NtlmHttpServletRequestFilter xref

View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    * 
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   * 
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.security.impl.ntlm;
18  
19  import java.io.IOException;
20  
21  import javax.servlet.Filter;
22  import javax.servlet.FilterChain;
23  import javax.servlet.FilterConfig;
24  import javax.servlet.ServletException;
25  import javax.servlet.ServletRequest;
26  import javax.servlet.ServletResponse;
27  import javax.servlet.http.HttpServletRequest;
28  import javax.servlet.http.HttpServletResponse;
29  /***
30   * <code>NtlmHttpServletRequestFilter</code> can be used in combination with an Ntml authentication filter (jCIFS).
31   * The <code>NtlmHttpServletRequestFilter</code> <b>must</b> be configured after the jCIFS filter in web.xml. The 
32   * NtlmHttpServletRequestFilter wraps the jCIFS HttpServletRequest  with a <code>NtlmHttpServletRequestWrapper</code>.
33   * This is done to control which principal / remoteUser is returned by the request.
34   * If a fallback authentication method is used (e.g. container-based form authentication) then you must 
35   * use the filter param <code>org.apache.jetspeed.security.ntlm.ignoreUrls</code> in web.xml to specify the urls for
36   * which the Ntlm principal / remoteUser should be ignored. 
37   * 
38   * @see NtlmHttpServletRequestWrapper
39   * @author <a href="mailto:d.dam@hippo.nl">Dennis Dam</a>
40   * @version $Id$
41   */
42  public class NtlmHttpServletRequestFilter implements Filter {
43      
44      private String ignoreNtlmUrls;    
45      
46      public void destroy() {
47      }
48  
49      public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
50              ServletException {
51          HttpServletRequest req = (HttpServletRequest)request;
52          HttpServletResponse resp = (HttpServletResponse)response;
53          chain.doFilter( new NtlmHttpServletRequestWrapper( req, ignoreNtlmUrls ), resp );
54      }
55  
56      public void init(FilterConfig config) throws ServletException {
57         ignoreNtlmUrls = config.getInitParameter("org.apache.jetspeed.security.ntlm.ignoreUrls");
58      }
59  
60  }