| %line | %branch | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| org.apache.jetspeed.security.impl.ntlm.NtlmHttpServletRequestFilter |
|
|
| 1 | /* |
|
| 2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
| 3 | * contributor license agreements. See the NOTICE file distributed with |
|
| 4 | * this work for additional information regarding copyright ownership. |
|
| 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
| 6 | * (the "License"); you may not use this file except in compliance with |
|
| 7 | * the License. You may obtain a copy of the License at |
|
| 8 | * |
|
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
| 10 | * |
|
| 11 | * Unless required by applicable law or agreed to in writing, software |
|
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
| 14 | * See the License for the specific language governing permissions and |
|
| 15 | * limitations under the License. |
|
| 16 | */ |
|
| 17 | package org.apache.jetspeed.security.impl.ntlm; |
|
| 18 | ||
| 19 | import java.io.IOException; |
|
| 20 | ||
| 21 | import javax.servlet.Filter; |
|
| 22 | import javax.servlet.FilterChain; |
|
| 23 | import javax.servlet.FilterConfig; |
|
| 24 | import javax.servlet.ServletException; |
|
| 25 | import javax.servlet.ServletRequest; |
|
| 26 | import javax.servlet.ServletResponse; |
|
| 27 | import javax.servlet.http.HttpServletRequest; |
|
| 28 | import javax.servlet.http.HttpServletResponse; |
|
| 29 | /** |
|
| 30 | * <code>NtlmHttpServletRequestFilter</code> can be used in combination with an Ntml authentication filter (jCIFS). |
|
| 31 | * The <code>NtlmHttpServletRequestFilter</code> <b>must</b> be configured after the jCIFS filter in web.xml. The |
|
| 32 | * NtlmHttpServletRequestFilter wraps the jCIFS HttpServletRequest with a <code>NtlmHttpServletRequestWrapper</code>. |
|
| 33 | * This is done to control which principal / remoteUser is returned by the request. |
|
| 34 | * If a fallback authentication method is used (e.g. container-based form authentication) then you must |
|
| 35 | * use the filter param <code>org.apache.jetspeed.security.ntlm.ignoreUrls</code> in web.xml to specify the urls for |
|
| 36 | * which the Ntlm principal / remoteUser should be ignored. |
|
| 37 | * |
|
| 38 | * @see NtlmHttpServletRequestWrapper |
|
| 39 | * @author <a href="mailto:d.dam@hippo.nl">Dennis Dam</a> |
|
| 40 | * @version $Id$ |
|
| 41 | */ |
|
| 42 | 0 | public class NtlmHttpServletRequestFilter implements Filter { |
| 43 | ||
| 44 | private String ignoreNtlmUrls; |
|
| 45 | ||
| 46 | public void destroy() { |
|
| 47 | 0 | } |
| 48 | ||
| 49 | public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, |
|
| 50 | ServletException { |
|
| 51 | 0 | HttpServletRequest req = (HttpServletRequest)request; |
| 52 | 0 | HttpServletResponse resp = (HttpServletResponse)response; |
| 53 | 0 | chain.doFilter( new NtlmHttpServletRequestWrapper( req, ignoreNtlmUrls ), resp ); |
| 54 | 0 | } |
| 55 | ||
| 56 | public void init(FilterConfig config) throws ServletException { |
|
| 57 | 0 | ignoreNtlmUrls = config.getInitParameter("org.apache.jetspeed.security.ntlm.ignoreUrls"); |
| 58 | 0 | } |
| 59 | ||
| 60 | } |
| This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |