/*
* Copyright (c) 2012 Data Harmonisation Panel
*
* All rights reserved. This program and the accompanying materials are made
* available under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation, either version 3 of the License,
* or (at your option) any later version.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this distribution. If not, see <http://www.gnu.org/licenses/>.
*
* Contributors:
* Data Harmonisation Panel <http://www.dhpanel.eu>
*/
package eu.esdihumboldt.hale.server.security.util;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.slf4j.MDC;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
/**
* Filter that puts information on remote address and user name into the slf4j
* MDC.
*
* @author Simon Templer
*/
public class RequestLoggingFilter implements Filter {
/**
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// do nothing
}
/**
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// user
String user = null;
SecurityContext securityContext = SecurityContextHolder.getContext();
if (securityContext != null) {
Authentication authentication = securityContext.getAuthentication();
if (authentication != null && authentication.isAuthenticated()) {
user = authentication.getName();
}
}
if (user != null) {
MDC.put("user", user);
}
// remote address
String remote = request.getRemoteAddr();
if (remote != null) {
MDC.put("remote", remote);
}
chain.doFilter(request, response);
}
/**
* @see javax.servlet.Filter#destroy()
*/
@Override
public void destroy() {
// do nothing
}
}