List of usage examples for javax.servlet FilterChain doFilter
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException;
From source file:edu.northwestern.bioinformatics.studycalendar.security.internal.ApiAuthenticationFilter.java
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { String authorizationHeader = ((HttpServletRequest) request).getHeader("Authorization"); Authentication original = SecurityContextHolder.getContext().getAuthentication(); if (authorizationHeader == null || processAuthorization(authorizationHeader, (HttpServletResponse) response)) { chain.doFilter(request, response); if (original == null) { SecurityContextHolder.clearContext(); } else {//from w w w. j av a 2 s .c o m SecurityContextHolder.getContext().setAuthentication(original); } } }
From source file:org.craftercms.commons.web.CORSFilter.java
@Override protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain) throws ServletException, IOException { final HttpServletResponseWrapper responseWrapper = new HttpServletResponseWrapper(response); responseWrapper.addHeader(ALLOW_ORIGIN, allowOrigins); responseWrapper.addHeader(ALLOW_METHODS, allowMethods); responseWrapper.addHeader(MAX_AGE, maxAge); responseWrapper.addHeader(ALLOW_HEADERS, allowHeaders); responseWrapper.addHeader(ALLOW_CREDENTIALS, allowCredentials); filterChain.doFilter(request, responseWrapper); }
From source file:com.qualogy.qafe.gwt.server.filter.CORSFilter.java
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; String origin = req.getHeader(RequestHeader.ORIGIN.toString()); // Check if this is a cross origin request if (origin != null) { resolveResponse(req, resp);/*from w w w . j ava 2 s . c om*/ } chain.doFilter(request, response); }
From source file:ru.smsl.webkrona.filter.FlashMapFilter.java
/** * @see org.springframework.web.filter.OncePerRequestFilter#doFilterInternal(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse, javax.servlet.FilterChain) *///from w w w . j av a 2 s . com @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { Map<String, Object> flashMap = FlashMap.getFlashMap(false); if (flashMap != null) { for (Map.Entry<String, ?> entry : flashMap.entrySet()) { Object currentValue = request.getAttribute(entry.getKey()); if (currentValue == null) { request.setAttribute(entry.getKey(), entry.getValue()); } } FlashMap.removeFlashMap(); } filterChain.doFilter(request, response); }
From source file:uk.ac.ebi.fgpt.lode.servlet.CorsFilter.java
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { // if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) { // CORS "pre-flight" request response.addHeader("Access-Control-Allow-Origin", "*"); response.addHeader("Access-Control-Allow-Methods", "GET, POST"); response.addHeader("Access-Control-Allow-Headers", "Content-Type"); response.addHeader("Access-Control-Max-Age", "1");// 30 min // }//from w w w . j a v a 2s . c o m filterChain.doFilter(request, response); }
From source file:com.googlesource.gerrit.plugins.github.oauth.OAuthGitFilter.java
private Cookie getGerritLoginCookie(String username, HttpServletRequest httpRequest, HttpServletResponse httpResponse, FilterChain chain) throws IOException, ServletException { AuthenticatedPathHttpRequest loginRequest = new AuthenticatedLoginHttpRequest(httpRequest, config.httpHeader, username); AuthenticatedLoginHttpResponse loginResponse = new AuthenticatedLoginHttpResponse(httpResponse); chain.doFilter(loginRequest, loginResponse); return loginResponse.getGerritCookie(); }
From source file:com.earldouglas.filtre.Filtre.java
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { boolean accessGranted = false; try {//from w w w. ja v a 2 s . c om accessGranted = addressManager.isAccessPermitted(servletRequest.getRemoteAddr()); } catch (AddressFormatException addressFormatException) { throw new ServletException(addressFormatException); } finally { logResult(servletRequest, accessGranted); if (accessGranted) { filterChain.doFilter(servletRequest, servletResponse); } } }
From source file:cats.twitter.webapp.controller.mvc.CORSFilter.java
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) { // CORS "pre-flight" request response.addHeader("Access-Control-Allow-Origin", "*"); response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE"); response.addHeader("Access-Control-Allow-Headers", "Content-Type"); response.addHeader("Access-Control-Max-Age", "1800");//30 min }//from w w w.j a v a 2 s .c om filterChain.doFilter(request, response); }
From source file:dk.itst.oiosaml.sp.develmode.DevelModeImpl.java
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain fc, Configuration conf) throws IOException, ServletException { // Inserted to avoid loginpage when a samlhandler is requested in develmode if (req.getServletPath().equals(conf.getProperty(Constants.PROP_SAML_SERVLET))) { log.debug("Develmode: Request to SAML servlet, access granted"); fc.doFilter(req, res); return;/* w w w. j av a 2 s .co m*/ } UserAssertionHolder.set(null); UserAssertion ua = (UserAssertion) req.getSession().getAttribute(Constants.SESSION_USER_ASSERTION); if (ua == null) { String[] users = conf.getStringArray("oiosaml-sp.develmode.users"); if (users == null || users.length == 0) { log.error("No users defined in properties. Set oiosaml-sp.develmode.users"); res.setStatus(500); HTTPUtils.sendCacheHeaders(res); render("nousers.vm", res, new HashMap<String, Object>()); return; } if (users.length == 1) { ua = selectUser(users[0], conf); } else { String selected = req.getParameter("__oiosaml_devel"); if (selected == null || !Arrays.asList(users).contains(selected)) { HTTPUtils.sendCacheHeaders(res); Map<String, Object> params = new HashMap<String, Object>(); params.put("users", users); params.put("params", buildParameterString(req.getParameterMap())); render("users.vm", res, params); return; } else { HTTPUtils.sendCacheHeaders(res); ua = selectUser(selected, conf); req.getSession().setAttribute(Constants.SESSION_USER_ASSERTION, ua); res.sendRedirect(req.getRequestURI() + "?" + buildParameterString(req.getParameterMap())); return; } } } if (ua != null) { req.getSession().setAttribute(Constants.SESSION_USER_ASSERTION, ua); UserAssertionHolder.set(ua); HttpServletRequestWrapper requestWrap = new SAMLHttpServletRequest(req, ua, ""); fc.doFilter(requestWrap, res); return; } else { log.error("No assertion found"); res.sendError(500); return; } }
From source file:com.sfwl.framework.web.casclient.SingleSignOutFilter.java
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException { final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpServletResponse response = (HttpServletResponse) servletResponse; // URL(js+css+img) if (excepUrlPattern != null && excepUrlPattern.matcher(request.getServletPath()).matches()) { filterChain.doFilter(servletRequest, servletResponse); return;//from w w w. j a v a 2 s. com } /** * <p>Workaround for now for the fact that Spring Security will fail since it doesn't call {@link #init(javax.servlet.FilterConfig)}.</p> * <p>Ultimately we need to allow deployers to actually inject their fully-initialized {@link org.jasig.cas.client.session.SingleSignOutHandler}.</p> */ if (!this.handlerInitialized.getAndSet(true)) { HANDLER.init(); } if (HANDLER.process(request, response)) { filterChain.doFilter(servletRequest, servletResponse); } }