RequestAttributePreAuthenticatedProcessingFilter.java example

Explorer
eurekastreams-master
/*
 * Copyright (c) 2009 Lockheed Martin Corporation
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.eurekastreams.server.service.security.preauth;

import javax.servlet.http.HttpServletRequest;

import org.springframework.security.ui.FilterChainOrder;
import org.springframework.security.ui.preauth.AbstractPreAuthenticatedProcessingFilter;
import org.springframework.security.ui.preauth.PreAuthenticatedCredentialsNotFoundException;

/**
 * A simple pre-authenticated filter which obtains the username from a request attribute, for use with systems
 * that have the ability to put request attributes in the request to pass along.
 * <p>
 * The property <tt>principalRequestAttribute</tt> is the name of the request header that contains the username. It 
 * defaults to "REMOTE_USER".
 * 
 */
public class RequestAttributePreAuthenticatedProcessingFilter extends AbstractPreAuthenticatedProcessingFilter
{
	/**
	 * Filter order chain value for filter execution.
	 */
	private static final int FILTER_CHAIN_ORDER = FilterChainOrder.PRE_AUTH_FILTER;
	
	/**
	 * The default attribute name to find in the request for the username.  This can be overridden in the context
	 * configuration file
	 */
	private String principalRequestAttribute = "REMOTE_USER";  //default request attribute name
	
	/**
	 * The credentials request header string.
	 */
	private String credentialsRequestHeader;				   //default header value is null = does not exist

	/**
	 * Read and returns the header named by <tt>principalRequestHeader</tt> from the request.
	 * 
	 * @param request  The Servlet request object.
	 * @return String  the principal.
	 */
	protected Object getPreAuthenticatedPrincipal(final HttpServletRequest request)
	{
		String principal = (String) request.getAttribute(principalRequestAttribute);
		
		if (principal == null)
		{
			throw new PreAuthenticatedCredentialsNotFoundException(principalRequestAttribute
					+ " attribute not found in request.");
		}

		return principal;
	}	
		
	/**
	 * A getter for the credentials.
	 * 
	 * @param request  The Servlet request object.
	 * @return Object  The credentials object as found in the request header.
	 */
	protected Object getPreAuthenticatedCredentials(final HttpServletRequest request)
	{
		if (credentialsRequestHeader != null)
		{
			String credentials = request.getHeader(credentialsRequestHeader);	
			if (credentials == null)
			{
				throw new PreAuthenticatedCredentialsNotFoundException(credentialsRequestHeader
						+ " header value not found in request.");
			}
			
			return credentials;
		}
		return "N/A";
	}
	
	/**
	 * A setter for the principal request attribute.
	 * 
	 * @param prinRequestAttribute  the username as the principal.
	 */
	public void setPrincipalRequestAttribute(final String prinRequestAttribute)
	{
		this.principalRequestAttribute = prinRequestAttribute;
	}

	/**
	 * A setter for the credentials request header.
	 * 
	 * @param credRequestHeader  The credentials request header.
	 */
	public void setCredentialsRequestHeader(final String credRequestHeader)
	{
		this.credentialsRequestHeader = credRequestHeader;
	}

	/**
	 * A getter for the order this filter should execute in the chain.
	 * 
	 * @return int  The order in the filter chain to execute.
	 */
	public int getOrder()
	{
		return FILTER_CHAIN_ORDER;
	}
}