcessorImpl method processComponent.

/**
     * Renders the component defined by the RequestData's current ComponentData
     * instance after calling all filters of the given
     * {@link org.apache.sling.engine.impl.filter.ServletFilterManager.FilterChainType
     * filterChainType}.
     *
     * @param request
     * @param response
     * @param filterChainType
     * @throws IOException
     * @throws ServletException
     */
public void processComponent(SlingHttpServletRequest request, SlingHttpServletResponse response, final FilterChainType filterChainType) throws IOException, ServletException {
    FilterHandle[] filters = filterManager.getFilters(filterChainType);
    if (filters != null) {
        FilterChain processor = new SlingComponentFilterChain(filters);
        request.getRequestProgressTracker().log("Applying " + filterChainType + "filters");
        processor.doFilter(request, response);
    } else {
        log.debug("service: No Resource level filters, calling servlet");
        RequestData.service(request, response);
    }
}