Example 41 with FilterConfig
use of javax.servlet.FilterConfig in project gerrit by GerritCodeReview.
the class AllRequestFilterFilterProxyTest method postponedLoading.
@Test
public void postponedLoading() throws Exception {
EasyMockSupport ems = new EasyMockSupport();
FilterConfig config = ems.createMock(FilterConfig.class);
HttpServletRequest req1 = new FakeHttpServletRequest();
HttpServletRequest req2 = new FakeHttpServletRequest();
HttpServletResponse res1 = new FakeHttpServletResponse();
HttpServletResponse res2 = new FakeHttpServletResponse();
IMocksControl mockControl = ems.createStrictControl();
FilterChain chain = mockControl.createMock("chain", FilterChain.class);
Capture<FilterChain> capturedChainA1 = new Capture<>();
Capture<FilterChain> capturedChainA2 = new Capture<>();
Capture<FilterChain> capturedChainB = new Capture<>();
AllRequestFilter filterA = mockControl.createMock("filterA", AllRequestFilter.class);
AllRequestFilter filterB = mockControl.createMock("filterB", AllRequestFilter.class);
filterA.init(config);
filterA.doFilter(eq(req1), eq(res1), capture(capturedChainA1));
chain.doFilter(req1, res1);
filterA.doFilter(eq(req2), eq(res2), capture(capturedChainA2));
// <-- This is crucial part. filterB got loaded
filterB.init(config);
// after filterProxy's init finished. Nonetheless filterB gets initialized.
filterB.doFilter(eq(req2), eq(res2), capture(capturedChainB));
chain.doFilter(req2, res2);
filterA.destroy();
filterB.destroy();
ems.replayAll();
AllRequestFilter.FilterProxy filterProxy = getFilterProxy();
addFilter(filterA);
filterProxy.init(config);
filterProxy.doFilter(req1, res1, chain);
capturedChainA1.getValue().doFilter(req1, res1);
// <-- Adds filter after filterProxy's init got called.
addFilter(filterB);
filterProxy.doFilter(req2, res2, chain);
capturedChainA2.getValue().doFilter(req2, res2);
capturedChainB.getValue().doFilter(req2, res2);
filterProxy.destroy();
ems.verifyAll();
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
FakeHttpServletRequest(com.google.gerrit.util.http.testutil.FakeHttpServletRequest)
IMocksControl(org.easymock.IMocksControl)
EasyMockSupport(org.easymock.EasyMockSupport)
FakeHttpServletRequest(com.google.gerrit.util.http.testutil.FakeHttpServletRequest)
FakeHttpServletResponse(com.google.gerrit.util.http.testutil.FakeHttpServletResponse)
FilterChain(javax.servlet.FilterChain)
FakeHttpServletResponse(com.google.gerrit.util.http.testutil.FakeHttpServletResponse)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
FilterConfig(javax.servlet.FilterConfig)
Capture(org.easymock.Capture)
Test(org.junit.Test)
Example 42 with FilterConfig
use of javax.servlet.FilterConfig in project lucene-solr by apache.
the class HadoopAuthPlugin method getInitFilterConfig.
@SuppressWarnings("unchecked")
protected FilterConfig getInitFilterConfig(Map<String, Object> pluginConfig) {
Map<String, String> params = new HashMap<>();
String type = (String) Objects.requireNonNull(pluginConfig.get(HADOOP_AUTH_TYPE));
params.put(HADOOP_AUTH_TYPE, type);
String sysPropPrefix = (String) pluginConfig.getOrDefault(SYSPROP_PREFIX_PROPERTY, "solr.");
Collection<String> authConfigNames = (Collection<String>) pluginConfig.getOrDefault(AUTH_CONFIG_NAMES_PROPERTY, Collections.emptyList());
Map<String, String> authConfigDefaults = (Map<String, String>) pluginConfig.getOrDefault(DEFAULT_AUTH_CONFIGS_PROPERTY, Collections.emptyMap());
Map<String, String> proxyUserConfigs = (Map<String, String>) pluginConfig.getOrDefault(PROXY_USER_CONFIGS, Collections.emptyMap());
for (String configName : authConfigNames) {
String systemProperty = sysPropPrefix + configName;
String defaultConfigVal = authConfigDefaults.get(configName);
String configVal = System.getProperty(systemProperty, defaultConfigVal);
if (configVal != null) {
params.put(configName, configVal);
}
}
// Configure proxy user settings.
params.putAll(proxyUserConfigs);
final ServletContext servletContext = new AttributeOnlyServletContext();
log.info("Params: " + params);
ZkController controller = coreContainer.getZkController();
if (controller != null) {
servletContext.setAttribute(DELEGATION_TOKEN_ZK_CLIENT, controller.getZkClient());
}
FilterConfig conf = new FilterConfig() {
@Override
public ServletContext getServletContext() {
return servletContext;
}
@Override
public Enumeration<String> getInitParameterNames() {
return new IteratorEnumeration(params.keySet().iterator());
}
@Override
public String getInitParameter(String param) {
return params.get(param);
}
@Override
public String getFilterName() {
return "HadoopAuthFilter";
}
};
return conf;
}
Also used :
HashMap(java.util.HashMap)
IteratorEnumeration(org.apache.commons.collections.iterators.IteratorEnumeration)
ZkController(org.apache.solr.cloud.ZkController)
Collection(java.util.Collection)
ServletContext(javax.servlet.ServletContext)
FilterConfig(javax.servlet.FilterConfig)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 43 with FilterConfig
use of javax.servlet.FilterConfig in project lucene-solr by apache.
the class HadoopAuthPlugin method init.
@Override
public void init(Map<String, Object> pluginConfig) {
try {
String delegationTokenEnabled = (String) pluginConfig.getOrDefault(DELEGATION_TOKEN_ENABLED_PROPERTY, "false");
authFilter = (Boolean.parseBoolean(delegationTokenEnabled)) ? new HadoopAuthFilter() : new AuthenticationFilter();
// Initialize kerberos before initializing curator instance.
boolean initKerberosZk = Boolean.parseBoolean((String) pluginConfig.getOrDefault(INIT_KERBEROS_ZK, "false"));
if (initKerberosZk) {
(new Krb5HttpClientBuilder()).getBuilder();
}
FilterConfig conf = getInitFilterConfig(pluginConfig);
authFilter.init(conf);
} catch (ServletException e) {
throw new SolrException(ErrorCode.SERVER_ERROR, "Error initializing " + getClass().getName() + ": " + e);
}
}
Also used :
ServletException(javax.servlet.ServletException)
AuthenticationFilter(org.apache.hadoop.security.authentication.server.AuthenticationFilter)
FilterConfig(javax.servlet.FilterConfig)
SolrException(org.apache.solr.common.SolrException)
Krb5HttpClientBuilder(org.apache.solr.client.solrj.impl.Krb5HttpClientBuilder)
Example 44 with FilterConfig
use of javax.servlet.FilterConfig in project lucene-solr by apache.
the class KerberosPlugin method getInitFilterConfig.
@VisibleForTesting
protected FilterConfig getInitFilterConfig(Map<String, Object> pluginConfig, boolean skipKerberosChecking) {
Map<String, String> params = new HashMap();
params.put("type", "kerberos");
putParam(params, "kerberos.name.rules", NAME_RULES_PARAM, "DEFAULT");
putParam(params, "token.valid", TOKEN_VALID_PARAM, "30");
putParam(params, "cookie.path", COOKIE_PATH_PARAM, "/");
if (!skipKerberosChecking) {
putParam(params, "kerberos.principal", PRINCIPAL_PARAM, null);
putParam(params, "kerberos.keytab", KEYTAB_PARAM, null);
} else {
putParamOptional(params, "kerberos.principal", PRINCIPAL_PARAM);
putParamOptional(params, "kerberos.keytab", KEYTAB_PARAM);
}
String delegationTokenStr = System.getProperty(DELEGATION_TOKEN_ENABLED, null);
boolean delegationTokenEnabled = (delegationTokenStr == null) ? false : Boolean.parseBoolean(delegationTokenStr);
ZkController controller = coreContainer.getZkController();
if (delegationTokenEnabled) {
putParam(params, "delegation-token.token-kind", DELEGATION_TOKEN_KIND, DELEGATION_TOKEN_TYPE_DEFAULT);
if (coreContainer.isZooKeeperAware()) {
putParam(params, "signer.secret.provider", DELEGATION_TOKEN_SECRET_PROVIDER, "zookeeper");
if ("zookeeper".equals(params.get("signer.secret.provider"))) {
String zkHost = controller.getZkServerAddress();
putParam(params, "token.validity", DELEGATION_TOKEN_VALIDITY, "36000");
params.put("zk-dt-secret-manager.enable", "true");
String chrootPath = zkHost.contains("/") ? zkHost.substring(zkHost.indexOf("/")) : "";
String znodeWorkingPath = chrootPath + SecurityAwareZkACLProvider.SECURITY_ZNODE_PATH + "/zkdtsm";
// Note - Curator complains if the znodeWorkingPath starts with /
znodeWorkingPath = znodeWorkingPath.startsWith("/") ? znodeWorkingPath.substring(1) : znodeWorkingPath;
putParam(params, "zk-dt-secret-manager.znodeWorkingPath", DELEGATION_TOKEN_SECRET_MANAGER_ZNODE_WORKING_PATH, znodeWorkingPath);
putParam(params, "signer.secret.provider.zookeeper.path", DELEGATION_TOKEN_SECRET_PROVIDER_ZK_PATH, "/token");
// ensure krb5 is setup properly before running curator
getHttpClientBuilder(SolrHttpClientBuilder.create());
}
} else {
log.info("CoreContainer is not ZooKeeperAware, not setting ZK-related delegation token properties");
}
}
// Special handling for the "cookie.domain" based on whether port should be
// appended to the domain. Useful for situations where multiple solr nodes are
// on the same host.
String usePortStr = System.getProperty(COOKIE_PORT_AWARE_PARAM, null);
boolean needPortAwareCookies = (usePortStr == null) ? false : Boolean.parseBoolean(usePortStr);
if (!needPortAwareCookies || !coreContainer.isZooKeeperAware()) {
putParam(params, "cookie.domain", COOKIE_DOMAIN_PARAM, null);
} else {
// we need port aware cookies and we are in SolrCloud mode.
String host = System.getProperty(COOKIE_DOMAIN_PARAM, null);
if (host == null) {
throw new SolrException(ErrorCode.SERVER_ERROR, "Missing required parameter '" + COOKIE_DOMAIN_PARAM + "'.");
}
int port = controller.getHostPort();
params.put("cookie.domain", host + ":" + port);
}
// check impersonator config
for (Enumeration e = System.getProperties().propertyNames(); e.hasMoreElements(); ) {
String key = e.nextElement().toString();
if (key.startsWith(IMPERSONATOR_PREFIX)) {
if (!delegationTokenEnabled) {
throw new SolrException(ErrorCode.SERVER_ERROR, "Impersonator configuration requires delegation tokens to be enabled: " + key);
}
params.put(key, System.getProperty(key));
}
}
final ServletContext servletContext = new AttributeOnlyServletContext();
if (controller != null) {
servletContext.setAttribute(DELEGATION_TOKEN_ZK_CLIENT, controller.getZkClient());
}
if (delegationTokenEnabled) {
kerberosFilter = new DelegationTokenKerberosFilter();
// pass an attribute-enabled context in order to pass the zkClient
// and because the filter may pass a curator instance.
} else {
kerberosFilter = new KerberosFilter();
}
log.info("Params: " + params);
FilterConfig conf = new FilterConfig() {
@Override
public ServletContext getServletContext() {
return servletContext;
}
@Override
public Enumeration<String> getInitParameterNames() {
return new IteratorEnumeration(params.keySet().iterator());
}
@Override
public String getInitParameter(String param) {
return params.get(param);
}
@Override
public String getFilterName() {
return "KerberosFilter";
}
};
return conf;
}
Also used :
Enumeration(java.util.Enumeration)
IteratorEnumeration(org.apache.commons.collections.iterators.IteratorEnumeration)
HashMap(java.util.HashMap)
IteratorEnumeration(org.apache.commons.collections.iterators.IteratorEnumeration)
ZkController(org.apache.solr.cloud.ZkController)
ServletContext(javax.servlet.ServletContext)
FilterConfig(javax.servlet.FilterConfig)
SolrException(org.apache.solr.common.SolrException)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Example 45 with FilterConfig
use of javax.servlet.FilterConfig in project simba-os by cegeka.
the class SystemConfigurationTest method getSimbaServiceURLReturnsNullWithNullFilterConfig.
@Test
public void getSimbaServiceURLReturnsNullWithNullFilterConfig() {
final FilterConfig filterConfig = null;
final String actual = SystemConfiguration.getSimbaServiceURL(filterConfig);
assertNull(actual);
}
Also used :
FilterConfig(javax.servlet.FilterConfig)
Test(org.junit.Test)
Aggregations
FilterConfig (javax.servlet.FilterConfig)118
Test (org.junit.Test)70
HttpServletRequest (javax.servlet.http.HttpServletRequest)64
FilterChain (javax.servlet.FilterChain)63
HttpServletResponse (javax.servlet.http.HttpServletResponse)50
ServletContext (javax.servlet.ServletContext)28
HashMap (java.util.HashMap)21
ServletException (javax.servlet.ServletException)21
Vector (java.util.Vector)17
Properties (java.util.Properties)15
Filter (javax.servlet.Filter)14
ServletResponse (javax.servlet.ServletResponse)14
ServletRequest (javax.servlet.ServletRequest)12
IOException (java.io.IOException)10
SignerSecretProvider (org.apache.hadoop.security.authentication.util.SignerSecretProvider)10
HttpCookie (java.net.HttpCookie)9
Cookie (javax.servlet.http.Cookie)9
Signer (org.apache.hadoop.security.authentication.util.Signer)9
Enumeration (java.util.Enumeration)8
CrossOriginFilter (org.apache.hadoop.security.http.CrossOriginFilter)8
