SecurityContextExporterFilter.java

/*
 * JOSSO: Java Open Single Sign-On
 *
 * Copyright 2004-2009, Atricore, Inc.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 *
 */

package org.josso.agent.http;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.*;

/**
 * JOSSO Servlet Filter for exposing the security context as propagated by the agent.
 *
 * @author <a href="mailto:gbrigand@josso.org">Gianluca Brigandi</a>
 */
public class SecurityContextExporterFilter implements Filter {

    public static final String SECURITY_CONTEXT_BINDING = "org.josso.agent.http.securitycontext.binding";
    public static final String SECURITY_CONTEXT_CONTENT = "org.josso.agent.http.securitycontext.content";

    public static final String HTTP_HEADERS_BINDING = "HTTP_HEADERS_BINDING";

    public static final String HTTP_REQ_ATTRS_BINDING = "HTTP_REQ_ATTRS_BINDING";

    public void init(FilterConfig filterConfig) throws ServletException {

    }

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
        MutableHttpServletRequestImpl hreq =
                new MutableHttpServletRequestImpl((HttpServletRequest) request);

        String binding = (String) hreq.getAttribute(SECURITY_CONTEXT_BINDING);
        HashMap content = (HashMap) hreq.getAttribute(SECURITY_CONTEXT_CONTENT);

        if (content != null) {
            if (binding.equals(HTTP_HEADERS_BINDING)) {
                Set headerKeys = content.keySet();
                for (Iterator iterator = headerKeys.iterator(); iterator.hasNext();) {
                    String name = (String) iterator.next();

                    List values = (List) content.get(name);

                    for (Iterator iterator1 = values.iterator(); iterator1.hasNext();) {
                        Object value = (String) iterator1.next();
                        hreq.addHeader(name, (String) value);

                    }
                }

            } else if (binding.equals(HTTP_REQ_ATTRS_BINDING)) {

                Set attrKeys = content.keySet();
                for (Iterator iterator = attrKeys.iterator(); iterator.hasNext();) {
                    String attrKey = (String) iterator.next();
                    String attrValue = (String) content.get(attrKey);

                    hreq.setAttribute(attrKey, attrValue);

                }

            }
        }

        filterChain.doFilter(hreq, response);
    }

    public void destroy() {
        //To change body of implemented methods use File | Settings | File Templates.
    }


}