Search in sources :

Example 16 with Request

use of org.glassfish.grizzly.http.server.Request in project graylog2-server by Graylog2.

the class ShiroSecurityContextFilter method filter.

@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
    final boolean secure = requestContext.getSecurityContext().isSecure();
    final MultivaluedMap<String, String> headers = requestContext.getHeaders();
    final Request grizzlyRequest = grizzlyRequestProvider.get();
    final String host = RestTools.getRemoteAddrFromRequest(grizzlyRequest, trustedProxies);
    final String authHeader = headers.getFirst(HttpHeaders.AUTHORIZATION);
    final SecurityContext securityContext;
    if (authHeader != null && authHeader.startsWith("Basic")) {
        final String base64UserPass = authHeader.substring(authHeader.indexOf(' ') + 1);
        final String userPass = decodeBase64(base64UserPass);
        final String[] split = userPass.split(":", 2);
        if (split.length != 2) {
            throw new BadRequestException("Invalid credentials in Authorization header");
        }
        securityContext = createSecurityContext(split[0], split[1], secure, SecurityContext.BASIC_AUTH, host, grizzlyRequest.getRemoteAddr(), headers);
    } else {
        securityContext = createSecurityContext(null, null, secure, null, host, grizzlyRequest.getRemoteAddr(), headers);
    }
    requestContext.setSecurityContext(securityContext);
}
Also used : Request(org.glassfish.grizzly.http.server.Request) SecurityContext(javax.ws.rs.core.SecurityContext) BadRequestException(javax.ws.rs.BadRequestException)

Aggregations

Request (org.glassfish.grizzly.http.server.Request)16 Test (org.junit.Test)6 IOException (java.io.IOException)5 Response (org.glassfish.grizzly.http.server.Response)5 HttpHandler (org.glassfish.grizzly.http.server.HttpHandler)4 IpSubnet (org.graylog2.utilities.IpSubnet)4 URI (java.net.URI)3 URISyntaxException (java.net.URISyntaxException)3 ParseException (java.text.ParseException)3 List (java.util.List)3 Collectors (java.util.stream.Collectors)3 Consumes (javax.ws.rs.Consumes)3 POST (javax.ws.rs.POST)3 Produces (javax.ws.rs.Produces)3 Response (javax.ws.rs.core.Response)3 Idf (org.edamontology.edammap.core.idf.Idf)3 PreProcessor (org.edamontology.edammap.core.preprocessing.PreProcessor)3 Files (java.nio.file.Files)2 Paths (java.nio.file.Paths)2 Instant (java.time.Instant)2