Example 6 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class SecurityFilterChainTest method createMockSecurityFilter.
private SecurityFilter createMockSecurityFilter(final String name) throws IOException, AuthenticationException {
SecurityFilter mockFilter = mock(SecurityFilter.class);
Mockito.when(mockFilter.toString()).thenReturn(name);
Mockito.doAnswer(invocation -> {
Object[] args = invocation.getArguments();
LOGGER.debug("{} was called.", name);
((org.codice.ddf.platform.filter.SecurityFilterChain) args[2]).doFilter(((ServletRequest) args[0]), ((ServletResponse) args[1]));
return null;
}).when(mockFilter).doFilter(any(ServletRequest.class), any(ServletResponse.class), any(org.codice.ddf.platform.filter.SecurityFilterChain.class));
return mockFilter;
}
Also used :
ServletRequest(javax.servlet.ServletRequest)
ServletResponse(javax.servlet.ServletResponse)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Example 7 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class SecurityFilterChainTest method testAddFilterAfterDo.
/**
* Tests that an exception is thrown if a new filter is attempted to be added after the filter has
* been run.
*
* @throws IOException
* @throws ServletException
*/
@Test(expected = IllegalStateException.class)
public void testAddFilterAfterDo() throws IOException, AuthenticationException {
SecurityFilterChain proxyChain = new SecurityFilterChain();
SecurityFilter filter1 = mock(SecurityFilter.class);
proxyChain.doFilter(mock(ServletRequest.class), mock(ServletResponse.class));
proxyChain.addSecurityFilter(filter1);
}
Also used :
ServletRequest(javax.servlet.ServletRequest)
ServletResponse(javax.servlet.ServletResponse)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Test(org.junit.Test)
Example 8 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class SecurityFilterChainTest method testDoFilter.
/**
* Tests that all of the filters are properly called.
*
* @throws ServletException
* @throws IOException
*/
@Test
public void testDoFilter() throws IOException, ServletException, AuthenticationException {
SecurityFilterChain proxyChain = new SecurityFilterChain();
SecurityFilter filter1 = createMockSecurityFilter("filter1");
SecurityFilter filter2 = createMockSecurityFilter("filter2");
SecurityFilter filter3 = createMockSecurityFilter("filter3");
ServletRequest request = mock(ServletRequest.class);
ServletResponse response = mock(ServletResponse.class);
proxyChain.addSecurityFilter(filter1);
proxyChain.addSecurityFilter(filter2);
proxyChain.addSecurityFilter(filter3);
proxyChain.doFilter(request, response);
// Verify that all of the filters were called once.
verify(filter1).doFilter(request, response, proxyChain);
verify(filter2).doFilter(request, response, proxyChain);
verify(filter3).doFilter(request, response, proxyChain);
}
Also used :
ServletRequest(javax.servlet.ServletRequest)
ServletResponse(javax.servlet.ServletResponse)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Test(org.junit.Test)
Example 9 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class JettyAuthenticator method validateRequest.
@Override
public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean mandatory) throws ServerAuthException {
TreeSet<ServiceReference<SecurityFilter>> sortedSecurityFilterServiceReferences = null;
final BundleContext bundleContext = getContext();
if (bundleContext == null) {
throw new ServerAuthException("Unable to get BundleContext. No servlet SecurityFilters can be applied. Blocking the request processing.");
}
try {
sortedSecurityFilterServiceReferences = new TreeSet<>(bundleContext.getServiceReferences(SecurityFilter.class, null));
} catch (InvalidSyntaxException ise) {
LOGGER.debug("Should never get this exception as there is no filter being passed.");
}
if (!CollectionUtils.isEmpty(sortedSecurityFilterServiceReferences)) {
LOGGER.debug("Found {} filter(s), now filtering...", sortedSecurityFilterServiceReferences.size());
final SecurityFilterChain chain = new SecurityFilterChain();
// run in order of highest to lowest service ranking.
for (ServiceReference<SecurityFilter> securityFilterServiceReference : sortedSecurityFilterServiceReferences) {
final SecurityFilter securityFilter = bundleContext.getService(securityFilterServiceReference);
if (!hasBeenInitialized(securityFilterServiceReference, bundleContext)) {
initializeSecurityFilter(bundleContext, securityFilterServiceReference, securityFilter);
}
chain.addSecurityFilter(securityFilter);
}
try {
chain.doFilter(servletRequest, servletResponse);
} catch (IOException e) {
throw new ServerAuthException("Unable to process security filter. Blocking the request processing.");
} catch (AuthenticationChallengeException e) {
return new Authentication.Challenge() {
};
} catch (AuthenticationException e) {
return new Authentication.Failure() {
};
}
} else {
LOGGER.debug("Did not find any SecurityFilters. Send auth failure...");
return new Authentication.Failure() {
};
}
Subject subject = (Subject) servletRequest.getAttribute(SecurityConstants.SECURITY_SUBJECT);
UserIdentity userIdentity = new JettyUserIdentity(getSecuritySubject(subject));
return new JettyAuthenticatedUser(userIdentity);
}
Also used :
AuthenticationChallengeException(org.codice.ddf.platform.filter.AuthenticationChallengeException)
AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException)
UserIdentity(org.eclipse.jetty.server.UserIdentity)
ServerAuthException(org.eclipse.jetty.security.ServerAuthException)
IOException(java.io.IOException)
Subject(ddf.security.Subject)
ServiceReference(org.osgi.framework.ServiceReference)
Authentication(org.eclipse.jetty.server.Authentication)
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
InvalidSyntaxException(org.osgi.framework.InvalidSyntaxException)
BundleContext(org.osgi.framework.BundleContext)
Example 10 with SecurityFilter
use of org.codice.ddf.platform.filter.SecurityFilter in project ddf by codice.
the class SecurityFilterChain method doFilter.
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, AuthenticationException {
if (iterator == null) {
iterator = filters.iterator();
}
if (iterator.hasNext()) {
SecurityFilter filter = iterator.next();
LOGGER.debug("Calling filter {}.doFilter({}, {}, {})", filter.getClass().getName(), servletRequest, servletResponse, this);
filter.doFilter(servletRequest, servletResponse, this);
}
}
Also used :
SecurityFilter(org.codice.ddf.platform.filter.SecurityFilter)
Aggregations
SecurityFilter (org.codice.ddf.platform.filter.SecurityFilter)15
ServletRequest (javax.servlet.ServletRequest)11
ServletResponse (javax.servlet.ServletResponse)11
Test (org.junit.Test)11
Hashtable (java.util.Hashtable)7
Dictionary (java.util.Dictionary)4
SecurityFilterChain (org.codice.ddf.platform.filter.SecurityFilterChain)4
InOrder (org.mockito.InOrder)3
ServletContext (javax.servlet.ServletContext)2
HttpSession (javax.servlet.http.HttpSession)2
Request (org.eclipse.jetty.server.Request)2
MockServiceReference (org.springframework.osgi.mock.MockServiceReference)2
Subject (ddf.security.Subject)1
IOException (java.io.IOException)1
AuthenticationChallengeException (org.codice.ddf.platform.filter.AuthenticationChallengeException)1
AuthenticationException (org.codice.ddf.platform.filter.AuthenticationException)1
ServerAuthException (org.eclipse.jetty.security.ServerAuthException)1
Authentication (org.eclipse.jetty.server.Authentication)1
UserIdentity (org.eclipse.jetty.server.UserIdentity)1
BundleContext (org.osgi.framework.BundleContext)1
