List of usage examples for org.springframework.security.web FilterInvocation getRequest
public HttpServletRequest getRequest()
From source file:org.trustedanalytics.user.invite.MockedSecurityInterceptor.java
@Override public void invoke(FilterInvocation fi) throws IOException, ServletException { if ((fi.getRequest() != null)) { fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); }//w ww .jav a 2 s. co m }
From source file:org.mitre.openid.connect.web.SAMLEntryPoint.java
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { FilterInvocation fi = new FilterInvocation(request, response, chain); if (processFilter(fi.getRequest())) { logger.debug("une requte EIDAS=" + fi.getRequestUrl()); }//from ww w. ja v a 2 s . com chain.doFilter(request, response); }
From source file:org.osiam.resource_server.security.authorization.DynamicHTTPMethodScopeEnhancer.java
private void addMethodScope(final Object object, final Set<ConfigAttribute> dynamicConfigs) { final FilterInvocation f = (FilterInvocation) object; dynamicConfigs.add(new SecurityConfig("SCOPE_" + f.getRequest().getMethod().toUpperCase(Locale.ENGLISH))); }
From source file:cn.net.withub.demo.bootsec.hello.security.CustomFilterInvocationSecurityMetadataSource.java
@Override public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException { FilterInvocation fi = (FilterInvocation) object; HttpServletRequest request = fi.getRequest(); System.out.println("requestUrl is " + fi.getRequestUrl()); if (resourceMap == null || databaseChanged) { loadResourceMatchAuthority();//w ww.j a v a 2s . com } Collection<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>(); for (String urlPattern : resourceMap.keySet()) { //? AntPathRequestMatcher matcher = new AntPathRequestMatcher(urlPattern); if (matcher.matches(request)) { System.out.println("matched resource url patterns: " + urlPattern); attrs.addAll(resourceMap.get(urlPattern)); } } return attrs; }
From source file:org.italiangrid.storm.webdav.authz.CopyMoveAuthzVoter.java
@Override public int vote(Authentication authentication, FilterInvocation filter, Collection<ConfigAttribute> attributes) { if (!isCopyOrMoveRequest(filter.getRequest())) { return ACCESS_ABSTAIN; }/*w ww . j a v a2s.co m*/ String destination = filter.getRequest().getHeader(DESTINATION); if (destination == null) { return ACCESS_ABSTAIN; } try { StorageAreaInfo sa = getSAFromPath(destination); if (sa == null) { return ACCESS_DENIED; } if (authentication.getAuthorities().contains(SAPermission.canWrite(sa.name()))) { return ACCESS_GRANTED; } if (logger.isDebugEnabled()) { logger.debug("Access denied. Principal does not have write permissions on " + "storage area {}", sa.name()); } return ACCESS_DENIED; } catch (MalformedURLException e) { throw new RuntimeException(e.getMessage(), e); } }
From source file:com.gcrm.security.SecurityFilter.java
private void invoke(FilterInvocation fi) throws IOException, ServletException { InterceptorStatusToken token = null; token = super.beforeInvocation(fi); try {//from w w w. ja v a 2 s . c om fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); } finally { super.afterInvocation(token, null); } }
From source file:com.sun.identity.provider.springsecurity.OpenSSOObjectDefinitionSource.java
/** * @inheritDoc/*from w ww . ja va 2s.c o m*/ */ public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException { FilterInvocation filterInvocation = (FilterInvocation) object; HttpServletRequest request = filterInvocation.getRequest(); if (isAnonymousUrl(request)) { return null; } SSOToken token = OpenSSOProcessingFilter.getToken(filterInvocation.getHttpRequest()); if (token == null) { throw new InsufficientAuthenticationException("SSOToken does not exist"); } Set actions = new HashSet(); actions.add(filterInvocation.getHttpRequest().getMethod()); String fullResourceUrl = filterInvocation.getFullRequestUrl(); try { PolicyEvaluator policyEvaluator = PolicyEvaluatorFactory.getInstance() .getPolicyEvaluator("iPlanetAMWebAgentService"); if (debug.messageEnabled()) { debug.message("getPolicy for resource=" + fullResourceUrl + " actions=" + actions); } PolicyDecision policyDecision = policyEvaluator.getPolicyDecision(token, fullResourceUrl, actions, envParams); Map actionDecisions = policyDecision.getActionDecisions(); if (debug.messageEnabled()) { debug.message("action decisions =" + actionDecisions); } // If OpenSSO has a NULL policy decision we return // and Empty list. This results in a Spring "ABSTAIN" vote if (actionDecisions == null || actionDecisions.isEmpty()) { return Collections.emptyList(); } else { ActionDecision actionDecision = (ActionDecision) actionDecisions.values().iterator().next(); List<ConfigAttribute> configAtributes = new ArrayList<ConfigAttribute>(); for (Iterator it = actionDecision.getValues().iterator(); it.hasNext();) { String s = (String) it.next(); debug.message("configAttributes.add(" + s); configAtributes.add(new SecurityConfig(s)); } return configAtributes; } } catch (Exception e) { debug.error("Exception while evaling policy", e); throw new AccessDeniedException("Error accessing to Opensso", e); } }
From source file:com.evolveum.midpoint.web.security.MidPointGuiAuthorizationEvaluator.java
private void addSecurityConfig(FilterInvocation filterInvocation, Collection<ConfigAttribute> guiConfigAttr, String url, DisplayableValue<String>[] actions) { AntPathRequestMatcher matcher = new AntPathRequestMatcher(url); if (!matcher.matches(filterInvocation.getRequest()) || actions == null) { return;/*w w w . j a v a2 s .co m*/ } for (DisplayableValue<String> action : actions) { String actionUri = action.getValue(); if (StringUtils.isBlank(actionUri)) { continue; } //all users has permission to access these resources if (action.equals(AuthorizationConstants.AUTZ_UI_PERMIT_ALL_URL)) { return; } guiConfigAttr.add(new SecurityConfig(actionUri)); } }
From source file:grails.plugin.springsecurity.web.access.channel.HeaderCheckInsecureChannelProcessor.java
@Override public void decide(FilterInvocation invocation, Collection<ConfigAttribute> config) throws IOException, ServletException { Assert.isTrue(invocation != null && config != null, "Nulls cannot be provided"); for (ConfigAttribute attribute : config) { if (supports(attribute)) { if (headerValue.equals(invocation.getHttpRequest().getHeader(headerName))) { getEntryPoint().commence(invocation.getRequest(), invocation.getResponse()); }/*from w ww . j ava 2s . c om*/ } } }
From source file:grails.plugin.springsecurity.web.access.intercept.AbstractFilterInvocationDefinition.java
public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException { Assert.notNull(object, "Object must be a FilterInvocation"); Assert.isTrue(supports(object.getClass()), "Object must be a FilterInvocation"); FilterInvocation filterInvocation = (FilterInvocation) object; String url = determineUrl(filterInvocation); Collection<ConfigAttribute> configAttributes; try {/* ww w . java2 s. c o m*/ configAttributes = findConfigAttributes(url, filterInvocation.getRequest().getMethod()); } catch (RuntimeException e) { throw e; } catch (Exception e) { throw new RuntimeException(e); } if ((configAttributes == null || configAttributes.isEmpty()) && rejectIfNoRule) { // return something that cannot be valid; this will cause the voters to abstain or deny return DENY; } return configAttributes; }