List of usage examples for org.springframework.security.web.servletapi SecurityContextHolderAwareRequestWrapper getMethod
@Override
public String getMethod()
From source file:org.apache.syncope.core.misc.security.MustChangePasswordFilter.java
@Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { if (request instanceof SecurityContextHolderAwareRequestWrapper) { boolean isMustChangePassword = IterableUtils.matchesAny( SecurityContextHolder.getContext().getAuthentication().getAuthorities(), new Predicate<GrantedAuthority>() { @Override//from www . ja va 2 s. c o m public boolean evaluate(final GrantedAuthority authority) { return StandardEntitlement.MUST_CHANGE_PASSWORD.equals(authority.getAuthority()); } }); SecurityContextHolderAwareRequestWrapper wrapper = SecurityContextHolderAwareRequestWrapper.class .cast(request); if (isMustChangePassword && "GET".equalsIgnoreCase(wrapper.getMethod()) && !ArrayUtils.contains(ALLOWED, wrapper.getPathInfo())) { throw new AccessDeniedException("Please change your password first"); } } chain.doFilter(request, response); }
From source file:org.apache.syncope.core.spring.security.MustChangePasswordFilter.java
@Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { if (request instanceof SecurityContextHolderAwareRequestWrapper) { boolean isMustChangePassword = SecurityContextHolder.getContext().getAuthentication().getAuthorities() .stream().anyMatch(//from ww w . ja v a 2s . co m authority -> StandardEntitlement.MUST_CHANGE_PASSWORD.equals(authority.getAuthority())); SecurityContextHolderAwareRequestWrapper wrapper = SecurityContextHolderAwareRequestWrapper.class .cast(request); if (isMustChangePassword && "GET".equalsIgnoreCase(wrapper.getMethod()) && !ArrayUtils.contains(ALLOWED, wrapper.getPathInfo())) { throw new AccessDeniedException("Please change your password first"); } } chain.doFilter(request, response); }