List of usage examples for javax.servlet FilterConfig getInitParameter
public String getInitParameter(String name);
String containing the value of the named initialization parameter, or null if the initialization parameter does not exist. From source file:org.alfresco.web.site.servlet.SSOAuthenticationFilter.java
/** * Initialize the filter/*ww w . j a v a2s.c o m*/ */ public void init(FilterConfig args) throws ServletException { if (logger.isDebugEnabled()) logger.debug("Initializing the SSOAuthenticationFilter."); // get reference to our ServletContext this.servletContext = args.getServletContext(); ApplicationContext context = getApplicationContext(); this.loginController = (SlingshotLoginController) context.getBean("loginController"); // retrieve the connector service this.connectorService = (ConnectorService) context.getBean("connector.service"); ConfigService configService = (ConfigService) context.getBean("web.config"); // Retrieve the remote configuration RemoteConfigElement remoteConfig = (RemoteConfigElement) configService.getConfig("Remote") .getConfigElement("remote"); if (remoteConfig == null) { logger.error( "There is no Remote configuration element. This is required to use SSOAuthenticationFilter."); return; } // get the endpoint id to use String endpoint = args.getInitParameter("endpoint"); if (endpoint == null) { logger.error( "There is no 'endpoint' id in the SSOAuthenticationFilter init parameters. Cannot initialise filter."); return; } // Get the endpoint descriptor and check if external auth is enabled EndpointDescriptor endpointDescriptor = remoteConfig.getEndpointDescriptor(endpoint); if (endpointDescriptor == null || !endpointDescriptor.getExternalAuth()) { if (logger.isDebugEnabled()) logger.debug("No External Auth endpoint configured for " + endpoint); return; } try { Connector conn = this.connectorService.getConnector(endpoint); // Save the endpoint, activating the filter this.endpoint = endpoint; if (logger.isDebugEnabled()) logger.debug("Endpoint is " + endpoint); // Obtain the userHeader (if configured) from the alfresco connector this.userHeader = conn.getConnectorSession() .getParameter(SlingshotAlfrescoConnector.CS_PARAM_USER_HEADER); String userIdPattern = conn.getConnectorSession() .getParameter(SlingshotAlfrescoConnector.CS_PARAM_USER_ID_PATTERN); if (userIdPattern != null) { this.userIdPattern = Pattern.compile(userIdPattern); } if (logger.isDebugEnabled()) { logger.debug("userHeader is " + userHeader); logger.debug("userIdPattern is " + userIdPattern); } } catch (ConnectorServiceException e) { logger.error("Unable to find connector " + endpointDescriptor.getConnectorId() + " for the endpoint " + endpoint, e); } // retrieve the optional kerberos configuration KerberosConfigElement krbConfig = (KerberosConfigElement) configService.getConfig("Kerberos") .getConfigElement("kerberos"); if (krbConfig != null) { if (logger.isDebugEnabled()) logger.debug("Found configuration for Kerberos authentication."); // Get the Kerberos realm String krbRealm = krbConfig.getRealm(); if (krbRealm != null && krbRealm.length() > 0) { if (logger.isDebugEnabled()) logger.debug("Found Kerberos realm: " + krbRealm); // Set the Kerberos realm this.krbRealm = krbRealm; } else throw new ServletException("Kerberos realm not specified"); // Get the HTTP service account password String srvPassword = krbConfig.getPassword(); if (srvPassword != null && srvPassword.length() > 0) { // Set the HTTP service account password this.krbPassword = srvPassword; } else throw new ServletException("HTTP service account password not specified"); String krbEndpointSPN = krbConfig.getEndpointSPN(); if (krbEndpointSPN != null && krbEndpointSPN.length() > 0) { // Set the Service Principal Name to use on the endpoint if (logger.isDebugEnabled()) logger.debug("The Service Principal Name to use on the endpoint: " + krbEndpointSPN); this.krbEndpointSPN = krbEndpointSPN; } else throw new ServletException("endpoint service principal name not specified"); // Get the login configuration entry name String loginEntry = krbConfig.getLoginEntryName(); if (loginEntry != null) { if (loginEntry.length() > 0) { // Set the login configuration entry name to use if (logger.isDebugEnabled()) logger.debug("The login configuration entry name to use: " + loginEntry); jaasLoginEntryName = loginEntry; } else throw new ServletException("Invalid login entry specified"); } // Get the login stripUserNameSuffix property boolean stripUserNameSuffix = krbConfig.getStripUserNameSuffix(); // Set the login configuration entry name to use if (logger.isDebugEnabled()) logger.debug("The stripUserNameSuffix property is set to: " + stripUserNameSuffix); this.stripUserNameSuffix = stripUserNameSuffix; // Create a login context for the HTTP server service try { // Login the HTTP server service jaasLoginContext = new LoginContext(jaasLoginEntryName, this); jaasLoginContext.login(); // DEBUG if (logger.isDebugEnabled()) logger.debug("HTTP Kerberos login successful"); } catch (LoginException ex) { // Debug if (logger.isErrorEnabled()) logger.error("HTTP Kerberos web filter error", ex); throw new ServletException("Failed to login HTTP server service"); } // Get the HTTP service account name from the subject Subject subj = jaasLoginContext.getSubject(); Principal princ = subj.getPrincipals().iterator().next(); krbAccountName = princ.getName(); // DEBUG if (logger.isDebugEnabled()) logger.debug("Logged on using principal " + krbAccountName); } if (logger.isInfoEnabled()) logger.info("SSOAuthenticationFilter initialised."); }
From source file:org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter.java
/** * Constructs a Cas20ServiceTicketValidator or a Cas20ProxyTicketValidator based on supplied parameters. * * @param filterConfig the Filter Configuration object. * @return a fully constructed TicketValidator. *//*from ww w . j a v a 2 s . co m*/ protected final TicketValidator getTicketValidator(final FilterConfig filterConfig) { final String allowAnyProxy = getPropertyFromInitParams(filterConfig, "acceptAnyProxy", null); final String allowedProxyChains = getPropertyFromInitParams(filterConfig, "allowedProxyChains", null); // TODO ? ServletContext context = filterConfig.getServletContext(); String casServerContextName = context.getInitParameter(CAS_SERVER_NAME_CONTEXT_PARAMETER); CommonUtils.assertNotNull(casServerContextName, "casServerContextName cannot be null."); String casServerAddress = getCasServerAddress(); logger.trace(this.getClass() + ".getTicketValidator(): casServerAddress = " + casServerAddress); final String casServerUrlPrefix = casServerAddress + "/" + casServerContextName + "/"; logger.trace(this.getClass() + ".getTicketValidator(): casServerUrlPrefix = " + casServerUrlPrefix); final Cas20ServiceTicketValidator validator; if (CommonUtils.isNotBlank(allowAnyProxy) || CommonUtils.isNotBlank(allowedProxyChains)) { final Cas20ProxyTicketValidator v = new Cas20ProxyTicketValidator(casServerUrlPrefix); v.setAcceptAnyProxy(parseBoolean(allowAnyProxy)); v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains)); validator = v; } else { validator = new Cas20ServiceTicketValidator(casServerUrlPrefix); } validator.setProxyCallbackPath(getPropertyFromInitParams(filterConfig, "proxyCallbackPath", null)); validator.setProxyGrantingTicketStorage(this.proxyGrantingTicketStorage); validator.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix, getPropertyFromInitParams(filterConfig, "encoding", null))); validator.setRenew(parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false"))); validator.setEncoding(getPropertyFromInitParams(filterConfig, "encoding", null)); final Map additionalParameters = new HashMap(); final List params = Arrays.asList(RESERVED_INIT_PARAMS); for (final Enumeration e = filterConfig.getInitParameterNames(); e.hasMoreElements();) { final String s = (String) e.nextElement(); if (!params.contains(s)) { additionalParameters.put(s, filterConfig.getInitParameter(s)); } } validator.setCustomParameters(additionalParameters); validator.setHostnameVerifier(getHostnameVerifier(filterConfig)); return validator; }
From source file:org.apache.atlas.web.filters.AtlasAuthenticationFilter.java
@Override protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) throws ServletException { Configuration configuration;// www . j a v a 2 s .c o m try { configuration = ApplicationProperties.get(); } catch (Exception e) { throw new ServletException(e); } Properties config = new Properties(); String kerberosAuthEnabled = configuration != null ? configuration.getString("atlas.authentication.method.kerberos") : null; // getString may return null, and would like to log the nature of the default setting String authMethod = ""; if (kerberosAuthEnabled == null || kerberosAuthEnabled.equalsIgnoreCase("false")) { LOG.info("No authentication method configured. Defaulting to simple authentication"); authMethod = "simple"; } else if (kerberosAuthEnabled.equalsIgnoreCase("true")) { authMethod = "kerberos"; } if (configuration.getString("atlas.authentication.method.kerberos.name.rules") != null) { config.put("kerberos.name.rules", configuration.getString("atlas.authentication.method.kerberos.name.rules")); } if (configuration.getString("atlas.authentication.method.kerberos.keytab") != null) { config.put("kerberos.keytab", configuration.getString("atlas.authentication.method.kerberos.keytab")); } if (configuration.getString("atlas.authentication.method.kerberos.principal") != null) { config.put("kerberos.principal", configuration.getString("atlas.authentication.method.kerberos.principal")); } config.put(AuthenticationFilter.AUTH_TYPE, authMethod); config.put(AuthenticationFilter.COOKIE_PATH, "/"); // add any config passed in as init parameters Enumeration<String> enumeration = filterConfig.getInitParameterNames(); while (enumeration.hasMoreElements()) { String name = enumeration.nextElement(); config.put(name, filterConfig.getInitParameter(name)); } //Resolve _HOST into bind address String bindAddress = configuration.getString(SecurityProperties.BIND_ADDRESS); if (bindAddress == null) { LOG.info("No host name configured. Defaulting to local host name."); try { bindAddress = InetAddress.getLocalHost().getHostName(); } catch (UnknownHostException e) { throw new ServletException("Unable to obtain host name", e); } } String principal = config.getProperty(KerberosAuthenticationHandler.PRINCIPAL); if (principal != null) { try { principal = SecurityUtil.getServerPrincipal(principal, bindAddress); } catch (IOException ex) { throw new RuntimeException("Could not resolve Kerberos principal name: " + ex.toString(), ex); } config.put(KerberosAuthenticationHandler.PRINCIPAL, principal); } LOG.debug(" AuthenticationFilterConfig: {}", config); supportKeyTabBrowserLogin = configuration .getBoolean("atlas.authentication.method.kerberos.support.keytab.browser.login", false); String agents = configuration.getString(AtlasCSRFPreventionFilter.BROWSER_USER_AGENT_PARAM, AtlasCSRFPreventionFilter.BROWSER_USER_AGENTS_DEFAULT); if (agents == null) { agents = AtlasCSRFPreventionFilter.BROWSER_USER_AGENTS_DEFAULT; } parseBrowserUserAgents(agents); return config; }
From source file:org.viafirma.cliente.util.ConfigUtil.java
/** * Inicializa el filtro. /* w w w.j av a 2s . co m*/ * Configura el cliente Viafirma. */ public void init(FilterConfig config) { if (!isInit) { isInit = true; // recuperamos la configuracin del contexto /* * <!-- Configuracin del cliente de ejemplo integrado en la plataforma --> <Environment description="Configuracin del Cliente:Proveedor OpenID utilizado para la autenticacin" name="URL_DEFAULT_AUTHENTICATION_PROVIDER" value="http://localhost:8080/viafirma/pip/#ID#" type="java.lang.String" override="false"/> <Environment description="Configuracin del Cliente:Proveedor OpenID utilizado para la firma de documentos" name="URL_DEFAULT_SIGN_PROVIDER" value="http://localhost:8080/viafirma/sign/#ID#" type="java.lang.String" override="false"/> <Environment description="Configuracin del Cliente: Url de retorno de los datos usdado por el cliente. Es la url que informa el cliente al servidor para que este le retorne aqui el resultado" name="URL_AUTHENTICATION_RETURN_OPEN_ID" value="http://localhost:8080/viafirma/testAuthentication" type="java.lang.String" override="false"/> <Environment description="Configuracin del Cliente: Url de retorno del resultado de la firma usdado por el cliente. Es la url que informa el cliente al servidor para que este le retorne aqui el resultado" name="URL_FIRMA_RETURN_OPEN_ID" value="http://localhost:8080/viafirma/testFirma" type="java.lang.String" override="false"/> * */ // recuperamos la url en la que se encuentra el proveedor de Viafirma que se desea utilizar Properties properties = ConfigUtil.getInstance().readConfigPropertes(); // las propiedades que esperamos recuperar son: url_proveedor String urlProveedor = properties.getProperty(Constantes.PARAM_URL_PROVIDER_VIAFIRMA); if (urlProveedor == null) { log.error("Falta el prarametro de configuracin : " + Constantes.PARAM_URL_PROVIDER_VIAFIRMA + ", se intentaran recuperar los parametros de configuracin de forma independiente"); throw new ExceptionInInitializerError("Parametro '" + Constantes.PARAM_URL_PROVIDER_VIAFIRMA + "' requerido para inicializar el cliente Viafirma."); } else { // Utilizando el proveedor contruimos las urls de configuracin que necesitamos. properties.setProperty(Constantes.PARAM_URL_DEFAULT_AUTHENTICATION_PROVIDER, urlProveedor + "/pip/#ID#"); properties.setProperty(Constantes.PARAM_URL_DEFAULT_SIGN_PROVIDER, urlProveedor + "/sign/#ID#"); properties.setProperty(Constantes.PARAM_URL_DEFAULT_SIGN_PROVIDER, urlProveedor + "/sign/#ID#"); } // recupero la url de retorno en caso de error. uriError = config.getInitParameter(Constantes.PARAM_URI_ERROR); // Inicializamos el cliente Viafirma ViafirmaClientFactory.init(properties); } }
From source file:org.sakaiproject.util.RequestFilter.java
/** * Place this filter into service.//from ww w.j a va 2 s.c o m * * @param filterConfig * The filter configuration object */ public void init(FilterConfig filterConfig) throws ServletException { // Requesting the ServerConfigurationService here also triggers the promotion of certain // sakai.properties settings to system properties - see SakaiPropertyPromoter() ServerConfigurationService configService = org.sakaiproject.component.cover.ServerConfigurationService .getInstance(); // knl-640 appUrl = configService.getString("serverUrl", null); chsDomain = configService.getString("content.chs.serverName", null); chsUrl = configService.getString("content.chs.serverUrl", null); useContentHostingDomain = configService.getBoolean("content.separateDomains", false); contentPaths = configService.getStrings("content.chs.urlprefixes"); if (contentPaths == null) { contentPaths = new String[] { "/access/", "/web/" }; } loginPaths = configService.getStrings("content.login.urlprefixes"); if (loginPaths == null) { loginPaths = new String[] { "/access/login", "/sakai-login-tool", "/access/require", "/access/accept" }; } contentExceptions = configService.getStrings("content.chsexception.urlprefixes"); if (contentExceptions == null) { // add in default exceptions here, if desired contentExceptions = new String[] { "/access/calendar/", "/access/citation/export_ris_sel/", "/access/citation/export_ris_all/" }; } // capture the servlet context for later user m_servletContext = filterConfig.getServletContext(); if (filterConfig.getInitParameter(CONFIG_SESSION) != null) { String s = filterConfig.getInitParameter(CONFIG_SESSION); if ("container".equalsIgnoreCase(s)) { m_sakaiHttpSession = CONTAINER_SESSION; } else if ("sakai".equalsIgnoreCase(s)) { m_sakaiHttpSession = SAKAI_SESSION; } else if ("context".equalsIgnoreCase(s)) { m_sakaiHttpSession = CONTEXT_SESSION; } else if ("tool".equalsIgnoreCase(s)) { m_sakaiHttpSession = TOOL_SESSION; } else { M_log.warn("invalid " + CONFIG_SESSION + " setting (" + s + "): not one of container, sakai, context, tool"); } } if (filterConfig.getInitParameter(CONFIG_REMOTE_USER) != null) { m_sakaiRemoteUser = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_REMOTE_USER)).booleanValue(); } if (filterConfig.getInitParameter(CONFIG_SESSION_AUTH) != null) { m_checkPrincipal = "basic".equals(filterConfig.getInitParameter(CONFIG_SESSION_AUTH)); } if (filterConfig.getInitParameter(CONFIG_TOOL_PLACEMENT) != null) { m_toolPlacement = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_TOOL_PLACEMENT)).booleanValue(); } if (filterConfig.getInitParameter(CONFIG_CONTEXT) != null) { m_contextId = filterConfig.getInitParameter(CONFIG_CONTEXT); } else { // This is a little confusing as we're taking a display name and using it as an ID. m_contextId = m_servletContext.getServletContextName(); if (m_contextId == null) { m_contextId = toString(); } } if (filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING) != null) { m_characterEncoding = filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING); } if (filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING_ENABLED) != null) { m_characterEncodingEnabled = Boolean .valueOf(filterConfig.getInitParameter(CONFIG_CHARACTER_ENCODING_ENABLED)).booleanValue(); } if (filterConfig.getInitParameter(CONFIG_UPLOAD_ENABLED) != null) { m_uploadEnabled = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_UPLOAD_ENABLED)).booleanValue(); } // get the maximum allowed upload size from the system property - use if not overriden, and also use as the ceiling if that // is not defined. if (System.getProperty(SYSTEM_UPLOAD_MAX) != null) { m_uploadMaxSize = Long.valueOf(System.getProperty(SYSTEM_UPLOAD_MAX).trim()).longValue() * 1024L * 1024L; m_uploadCeiling = m_uploadMaxSize; } // if the maximum allowed upload size is configured on the filter, it overrides the system property if (filterConfig.getInitParameter(CONFIG_UPLOAD_MAX) != null) { m_uploadMaxSize = Long.valueOf(filterConfig.getInitParameter(CONFIG_UPLOAD_MAX).trim()).longValue() * 1024L * 1024L; } // get the upload max ceiling that limits any other upload max, if defined if (System.getProperty(SYSTEM_UPLOAD_CEILING) != null) { m_uploadCeiling = Long.valueOf(System.getProperty(SYSTEM_UPLOAD_CEILING).trim()).longValue() * 1024L * 1024L; } // get the system wide settin, if present, for the temp dir if (System.getProperty(SYSTEM_UPLOAD_DIR) != null) { m_uploadTempDir = System.getProperty(SYSTEM_UPLOAD_DIR); } // override with our configuration for temp dir, if set if (filterConfig.getInitParameter(CONFIG_UPLOAD_DIR) != null) { m_uploadTempDir = filterConfig.getInitParameter(CONFIG_UPLOAD_DIR); } if (filterConfig.getInitParameter(CONFIG_UPLOAD_THRESHOLD) != null) { m_uploadThreshold = Integer.valueOf(filterConfig.getInitParameter(CONFIG_UPLOAD_THRESHOLD)).intValue(); } if (filterConfig.getInitParameter(CONFIG_CONTINUE) != null) { m_uploadContinue = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_CONTINUE)).booleanValue(); } if (filterConfig.getInitParameter(CONFIG_MAX_PER_FILE) != null) { m_uploadMaxPerFile = Boolean.valueOf(filterConfig.getInitParameter(CONFIG_MAX_PER_FILE)).booleanValue(); } // Note: if set to continue processing max exceeded uploads, we only support per-file max, not overall max if (m_uploadContinue && !m_uploadMaxPerFile) { M_log.warn("overridding " + CONFIG_MAX_PER_FILE + " setting: must be 'true' with " + CONFIG_CONTINUE + " ='true'"); m_uploadMaxPerFile = true; } String clusterTerracotta = System.getProperty("sakai.cluster.terracotta"); TERRACOTTA_CLUSTER = "true".equals(clusterTerracotta); // retrieve the configured cookie name, if any if (System.getProperty(SAKAI_COOKIE_NAME) != null) { cookieName = System.getProperty(SAKAI_COOKIE_NAME); } // retrieve the configured cookie domain, if any if (System.getProperty(SAKAI_COOKIE_DOMAIN) != null) { cookieDomain = System.getProperty(SAKAI_COOKIE_DOMAIN); } m_sessionParamAllow = configService.getBoolean(SAKAI_SESSION_PARAM_ALLOW, false); // retrieve option to enable or disable cookie HttpOnly m_cookieHttpOnly = configService.getBoolean(SAKAI_COOKIE_HTTP_ONLY, true); m_UACompatible = configService.getString(SAKAI_UA_COMPATIBLE, null); isLTIProviderAllowed = (configService.getString(SAKAI_BLTI_PROVIDER_TOOLS, null) != null); m_redirectRandomNode = configService.getBoolean(SAKAI_CLUSTER_REDIRECT_RANDOM, true); }