0ct0pu5/fess
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

remove auth filter

Browse source
This commit is contained in:
Shinsuke Sugaya 2016-01-21 09:38:30 +09:00
parent 84c6516271
commit 64b2f7b33d
3 changed files with 0 additions and 257 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
src/main/java/org/codelibs/fess/filter/AdminAuthFilter.java
View file

@ -1,41 +0,0 @@
/*
* Copyright 2012-2016 CodeLibs Project and the Others.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the specific language
* governing permissions and limitations under the License.
*/
package org.codelibs.fess.filter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.codelibs.fess.Constants;
import org.codelibs.fess.entity.LoginInfo;
import org.codelibs.fess.entity.UserInfo;
public class AdminAuthFilter extends AuthFilter {
@Override
protected UserInfo getUserInfo(final HttpServletRequest req) {
final HttpSession session = req.getSession(false);
if (session == null) {
return null;
}
final Object obj = session.getAttribute(Constants.USER_INFO);
if (obj instanceof LoginInfo) {
final LoginInfo loginInfo = (LoginInfo) obj;
if (loginInfo.isAdministrator()) {
return loginInfo;
}
}
return null;
}
}

192
src/main/java/org/codelibs/fess/filter/AuthFilter.java
View file

@ -1,192 +0,0 @@
/*
* Copyright 2012-2016 CodeLibs Project and the Others.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the specific language
* governing permissions and limitations under the License.
*/
package org.codelibs.fess.filter;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.codelibs.core.CoreLibConstants;
import org.codelibs.core.crypto.CachedCipher;
import org.codelibs.core.lang.StringUtil;
import org.codelibs.fess.Constants;
import org.codelibs.fess.entity.UserInfo;
import org.codelibs.fess.util.ActivityUtil;
import org.lastaflute.di.core.SingletonLaContainer;
/**
* A filter implementation to process a container based authentication.
*
* @author shinsuke
*
*/
public class AuthFilter implements Filter {
private static final String DEFAULT_LOGIN_PATH = "/login/";
private static final String HTTPS = "https:";
private static final String HTTP = "http:";
public List<Pattern> urlPatternList = new ArrayList<Pattern>();
protected String cipherName;
protected String loginPath;
protected boolean useSecureLogin;
protected String returnPathName;
@Override
public void init(final FilterConfig filterConfig) throws ServletException {
String value = filterConfig.getInitParameter("urlPatterns");
if (value != null) {
final String[] urlPatterns = value.split(",");
for (final String urlPattern : urlPatterns) {
urlPatternList.add(Pattern.compile(urlPattern.trim()));
}
}
cipherName = filterConfig.getInitParameter("cipherName");
if (StringUtil.isBlank(cipherName)) {
cipherName = "authCipher";
}
loginPath = filterConfig.getInitParameter("loginPath");
value = filterConfig.getInitParameter("useSecureLogin");
if (StringUtil.isNotBlank(value)) {
useSecureLogin = Boolean.parseBoolean(value);
} else {
useSecureLogin = false;
}
returnPathName = filterConfig.getInitParameter("returnPathName");
if (StringUtil.isBlank(returnPathName)) {
returnPathName = "returnPath";
}
}
@Override
public void destroy() {
urlPatternList = null;
cipherName = null;
}
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException,
ServletException {
final HttpServletRequest req = (HttpServletRequest) request;
final HttpServletResponse res = (HttpServletResponse) response;
final String uri = req.getRequestURI();
final CachedCipher cipher = getCachedCipher();
for (final Pattern pattern : urlPatternList) {
final Matcher matcher = pattern.matcher(uri);
if (matcher.matches()) {
final String requestURL = req.getRequestURL().toString();
if (useSecureLogin) {
if (requestURL.startsWith(HTTP)) {
// redirect
res.sendRedirect(requestURL.replaceFirst(HTTP, HTTPS));
return;
}
}
// require authentication
final UserInfo userInfo = getUserInfo(req);
if (userInfo != null) {
ActivityUtil.access(userInfo.getUsername(), req);
chain.doFilter(new AuthHttpServletRequest(req, userInfo), response);
} else {
final StringBuilder buf = new StringBuilder(256);
buf.append(System.currentTimeMillis());
buf.append('|');
buf.append(requestURL);
String encoding = request.getCharacterEncoding();
if (encoding == null) {
encoding = CoreLibConstants.UTF_8;
}
final StringBuilder urlBuf = new StringBuilder(1000);
if (StringUtil.isBlank(loginPath)) {
final String contextPath = req.getContextPath();
if (contextPath != null) {
urlBuf.append(contextPath);
}
urlBuf.append(DEFAULT_LOGIN_PATH);
} else {
urlBuf.append(res.encodeURL(loginPath));
}
urlBuf.append('?').append(returnPathName).append('=');
urlBuf.append(URLEncoder.encode(cipher.encryptoText(buf.toString()), encoding));
// redirect
res.sendRedirect(urlBuf.toString());
}
return;
}
}
chain.doFilter(request, response);
}
protected UserInfo getUserInfo(final HttpServletRequest req) {
final Object obj = req.getSession().getAttribute(Constants.USER_INFO);
if (obj instanceof UserInfo) {
return (UserInfo) obj;
}
return null;
}
protected CachedCipher getCachedCipher() {
return SingletonLaContainer.getComponent(cipherName);
}
protected static class AuthHttpServletRequest extends HttpServletRequestWrapper {
protected UserInfo userInfo;
protected AuthHttpServletRequest(final HttpServletRequest request, final UserInfo userInfo) {
super(request);
this.userInfo = userInfo;
}
@Override
public String getRemoteUser() {
return userInfo.getUsername();
}
@Override
public boolean isUserInRole(final String role) {
return userInfo.isUserInRole(role);
}
}
}

24
src/main/webapp/WEB-INF/web.xml
View file

@ -35,23 +35,6 @@
</init-param>
</filter>
<filter>
<filter-name>authenticationFilter</filter-name>
<filter-class>org.codelibs.fess.filter.AdminAuthFilter</filter-class>
<init-param>
<param-name>urlPatterns</param-name>
<param-value>/fess/admin.*</param-value>
</init-param>
<init-param>
<param-name>loginPath</param-name>
<param-value>/fess/login/</param-value>
</init-param>
<init-param>
<param-name>cipherName</param-name>
<param-value>authenticationCipher</param-value>
</init-param>
</filter>
<filter>
<filter-name>webApiFilter</filter-name>
<filter-class>org.codelibs.fess.filter.WebApiFilter</filter-class>
@ -153,13 +136,6 @@
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<!-- TODO
<filter-mapping>
<filter-name>authenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<filter-mapping>
<filter-name>webApiFilter</filter-name>
<url-pattern>/*</url-pattern>