use of org.apache.ranger.common.RequestContext in project ranger by apache.
the class RangerSecurityContextFormationFilter method doFilter.
/*
* (non-Javadoc)
*
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
* javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
try {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (!(auth instanceof AnonymousAuthenticationToken)) {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpSession httpSession = httpRequest.getSession(false);
// [1]get the context from session
RangerSecurityContext context = null;
if (httpSession != null) {
context = (RangerSecurityContext) httpSession.getAttribute(AKA_SC_SESSION_KEY);
}
int clientTimeOffset = 0;
if (context == null) {
context = new RangerSecurityContext();
httpSession.setAttribute(AKA_SC_SESSION_KEY, context);
}
String userAgent = httpRequest.getHeader(USER_AGENT);
clientTimeOffset = RestUtil.getTimeOffset(httpRequest);
// Get the request specific info
RequestContext requestContext = new RequestContext();
String reqIP = testIP;
if (testIP == null) {
reqIP = httpRequest.getRemoteAddr();
}
requestContext.setIpAddress(reqIP);
requestContext.setUserAgent(userAgent);
requestContext.setDeviceType(httpUtil.getDeviceType(httpRequest));
requestContext.setServerRequestId(guidUtil.genGUID());
requestContext.setRequestURL(httpRequest.getRequestURI());
requestContext.setClientTimeOffsetInMinute(clientTimeOffset);
context.setRequestContext(requestContext);
RangerContextHolder.setSecurityContext(context);
UserSessionBase userSession = sessionMgr.processSuccessLogin(XXAuthSession.AUTH_TYPE_PASSWORD, userAgent, httpRequest);
if (userSession != null) {
Object ssoEnabledObj = request.getAttribute("ssoEnabled");
Boolean ssoEnabled = ssoEnabledObj != null ? Boolean.valueOf(String.valueOf(ssoEnabledObj)) : PropertiesUtil.getBooleanProperty("ranger.sso.enabled", false);
userSession.setSSOEnabled(ssoEnabled);
if (userSession.getClientTimeOffsetInMinute() == 0) {
userSession.setClientTimeOffsetInMinute(clientTimeOffset);
}
}
context.setUserSession(userSession);
}
HttpServletResponse res = (HttpServletResponse) response;
res.setHeader("X-Frame-Options", "DENY");
res.setHeader("X-Content-Type-Options", "nosniff");
res.setHeader("X-XSS-Protection", "1; mode=block");
res.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
chain.doFilter(request, res);
} finally {
// [4]remove context from thread-local
RangerContextHolder.resetSecurityContext();
}
}
Aggregations