Search in sources :

Example 1 with MotechProxyManager

use of org.motechproject.security.service.MotechProxyManager in project motech by motech.

the class WebSecurityBundleIT method testProxyInitialization.

@Test
public void testProxyInitialization() throws Exception {
    MotechProxyManager manager = getFromContext(MotechProxyManager.class);
    FilterChainProxy proxy = manager.getFilterChainProxy();
    assertNotNull(proxy);
    assertNotNull(proxy.getFilterChains());
}
Also used : FilterChainProxy(org.springframework.security.web.FilterChainProxy) MotechProxyManager(org.motechproject.security.service.MotechProxyManager) Test(org.junit.Test)

Example 2 with MotechProxyManager

use of org.motechproject.security.service.MotechProxyManager in project motech by motech.

the class MotechDelegatingFilterProxy method doFilter.

/**
 * If the proxy manager is available, filtering should be instead
 * delegated to its FilterChainProxy.
 */
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    WebApplicationContext context = super.findWebApplicationContext();
    MotechProxyManager proxyManager = context.getBean(MotechProxyManager.class);
    traceRequest(request);
    if (isAdminMode) {
        anonymousFilter.doFilter(request, response, filterChain);
    } else if (proxyManager != null) {
        proxyManager.getFilterChainProxy().doFilter(request, response, filterChain);
    } else {
        super.doFilter(request, response, filterChain);
    }
}
Also used : WebApplicationContext(org.springframework.web.context.WebApplicationContext) MotechProxyManager(org.motechproject.security.service.MotechProxyManager)

Example 3 with MotechProxyManager

use of org.motechproject.security.service.MotechProxyManager in project motech by motech.

the class Activator method serviceAdded.

/**
 * Initializes the security chain by fetching the proxy manager,
 * registers the security filter and spring dispatcher servlet.
 */
private void serviceAdded(ExtHttpService service) {
    DispatcherServlet dispatcherServlet = new DispatcherServlet();
    dispatcherServlet.setContextConfigLocation(CONTEXT_CONFIG_LOCATION);
    dispatcherServlet.setContextClass(WebSecurityApplicationContext.class);
    ClassLoader old = Thread.currentThread().getContextClassLoader();
    try {
        Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
        HttpContext httpContext = HttpContextFactory.getHttpContext(service.createDefaultHttpContext(), bundleContext.getBundle());
        service.registerServlet(SERVLET_URL_MAPPING, dispatcherServlet, null, null);
        service.registerResources(RESOURCE_URL_MAPPING, "/webapp", httpContext);
        LOGGER.debug("Servlet registered");
        filter = new MotechDelegatingFilterProxy("springSecurityFilterChain", dispatcherServlet.getWebApplicationContext());
        MotechProxyManager proxyManager = dispatcherServlet.getWebApplicationContext().getBean(MotechProxyManager.class);
        LOGGER.debug("Creating initial proxy chain");
        proxyManager.initializeProxyChain();
        service.registerFilter(filter, "/.*", null, 0, httpContext);
        LOGGER.debug("Filter registered");
    } catch (NamespaceException e) {
        throw new ServletRegistrationException("Web-security servlet already registered", e);
    } catch (ServletException e) {
        throw new ServletRegistrationException("Unable to register servlet for web-security", e);
    } finally {
        Thread.currentThread().setContextClassLoader(old);
    }
}
Also used : ServletException(javax.servlet.ServletException) ServletRegistrationException(org.motechproject.osgi.web.exception.ServletRegistrationException) DispatcherServlet(org.springframework.web.servlet.DispatcherServlet) MotechDelegatingFilterProxy(org.motechproject.security.filter.MotechDelegatingFilterProxy) HttpContext(org.osgi.service.http.HttpContext) NamespaceException(org.osgi.service.http.NamespaceException) MotechProxyManager(org.motechproject.security.service.MotechProxyManager)

Example 4 with MotechProxyManager

use of org.motechproject.security.service.MotechProxyManager in project motech by motech.

the class WebSecurityBundleIT method testUpdatingProxyOnRestart.

@Test
public void testUpdatingProxyOnRestart() throws InterruptedException, BundleException, IOException, ClassNotFoundException, InvalidSyntaxException {
    getLogger().info("Build 1st custom security configuration");
    MotechSecurityConfiguration config = SecurityTestConfigBuilder.buildConfig("noSecurity", null, null);
    updateSecurity(config);
    restartSecurityBundle();
    restartOsgiIntegrationTestBundle();
    // Give it some time to process rules from resource files
    Thread.sleep(5000);
    MotechProxyManager manager = getFromContext(MotechProxyManager.class);
    // Receives one chain from config built in test, and two from OSGi IT bundle being scanned for two rules
    // Additionaly, several default rules are merged with the config
    int defaultSize = manager.getDefaultSecurityConfiguration().getSecurityRules().size();
    getLogger().info("Number of default security rules: " + defaultSize);
    assertEquals(3 + defaultSize, manager.getFilterChainProxy().getFilterChains().size());
    getLogger().info("Build 2nd custom security configuration");
    MotechSecurityConfiguration updatedConfig = SecurityTestConfigBuilder.buildConfig("addPermissionAccess", "anyPermission", null);
    updateSecurity(updatedConfig);
    restartSecurityBundle();
    restartOsgiIntegrationTestBundle();
    // Give it some time to process rules from resource files
    Thread.sleep(5000);
    manager = getFromContext(MotechProxyManager.class);
    assertEquals(4 + defaultSize, manager.getFilterChainProxy().getFilterChains().size());
}
Also used : MotechSecurityConfiguration(org.motechproject.security.domain.MotechSecurityConfiguration) MotechProxyManager(org.motechproject.security.service.MotechProxyManager) Test(org.junit.Test)

Aggregations

MotechProxyManager (org.motechproject.security.service.MotechProxyManager)4 Test (org.junit.Test)2 ServletException (javax.servlet.ServletException)1 ServletRegistrationException (org.motechproject.osgi.web.exception.ServletRegistrationException)1 MotechSecurityConfiguration (org.motechproject.security.domain.MotechSecurityConfiguration)1 MotechDelegatingFilterProxy (org.motechproject.security.filter.MotechDelegatingFilterProxy)1 HttpContext (org.osgi.service.http.HttpContext)1 NamespaceException (org.osgi.service.http.NamespaceException)1 FilterChainProxy (org.springframework.security.web.FilterChainProxy)1 WebApplicationContext (org.springframework.web.context.WebApplicationContext)1 DispatcherServlet (org.springframework.web.servlet.DispatcherServlet)1