/** * This file is part of Graylog. * * Graylog is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * Graylog is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Graylog. If not, see <http://www.gnu.org/licenses/>. */ package org.graylog2.shared.security; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.annotation.Priority; import javax.ws.rs.ForbiddenException; import javax.ws.rs.Priorities; import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.container.ContainerRequestFilter; import java.io.IOException; @Priority(Priorities.AUTHORIZATION) public class RestrictToMasterFilter implements ContainerRequestFilter { private static final Logger LOG = LoggerFactory.getLogger(RestrictToMasterFilter.class); @Override public void filter(ContainerRequestContext requestContext) throws IOException { LOG.warn("Rejected request that is only allowed against master nodes. Returning HTTP 403."); throw new ForbiddenException("Request is only allowed against master nodes."); } }