LoginShiroFilter.java example

Explorer

gazpachoquest-master
- api
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        api
        AuthenticationResource.java
        QuestionnaireResource.java
    - test
      - java
        AppTest.java
- components
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        aspects
        ProfilingAdvise.java
        bootstrap
        EnviromentDiscovery.java
        util
        AcronymGenerator.java
        RandomTokenGenerator.java
        impl
        AcronymGeneratorImpl.java
        RandomTokenGeneratorImpl.java
        velocity
        loader
        LocalizedTemplateResourceLoader.java
        LocalizedTemplateResourceLoaderImpl.java
    - test
      - java
        net
        sf
        gazpachoquest
        util
        impl
        AcronymGeneratorImplTest.java
        RandomTokenGeneratorTest.java
        velocity
        loader
        LocalizedTemplateResourceLoaderTest.java
        VelocityEngineFactoryBeanTest.java
- dtos
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        dto
        AnonymousInvitationDTO.java
        AuditorDTO.java
        GroupDTO.java
        InvitationDTO.java
        LabelDTO.java
        LabelLanguageSettingsDTO.java
        LabelSetDTO.java
        MailMessageTemplateDTO.java
        PageMetadataDTO.java
        PersonalInvitationDTO.java
        QuestionDTO.java
        QuestionOptionDTO.java
        QuestionnaireDTO.java
        QuestionnaireDefinitionDTO.java
        QuestionnairePageDTO.java
        ResearchDTO.java
        SectionDTO.java
        SubquestionDTO.java
        UserDTO.java
        answers
        AbstractAnswer.java
        Answer.java
        BooleanAnswer.java
        LongTextAnswer.java
        MultipleAnswer.java
        NoAnswer.java
        NumericAnswer.java
        SimpleAnswer.java
        TextAnswer.java
        auth
        AbstractAccount.java
        Account.java
        RespondentAccount.java
        RoleAccount.java
        embeddables
        MailMessageTemplateLanguageSettingsDTO.java
        QuestionLanguageSettingsDTO.java
        QuestionOptionLanguageSettingsDTO.java
        QuestionnaireDefinitionLanguageSettingsDTO.java
        SectionLanguageSettingsDTO.java
        error
        ErrorEntity.java
        support
        AbstractAuditableDTO.java
        AbstractIdentifiableDTO.java
        AbstractQuestionDTO.java
        Identifiable.java
        IdentifiableLocalizable.java
        LanguageSettingsContainerBuilder.java
        LanguageSettingsDTO.java
        PageDTO.java
        TranslationDTO.java
        uml
        OverviewClassDiagram.java
        UMLOptions.java
- facades
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        facades
        GroupFacade.java
        InvitationFacade.java
        MailMessageFacade.java
        QuestionnaireDefinitionAccessorFacade.java
        QuestionnaireDefinitionEditorFacade.java
        ResearchFacade.java
        UserFacade.java
        impl
        GroupFacadeImpl.java
        InvitationFacadeImpl.java
        MailMessageFacadeImpl.java
        QuestionnaireDefinitionAccessorFacadeImpl.java
        QuestionnaireDefinitionEditorFacadeImpl.java
        ResearchFacadeImpl.java
        UserFacadeImpl.java
        support
        DateTimeCustomConverter.java
    - test
      - java
        net
        sf
        gazpachoquest
        facades
        InvitationFacadeTest.java
        MailMessageFacadeTest.java
        QuestionnaireDefinitionAccessorFacadeTest.java
        QuestionnaireDefinitionEditorFacadeTest.java
        ResearchFacadeTest.java
- jaas
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        jaas
        RespondentsLoginModule.java
        auth
        AbstractAccount.java
        Account.java
        RespondentAccount.java
        RoleAccount.java
- persistence
  - dao
    - src
      - main
        java
        net
        sf
        gazpachoquest
        repository
        BreadcrumbRepository.java
        InvitationRepository.java
        LabelRepository.java
        LabelSetRepository.java
        MailMessageRepository.java
        MailMessageTemplateRepository.java
        PersonalInvitationRepository.java
        QuestionOptionRepository.java
        QuestionRepository.java
        QuestionnaireDefinitionRepository.java
        QuestionnaireRepository.java
        ResearchRepository.java
        SectionRepository.java
        dynamic
        QuestionnaireAnswersActivator.java
        QuestionnaireAnswersRepository.java
        QuestionnaireAnswersRepositoryImpl.java
        i18
        LabelTranslationRepository.java
        MailMessageTemplateTranslationRepository.java
        QuestionOptionTranslationRepository.java
        QuestionTranslationRepository.java
        QuestionnaireDefinitionTranslationRepository.java
        SectionTranslationRepository.java
        permission
        DirectoryPermissionRepository.java
        QuestionnaireDefinitionPermissionRepository.java
        QuestionnairePermissionRepository.java
        ResearchPermissionRepository.java
        UserPermissionRepository.java
        support
        DefaultPersistenceProvider.java
        DefaultRepositoryFactory.java
        DefaultRepositoryFactoryBean.java
        GenericRepository.java
        GenericRepositoryImpl.java
        user
        DirectoryRepository.java
        GroupRepository.java
        RoleRepository.java
        UserRepository.java
      - test
        java
        net
        sf
        gazpachoquest
        repository
        BreadcrumbRepositoryTest.java
        InvitationRepositoryTest.java
        LabelSetRepositoryTest.java
        MailMessageTemplateRepositoryTest.java
        QuestionRepositoryTest.java
        QuestionnaireDefinitionRepositoryTest.java
        QuestionnaireRepositoryTest.java
        ResearchRepositoryTest.java
        SectionRepositoryTest.java
        UserRepositoryTest.java
        dynamic
        QuestionnaireAnswersRepositoryTest.java
        i18
        QuestionnaireDefinitionTranslationRepositoryTest.java
  - dao-blueprint
    - src
      - main
        java
        net
        sf
        gazpachoquest
        repository
        InvitationRepository.java
        LabelSetRepository.java
        impl
        InvitationRepositoryImpl.java
        LabelSetRepositoryImpl.java
        support
        AbstractJPARepository.java
        JPARepository.java
  - domain
    - src
      - main
        java
        net
        sf
        gazpachoquest
        domain
        audit
        ShiroAuditorAware.java
        SimpleAuditorAware.java
        core
        AnonymousInvitation.java
        Breadcrumb.java
        Document.java
        Label.java
        LabelSet.java
        MailMessage.java
        MailMessageTemplate.java
        PersonalInvitation.java
        Question.java
        QuestionBreadcrumb.java
        QuestionOption.java
        Questionnaire.java
        QuestionnaireAnswers.java
        QuestionnaireDefinition.java
        Research.java
        Section.java
        SectionBreadcrumb.java
        embeddables
        LabelLanguageSettings.java
        MailMessageTemplateLanguageSettings.java
        QuestionLanguageSettings.java
        QuestionOptionLanguageSettings.java
        QuestionnaireDefinitionLanguageSettings.java
        SectionLanguageSettings.java
        package-info.java
        i18
        LabelTranslation.java
        MailMessageTemplateTranslation.java
        QuestionOptionTranslation.java
        QuestionTranslation.java
        QuestionnaireDefinitionTranslation.java
        SectionTranslation.java
        permission
        DirectoryPermission.java
        QuestionnaireDefinitionPermission.java
        QuestionnairePermission.java
        ResearchPermission.java
        UserPermission.java
        support
        AbstractAuditable.java
        AbstractLocalizable.java
        AbstractPermission.java
        AbstractPersistable.java
        AbstractSecurizable.java
        AbstractSecurizableLocalizable.java
        Auditable.java
        Invitation.java
        LanguageSettings.java
        Localizable.java
        Permission.java
        Persistable.java
        Securizable.java
        Translation.java
        TranslationBuilder.java
        XMLCustomizer.java
        uml
        ComponentsDiagram.java
        GatewayLayerDiagram.java
        OverviewDomainClassDiagram.java
        RBACSimplifiedClassDiagram.java
        user
        Directory.java
        Group.java
        Role.java
        User.java
        metamodel
        net
        sf
        gazpachoquest
        domain
        core
        AnonymousInvitation_.java
        Breadcrumb_.java
        LabelSet_.java
        Label_.java
        MailMessageTemplate_.java
        MailMessage_.java
        PersonalInvitation_.java
        QuestionBreadcrumb_.java
        QuestionOption_.java
        Question_.java
        QuestionnaireDefinition_.java
        Questionnaire_.java
        Research_.java
        SectionBreadcrumb_.java
        Section_.java
        embeddables
        LabelLanguageSettings_.java
        MailMessageTemplateLanguageSettings_.java
        QuestionLanguageSettings_.java
        QuestionOptionLanguageSettings_.java
        QuestionnaireDefinitionLanguageSettings_.java
        SectionLanguageSettings_.java
        i18
        LabelTranslation_.java
        MailMessageTemplateTranslation_.java
        QuestionOptionTranslation_.java
        QuestionTranslation_.java
        QuestionnaireDefinitionTranslation_.java
        SectionTranslation_.java
        permission
        AbstractPermission_.java
        DirectoryPermission_.java
        QuestionnaireDefinitionPermission_.java
        QuestionnairePermission_.java
        ResearchPermission_.java
        UserPermission_.java
        support
        AbstractAuditable_.java
        AbstractLocalizable_.java
        AbstractPersistable_.java
        AbstractSecurizableLocalizable_.java
        AbstractSecurizable_.java
        Invitation_.java
        user
        Directory_.java
        Group_.java
        Role_.java
        User_.java
  - jpa
    - src
      - main
        java
        net
        sf
        gazpachoquest
        jpa
        converter
        EntityStatusConverter.java
        EntityTypeConverter.java
        GenderTypeConverter.java
        InvitationStatusConverter.java
        LocalDateTimeConverter.java
        MapToStringConverter.java
        RandomizationStrategyTypeConverter.java
        RenderingModeConverter.java
        ResearchAccessTypeConverter.java
        support
        HstoreSupport.java
        PGHStore.java
        eclipselink
        CamelNamingStrategy.java
        Slf4jSessionLogger.java
      - test
        java
        net
        sf
        gazpachoquest
        jpa
        eclipselink
        AppTest.java
        HStoreHelloWorld.java
  - qbe
    - src
      - main
        java
        net
        sf
        gazpachoquest
        qbe
        EntitySelector.java
        JpaUtil.java
        NamedQueryUtil.java
        OrderBy.java
        OrderByDirection.java
        PropertySelector.java
        Range.java
        Ranges.java
        SearchMode.java
        SearchParameters.java
      - test
        java
        org
        itim
        smsgateway
        qbe
        AppTest.java
  - qbe-specification
    - src
      - main
        java
        net
        sf
        gazpachoquest
        qbe
        ByExampleSpecification.java
        PropertySelectorSpecification.java
        RangeSpecification.java
      - test
        java
        org
        itim
        smsgateway
        qbe
        AppTest.java
- questionnaires-backend
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        facades
        QuestionnaireFacade.java
        impl
        QuestionnaireFacadeImpl.java
        questionnaire
        resolver
        AbstractResolver.java
        AllInOneResolver.java
        PageResolver.java
        QuestionByQuestionRelevanceAwareResolver.java
        QuestionByQuestionResolver.java
        ResolverSelector.java
        ResolverSelectorImpl.java
        SectionBySectionRelevanceAwareResolver.java
        SectionBySectionResolver.java
        support
        AnswersPopulator.java
        AnswersPopulatorImpl.java
        PageMetadataCreator.java
        PageMetadataCreatorImpl.java
        PageMetadataStructure.java
        PageStructure.java
    - test
      - java
        net
        sf
        gazpachoquest
        facades
        QuestionnaireFacadeTest.java
        questionnaire
        resolver
        AllInOneResolverTest.java
        QuestionByQuestionRelevanceAwareResolverTest.java
        QuestionByQuestionResolverTest.java
        SectionBySectionRelevanceAwareResolverTest.java
        SectionBySectionResolverTest.java
        support
        AnswersPopulatorTest.java
        PageMetadataCreatorTest.java
- questionnaires-ui
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        questionnaires
        GazpachoErrorViewProvider.java
        GazpachoViewDisplay.java
        QuestionnairesUI.java
        bootstrap
        ApplicationInitialisationListener.java
        ConfigurationFactory.java
        ConfigurationKey.java
        InjectedConfiguration.java
        StartUpEvent.java
        components
        question
        AbstractQuestionComponent.java
        QuestionComponent.java
        QuestionFactory.java
        type
        CheckboxListQuestion.java
        ListRadioQuestion.java
        NumericQuestion.java
        ShortFreeTextQuestion.java
        util
        CustomIntegerRangeValidator.java
        events
        AnswerSavedEvent.java
        i18
        MessageBundle.java
        MessageResource.java
        impl
        MessageBundleImpl.java
        MessageResourceProducer.java
        listener
        AnswerSavedListener.java
        log
        SLF4JBridgeActivator.java
        resource
        GazpachoResource.java
        ResourceProducer.java
        views
        ErrorView.java
        MyPresenter.java
        MyView.java
        MyViewImpl.java
        QuestionnaireView.java
        login
        LoginEvent.java
        LoginView.java
        OldLoginView.java
    - test
      - java
        com
        vaadin
        cdi
        ArchiveProvider.java
        net
        sf
        gazpachoquest
        questionnaires
        QuestionnairesUITest.java
        i18
        MessageResourceTest.java
        resource
        QuestionnairResourceInServletTest.java
        QuestionnairResourceTest.java
        QuestionnairResourceTestServlet.java
- rest
  - rest-cxf-contrib
    - src
      - main
        java
        net
        sf
        gazpachoquest
        cxf
        interceptor
        HmacAuthInterceptor.java
      - test
        java
        net
        sf
        gazpachoquest
        cxf
        interceptor
        ClientInterceptorTest.java
  - rest-security
    - src
      - main
        java
        net
        sf
        gazpachoquest
        security
        AccountType.java
        AuthenticationManager.java
        AuthenticationManagerFactory.java
        impl
        AuthenticationManagerFactoryImpl.java
        RespondentAuthenticationManagerImpl.java
        shiro
        AuthenticationInfoImpl.java
        HmacAuthToken.java
        JPARealm.java
        SecurityManagerExposer.java
        support
        HMACSignature.java
      - test
        java
        net
        sf
        gazpachoquest
        security
        AuthenticationManagerFactoryImplTest.java
        RespondentAuthenticationManagerTest.java
        shiro
        JPARealmTest.java
        support
        HMACSignatureTest.java
  - rest-web
    - src
      - main
        java
        net
        sf
        gazpachoquest
        rest
        ApplicationConfig.java
        exception
        AccountNotFoundExceptionHandler.java
        DefaultExceptionHandler.java
        ShiroExceptionHandler.java
        WebApplicationExceptionHandler.java
        filter
        InternalSwaggerFilter.java
        LoginShiroFilter.java
        LogoutShiroFilter.java
        resources
        AuthenticationResource.java
        InvitationResource.java
        QuestionnaireDefinitionResource.java
        QuestionnaireResource.java
        ResearchResource.java
        UserResource.java
        support
        JacksonContextResolver.java
      - test
        java
        net
        sf
        gazpachoquest
        rest
        filter
        LoginShiroFilterTest.java
        resource
        AuthenticationResourceTest.java
  - rest-web-jersey
    - TokenStore.java
    - TokenStoreTest.java
    - src
      - main
        java
        net
        sf
        gazpachoquest
        rest
        ApplicationConfig.java
        EnviromentDiscovery.java
        auth
        ApiKeyAuthFeature.java
        AuthorizationRequestContext.java
        AuthorizationRequestFilter.java
        AuthorizationService.java
        AuthorizationServiceImpl.java
        BasicAuthHelper.java
        SecurityContextImpl.java
        feature
        Jackson2Feature.java
        resources
        AccountResource.java
        runtime
        QuestionnairResource.java
      - test
        java
        net
        sf
        gazpachoquest
        rest
        resources
        runtime
        QuestionnairResourceTest.java
- services
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        services
        BreadcrumbService.java
        DirectoryService.java
        GroupService.java
        InvitationService.java
        LabelService.java
        LabelSetService.java
        LocalizedPersistenceService.java
        MailMessageTemplateService.java
        PersistenceService.java
        PersonalInvitationService.java
        QuestionOptionService.java
        QuestionService.java
        QuestionnaireAnswersService.java
        QuestionnaireDefinitionService.java
        QuestionnaireService.java
        ResearchService.java
        ResearchUserRightsAwareService.java
        RoleService.java
        SectionService.java
        UserService.java
        core
        impl
        AbstractLocalizedPersistenceService.java
        AbstractPermissionsAwarePersistenceService.java
        AbstractPersistenceService.java
        BreadcrumbServiceImpl.java
        InvitationServiceImpl.java
        LabelServiceImpl.java
        LabelSetServiceImpl.java
        MailMessageTemplateServiceImpl.java
        PersonalInvitationServiceImpl.java
        QuestionOptionServiceImpl.java
        QuestionServiceImpl.java
        QuestionnaireAnswersServiceImpl.java
        QuestionnaireDefinitionPermissionsAwareServiceImpl.java
        QuestionnaireDefinitionServiceImpl.java
        QuestionnaireServiceImpl.java
        ResearchPermissionsAwareServiceImpl.java
        ResearchServiceImpl.java
        SectionServiceImpl.java
        permission
        QuestionnaireDefinitionPermissionService.java
        QuestionnairePermissionService.java
        ResearchPermissionService.java
        UserPermissionService.java
        impl
        PermissionSpecification.java
        QuestionnaireDefinitionPermissionServiceImpl.java
        QuestionnairePermissionServiceImpl.java
        ResearchPermissionServiceImpl.java
        UserPermissionServiceImpl.java
        user
        impl
        DirectoryServiceImpl.java
        GroupServiceImpl.java
        RoleServiceImpl.java
        UserServiceImpl.java
    - test
      - java
        net
        sf
        gazpachoquest
        services
        BreadcrumbServiceTest.java
        GroupServiceTest.java
        InvitationServiceTest.java
        LabelSetServiceTest.java
        MailMessageTemplateServiceTest.java
        QuestionServiceTest.java
        QuestionnaireAnswersServiceTest.java
        QuestionnaireDefinitionServiceTest.java
        QuestionnaireServiceTest.java
        ResearchPermissionsAwareServiceTest.java
        ResearchServiceTest.java
        SectionServiceTest.java
- services-ds
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        services
        InvitationService.java
        PersistenceService.java
        impl
        InvitationServiceImpl.java
        support
        AbstractPersistenceService.java
        MyActivator.java
- testsuite
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        test
        dbunit
        support
        ColumnDetectorXmlDataSetLoader.java
        jaxrs
        support
        JAXRSServerExecutionListener.java
        shiro
        support
        AbstractShiroTest.java
- tools
  - codelab
    - src
      - main
        java
        net
        sf
        gazpachoquest
        codelab
        AccessRight2Lab.java
        AccessRightLab.java
        CodeLabRunner.java
        HStoreLab.java
        JUELLab.java
        SpELLab.java
        massive
        MassiveUserLoadLab.java
        randomuser
        RandomUserCreator.java
        support
        LocationEntry.java
        NameEntry.java
        RandomResponse.java
        RandomUser.java
        Result.java
  - dbextractor
    - src
      - main
        java
        net
        sf
        gazpachoquest
        extractor
        dbunit
        DBUnitDataExtractor.java
        DBUnitDataExtractorRunner.java
  - dbpopulator
    - src
      - main
        java
        net
        sf
        gazpachoquest
        dbpopulator
        DBPopulator.java
        DBPopulatorRunner.java
        DBRefPopulatorRunner.java
        samples
        DemoSurveyCreator.java
        FastFoodSurveyCreator.java
        JavaPerformanceSurveyCreator.java
        SampleQuizCreator.java
        support
        ShiroLogin.java
  - ddlgenerator
    - src
      - main
        java
        net
        sf
        gazpachoquest
        ddlgenerator
        DDLGenerator.java
        DDLGeneratorRunner.java
  - exporter
    - src
      - main
        java
        net
        sf
        gazpachoquest
        exporter
        Exporter.java
        ExporterRunner.java
  - importer
    - src
      - main
        java
        net
        sf
        gazpachoquest
        importer
        Importer.java
        ImporterRunner.java
- types
  - src
    - main
      - java
        net
        sf
        gazpachoquest
        types
        EntityStatus.java
        EntityType.java
        Gender.java
        InvitationMessageStatus.java
        InvitationStatus.java
        InvitationType.java
        Language.java
        MailMessageTemplateType.java
        NavigationAction.java
        Perm.java
        QuestionType.java
        RandomizationStrategy.java
        RenderingMode.java
        ResearchAccessType.java
        RoleScope.java
        Topology.java
    - test
      - java
        net
        sf
        gazpachoquest
        types
        PermsTest.java

package net.sf.gazpachoquest.rest.filter;

import java.io.IOException;

import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.UriInfo;

import net.sf.gazpachoquest.security.shiro.HmacAuthToken;

import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class LoginShiroFilter implements ContainerRequestFilter {

    private static final Logger logger = LoggerFactory.getLogger(LoginShiroFilter.class);

    @Context
    private HttpHeaders headers;

    private UriInfo uriInfo;

    @Override
    public void filter(ContainerRequestContext requestContext) throws IOException {
        
        String method = requestContext.getMethod();
        String path = uriInfo.getPath();
        String query = uriInfo.getRequestUri().getQuery();
        logger.debug("New access to resource {}", path);
        if (path.startsWith("auth") || path.contains("api-docs")) {
            // Ignore the AuthenticationResource
            return;
        }

        Subject subject = SecurityUtils.getSubject();
       
        String dateUTC = requestContext.getHeaderString(HttpHeaders.DATE);
        String authorizationHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

        if (authorizationHeader == null) {
            throw new AccountException("Hmac-SHA1 Authorization token is required");
        }
        String[] values = authorizationHeader.split(" ");
        String apiKeyAndSignature[] = StringUtils.split(values[1], ":");

        StringBuilder signedContent = new StringBuilder().append(method).append(" /").append(path);
        if (query != null) {
            signedContent.append("?").append(query);
        }

        if (dateUTC != null) {
            signedContent.append("\n").append(dateUTC);
        }
        /*-
        if ("POST".equals(method)) {
            DelegatingInputStream input = message.getContent(DelegatingInputStream.class);
            if (input != null) {
                input.cacheInput();
                try {
                    signedContent.append("\n").append(IOUtils.toString(input));
                } catch (IOException e) {
                    throw new IllegalStateException("Errors when reading POST content", e);
                }
            }
        }*/
        String apiKey = apiKeyAndSignature[0];
        String signature = apiKeyAndSignature[1];
        AuthenticationToken token = new HmacAuthToken.Builder().apiKey(apiKey).message(signedContent.toString())
                .signature(signature).dateUTC(dateUTC).build();
        subject.login(token); //
    }

    public void setHeaders(HttpHeaders headers) {
        this.headers = headers;
    }

    @Context
    public void setUriInfo(UriInfo uriInfo) {
        this.uriInfo = uriInfo;
    }
}