Examples with OncePerRequestFilter org.springframework.web.filter.OncePerRequestFilter used on opensource projects

Search in sources :

Example 1 with OncePerRequestFilter

use of org.springframework.web.filter.OncePerRequestFilter in project microservices by pwillhan.

the class SsoUiApplication method csrfHeaderFilter.

private Filter csrfHeaderFilter() {
    return new OncePerRequestFilter() {

        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
            CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
            if (csrf != null) {
                Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
                String token = csrf.getToken();
                if (cookie == null || token != null && !token.equals(cookie.getValue())) {
                    cookie = new Cookie("XSRF-TOKEN", token);
                    cookie.setPath("/");
                    response.addCookie(cookie);
                }
            }
            filterChain.doFilter(request, response);
        }
    };
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Cookie(javax.servlet.http.Cookie) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) CsrfToken(org.springframework.security.web.csrf.CsrfToken)

Example 2 with OncePerRequestFilter

use of org.springframework.web.filter.OncePerRequestFilter in project gocd by gocd.

the class ThreadLocalUserFilterTest method shouldSetUserToThreadLocalWhenFilterIsCalledAndRemoveUserFromThreadLocalOnceRequestIsCompleted.

@Test
void shouldSetUserToThreadLocalWhenFilterIsCalledAndRemoveUserFromThreadLocalOnceRequestIsCompleted() throws ServletException, IOException {
    final MockHttpServletRequest request = new MockHttpServletRequest();
    final MockHttpServletResponse response = new MockHttpServletResponse();
    final AuthenticationToken<UsernamePassword> authenticationToken = SessionUtilsHelper.createUsernamePasswordAuthentication("bob", "p@ssw0rd", 0L);
    SessionUtils.setAuthenticationTokenAfterRecreatingSession(authenticationToken, request);
    final GoUserPrinciple[] currentUserInFilter = { null };
    final FilterChain filterChain = new MockFilterChain(mock(Servlet.class), spy(new OncePerRequestFilter() {

        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
            currentUserInFilter[0] = SessionUtils.getCurrentUser();
        }
    }));
    new ThreadLocalUserFilter().doFilter(request, response, filterChain);
    assertThat(currentUserInFilter[0]).isNotNull();
    assertThat(SessionUtils.getCurrentUser().getUsername()).isEqualTo("anonymous");
    assertThat(SessionUtils.getCurrentUser().getAuthorities()).containsExactly(GoAuthority.ROLE_ANONYMOUS.asAuthority());
}
Also used : MockHttpServletRequest(com.thoughtworks.go.http.mocks.MockHttpServletRequest) FilterChain(javax.servlet.FilterChain) MockFilterChain(com.thoughtworks.go.http.mocks.MockFilterChain) MockHttpServletResponse(com.thoughtworks.go.http.mocks.MockHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) UsernamePassword(com.thoughtworks.go.server.newsecurity.models.UsernamePassword) MockHttpServletRequest(com.thoughtworks.go.http.mocks.MockHttpServletRequest) HttpServletRequest(javax.servlet.http.HttpServletRequest) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) Servlet(javax.servlet.Servlet) GoUserPrinciple(com.thoughtworks.go.server.security.userdetail.GoUserPrinciple) MockFilterChain(com.thoughtworks.go.http.mocks.MockFilterChain) MockHttpServletResponse(com.thoughtworks.go.http.mocks.MockHttpServletResponse) Test(org.junit.jupiter.api.Test)

Example 3 with OncePerRequestFilter

use of org.springframework.web.filter.OncePerRequestFilter in project cloud-sea-towerman by huadahuang1983.

the class WebSecurityConfig method csrfHeaderFilter.

private Filter csrfHeaderFilter() {
    return new OncePerRequestFilter() {

        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
            CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
            if (csrf != null) {
                Cookie cookie = new Cookie("XSRF-TOKEN", csrf.getToken());
                cookie.setPath("/");
                response.addCookie(cookie);
            }
            filterChain.doFilter(request, response);
        }
    };
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) Cookie(javax.servlet.http.Cookie) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) CsrfToken(org.springframework.security.web.csrf.CsrfToken)

Example 4 with OncePerRequestFilter

use of org.springframework.web.filter.OncePerRequestFilter in project jhipster-sample-app-oauth2 by jhipster.

the class OAuth2Configuration method saveLoginOriginFilter.

@Bean
public FilterRegistrationBean saveLoginOriginFilter() {
    Filter filter = new OncePerRequestFilter() {

        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
            if (request.getRemoteUser() == null && request.getRequestURI().endsWith("/login")) {
                String referrer = request.getHeader("referer");
                if (!StringUtils.isBlank(referrer) && request.getSession().getAttribute(SAVED_LOGIN_ORIGIN_URI) == null) {
                    log.debug("Saving login origin URI: {}", referrer);
                    request.getSession().setAttribute(SAVED_LOGIN_ORIGIN_URI, referrer);
                }
            }
            filterChain.doFilter(request, response);
        }
    };
    FilterRegistrationBean bean = new FilterRegistrationBean(filter);
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    return bean;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) OAuth2ClientAuthenticationProcessingFilter(org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter) Filter(javax.servlet.Filter) FilterChain(javax.servlet.FilterChain) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) FilterRegistrationBean(org.springframework.boot.web.servlet.FilterRegistrationBean) FilterRegistrationBean(org.springframework.boot.web.servlet.FilterRegistrationBean) Bean(org.springframework.context.annotation.Bean)

Example 5 with OncePerRequestFilter

use of org.springframework.web.filter.OncePerRequestFilter in project flow by vaadin.

the class Application method publicImagesAliasFilter.

// Test views use relative path to images, that cannot be correctly resolved
// when setting vaadin.urlMapping, because view base path differs from
// web application context path.
// The following filter forwards request from
// {vaadin.urlMapping}/public/images to /public/images, so they are then
// served by spring.
@Bean
FilterRegistrationBean<?> publicImagesAliasFilter() {
    FilterRegistrationBean<OncePerRequestFilter> registrationBean = new FilterRegistrationBean<>(new OncePerRequestFilter() {

        @Override
        protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
            request.getRequestDispatcher(request.getRequestURI().substring(7)).forward(request, response);
        }
    });
    registrationBean.addUrlPatterns("/vaadin/public/images/*", "/vaadin/public/profiles/*");
    registrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    return registrationBean;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) OncePerRequestFilter(org.springframework.web.filter.OncePerRequestFilter) FilterChain(javax.servlet.FilterChain) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) FilterRegistrationBean(org.springframework.boot.web.servlet.FilterRegistrationBean) FilterRegistrationBean(org.springframework.boot.web.servlet.FilterRegistrationBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

FilterChain (javax.servlet.FilterChain)7 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 HttpServletResponse (javax.servlet.http.HttpServletResponse)7 OncePerRequestFilter (org.springframework.web.filter.OncePerRequestFilter)7 IOException (java.io.IOException)3 ServletException (javax.servlet.ServletException)3 FilterRegistrationBean (org.springframework.boot.web.servlet.FilterRegistrationBean)3 Bean (org.springframework.context.annotation.Bean)3 Cookie (javax.servlet.http.Cookie)2 CsrfToken (org.springframework.security.web.csrf.CsrfToken)2 MockFilterChain (com.thoughtworks.go.http.mocks.MockFilterChain)1 MockHttpServletRequest (com.thoughtworks.go.http.mocks.MockHttpServletRequest)1 MockHttpServletResponse (com.thoughtworks.go.http.mocks.MockHttpServletResponse)1 UsernamePassword (com.thoughtworks.go.server.newsecurity.models.UsernamePassword)1 GoUserPrinciple (com.thoughtworks.go.server.security.userdetail.GoUserPrinciple)1 Filter (javax.servlet.Filter)1 Servlet (javax.servlet.Servlet)1 Test (org.junit.jupiter.api.Test)1 OAuth2ClientAuthenticationProcessingFilter (org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter)1 SecurityFilterChain (org.springframework.security.web.SecurityFilterChain)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial