Example usage for javax.servlet FilterChain doFilter

List of usage examples for javax.servlet FilterChain doFilter

Introduction

In this page you can find the example usage for javax.servlet FilterChain doFilter.

Prototype

public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException;

Source Link

Document

Causes the next filter in the chain to be invoked, or if the calling filter is the last filter in the chain, causes the resource at the end of the chain to be invoked.

Usage

From source file:com.ar.dev.tierra.api.config.CsrfHeaderFilter.java

/**
 * Metodo para agregar cookie contra CRSF
 * @param request// www  . ja  v a 2s . c  om
 * @param response
 * @param filterChain
 * @throws ServletException
 * @throws IOException 
 */
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
        FilterChain filterChain) throws ServletException, IOException {
    CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
    if (csrf != null) {
        Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
        String token = csrf.getToken();
        if (cookie == null || token != null && !token.equals(cookie.getValue())) {
            cookie = new Cookie("XSRF-TOKEN", token);
            cookie.setPath("/");
            response.addCookie(cookie);
        }
    }
    filterChain.doFilter(request, response);
}

From source file:eu.trentorise.smartcampus.resourceprovider.filter.ResourceFilter.java

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
        throws IOException, ServletException {

    final boolean debug = logger.isDebugEnabled();
    final HttpServletRequest request = (HttpServletRequest) req;
    final HttpServletResponse response = (HttpServletResponse) res;

    try {/*from  w  ww . j  av a 2 s.  c om*/

        String tokenValue = parseToken(request);
        if (HttpMethod.OPTIONS.equals(HttpMethod.valueOf(request.getMethod()))) {
            chain.doFilter(request, response);
            //            throw new OAuth2Exception("options");
        } else if (tokenValue == null) {
            if (debug) {
                logger.debug("No token in request, will continue chain.");
            }
            throw new OAuth2Exception("empty token");
        } else {
            ResourceCallAuthenticationToken authentication = new ResourceCallAuthenticationToken(tokenValue,
                    "");
            request.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, tokenValue);
            authentication.setDetails(authenticationDetailsSource.buildDetails(request));
            authentication.setRequestPath(getFullURL(request));
            authentication.setHttpMethod(HttpMethod.valueOf(request.getMethod()));
            Authentication authResult = authenticationManager.authenticate(authentication);

            SecurityContextHolder.getContext().setAuthentication(authResult);

            chain.doFilter(request, response);

        }
    } catch (OAuth2Exception failed) {
        SecurityContextHolder.clearContext();

        if (debug) {
            logger.debug("Authentication request failed: " + failed);
        }

        authenticationEntryPoint.commence(request, response,
                new InsufficientAuthenticationException(failed.getMessage(), failed));

        return;
    }

}

From source file:org.apereo.openlrs.CORSFilter.java

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
        FilterChain filterChain) throws ServletException, IOException {

    if (log.isDebugEnabled()) {
        log.debug("CORSFilter invoked");
    }//from w ww.  j av a2  s  . co m

    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
    response.setHeader("Access-Control-Max-Age", "3600");
    response.setHeader("Access-Control-Allow-Headers",
            "x-requested-with, " + XApiConstants.XAPI_VERSION_HEADER + ", Authorization, Content-Type");
    filterChain.doFilter(request, response);
}

From source file:org.appverse.web.framework.backend.security.authentication.userpassword.filters.CustomUserNamePasswordAuthenticationFilter.java

protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
        throws IOException, ServletException {
    final boolean debug = logger.isDebugEnabled();

    String uri = request.getRequestURI().substring(request.getContextPath().length());
    if (userNamePasswordAuthenticationUri == null || !uri.equals(userNamePasswordAuthenticationUri)) {
        chain.doFilter(request, response);
        return;// ww w. j  av  a2 s  .co m
    }

    try {
        String[] tokens = extractUserNameAndPassword(request);
        assert tokens.length == 2;

        String username = tokens[0];

        if (debug) {
            logger.debug("Username and password attributes found for user '" + username + "'");
        }

        if (authenticationIsRequired(username)) {
            UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
                    tokens[1]);
            authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
            Authentication authResult = authenticationManager.authenticate(authRequest);

            if (debug) {
                logger.debug("Authentication success: " + authResult);
            }

            SecurityContextHolder.getContext().setAuthentication(authResult);

            rememberMeServices.loginSuccess(request, response, authResult);

            onSuccessfulAuthentication(request, response, authResult);
        }

    } catch (AuthenticationException failed) {
        SecurityContextHolder.clearContext();

        if (debug) {
            logger.debug("Authentication request for failed: " + failed);
        }

        rememberMeServices.loginFail(request, response);

        onUnsuccessfulAuthentication(request, response, failed);

        if (ignoreFailure) {
            chain.doFilter(request, response);
        } else {
            authenticationEntryPoint.commence(request, response, failed);
        }

        return;
    }

    chain.doFilter(request, response);
}

From source file:cn.guoyukun.spring.web.filter.BaseFilter.java

/**
 * 1?????/*www.  j  a  v a  2s  .co m*/
 * 2?????
 */
@Override
public final void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {

    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;

    String currentURL = httpRequest.getServletPath();

    logger.debug("url filter : current url : [{}]", currentURL);

    if (isBlackURL(currentURL)) {
        chain.doFilter(request, response);
        return;
    }

    if (!isWhiteURL(currentURL)) {
        chain.doFilter(request, response);
        return;
    }
    doFilter(httpRequest, httpResponse, chain);
    return;
}

From source file:org.cloudfoundry.identity.api.web.CorsFilter.java

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
        FilterChain filterChain) throws ServletException, IOException {
    response.addHeader("Access-Control-Allow-Origin", "*");
    if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod()))
        ;/*from   w w  w. j a  va  2  s .  com*/
    {
        // CORS "pre-flight" request
        response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE");
        response.addHeader("Access-Control-Allow-Headers", "Authorization");
        response.addHeader("Access-Control-Max-Age", "1728000");
    }
    filterChain.doFilter(request, response);
}

From source file:io.github.alsguo.common.web.filter.BaseFilter.java

/**
 * 1?????/*from  ww  w .j av a 2  s.c  o m*/
 * 2?????
 */
public final void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {

    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;

    String currentURL = httpRequest.getServletPath();

    logger.debug("url filter : current url : [{}]", currentURL);

    if (isBlackURL(currentURL)) {
        chain.doFilter(request, response);
        return;
    }

    if (!isWhiteURL(currentURL)) {
        chain.doFilter(request, response);
        return;
    }
    doFilter(httpRequest, httpResponse, chain);
    return;
}

From source file:edu.harvard.i2b2.fhir.oauth2.ws.PublicClientFilter.java

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {

    String url = ((HttpServletRequest) request).getRequestURL().toString();
    logger.info("url:" + url);
    //if(!url.startsWith("/token")) return;

    String msg = "";
    Enumeration<String> kl = request.getParameterNames();
    while (kl.hasMoreElements()) {
        String k = kl.nextElement();
        msg += k + "->" + request.getParameter(k) + "\n";
    }//from   ww w . jav a  2s.  co  m
    logger.info(msg);

    chain.doFilter(new PublicClientWrapper((HttpServletRequest) request), response);
}

From source file:org.jasig.web.filter.SimpleCorsFilter.java

/**
 * Sets the headers to support CORS /*from   ww  w . j  ava 2 s . c o m*/
 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
 */
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
        throws IOException, ServletException {
    HttpServletResponse response = (HttpServletResponse) res;
    response.setHeader("Access-Control-Allow-Origin", allowOrigin);
    response.setHeader("Access-Control-Allow-Methods", allowMethod);
    response.setHeader("Access-Control-Max-Age", maxAge);
    response.setHeader("Access-Control-Allow-Headers", allowHeaders);
    chain.doFilter(req, res);
}

From source file:com.tamnd.app.filters.CsrfHeaderFilter.java

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
        FilterChain filterChain) throws ServletException, IOException {
    CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
    if (csrf != null) {
        Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
        String token = csrf.getToken();
        if (cookie == null || token != null && !token.equals(cookie.getValue())) {
            cookie = new Cookie("XSRF-TOKEN", token);
            cookie.setPath("/");
            response.addCookie(cookie);/*from ww w  . j  a v a2s .c om*/
        }
    }
    filterChain.doFilter(request, response);

    //      CsrfToken token = (CsrfToken) request.getAttribute(REQUEST_ATTRIBUTE_NAME);
    //        if (token != null) {
    //            response.setHeader(RESPONSE_HEADER_NAME, token.getHeaderName());
    //            response.setHeader(RESPONSE_PARAM_NAME, token.getParameterName());
    //            response.setHeader(RESPONSE_TOKEN_NAME , token.getToken());
    //        }
    //        filterChain.doFilter(request, response);
}