@Provider public class AuthenticationDynamicFeature implements DynamicFeature { @Override public void configure(ResourceInfo resourceInfo, FeatureContext configuration) { if (resourceInfo.getResourceMethod().isAnnotationPresent(Authenticated.class)) { configuration.register(new AuthenticationFilter()); return; } if (resourceInfo.getResourceClass().isAnnotationPresent(Authenticated.class)) { configuration.register(new AuthenticationFilter()); } } }
public AuthenticationFilter casAuthenticationFilter() { AuthenticationFilter authenticationFilter = new AuthenticationFilter(); authenticationFilter.setCasServerLoginUrl(casServerLoginUrl); authenticationFilter.setServerName(serverUrl); authenticationFilter.setEncodeServiceUrl(true); return authenticationFilter; }
protected void initInternal(final FilterConfig filterConfig) throws ServletException { if (!isIgnoreInitConfiguration()) { super.initInternal(filterConfig); String loginUrl = getString(ConfigurationKeys.CAS_SERVER_LOGIN_URL); if (loginUrl != null) { setCasServerLoginUrl(loginUrl); } else { setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX)); setRenew(getBoolean(ConfigurationKeys.RENEW)); setGateway(getBoolean(ConfigurationKeys.GATEWAY)); final String ignorePattern = getString(ConfigurationKeys.IGNORE_PATTERN); final String ignoreUrlPatternType = getString(ConfigurationKeys.IGNORE_URL_PATTERN_TYPE); final Class<? extends GatewayResolver> gatewayStorageClass = getClass(ConfigurationKeys.GATEWAY_STORAGE_CLASS); setGatewayStorage(ReflectUtils.newInstance(gatewayStorageClass)); final Class<? extends AuthenticationRedirectStrategy> authenticationRedirectStrategyClass = getClass(ConfigurationKeys.AUTHENTICATION_REDIRECT_STRATEGY_CLASS);
protected void initInternal(final FilterConfig filterConfig) throws ServletException { if (!isIgnoreInitConfiguration()) { super.initInternal(filterConfig); setCasServerLoginUrl(getPropertyFromInitParams(filterConfig, "casServerLoginUrl", null)); log.trace("Loaded CasServerLoginUrl parameter: " + this.casServerLoginUrl); setRenew(parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false"))); log.trace("Loaded renew parameter: " + this.renew); setGateway(parseBoolean(getPropertyFromInitParams(filterConfig, "gateway", "false"))); log.trace("Loaded gateway parameter: " + this.gateway); final String gatewayStorageClass = getPropertyFromInitParams(filterConfig, "gatewayStorageClass", null); if (gatewayStorageClass != null) { try { this.gatewayStorage = (GatewayResolver) Class.forName(gatewayStorageClass).newInstance(); } catch (final Exception e) { log.error(e,e); throw new ServletException(e); } } } }
@Test public void testIgnorePatternsWithExactMatching() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); final URL url = new URL(CAS_SERVICE_URL + "?param=valueToIgnore"); context.addInitParameter("ignorePattern", url.toExternalForm()); context.addInitParameter("ignoreUrlPatternType", "EXACT"); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); request.setScheme(url.getProtocol()); request.setServerName(url.getHost()); request.setServerPort(url.getPort()); request.setQueryString(url.getQuery()); request.setRequestURI(url.getPath()); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); }
private void replaceFilterWithPrefixConfiguredFilter() throws ServletException { this.filter = new AuthenticationFilter(); final MockFilterConfig config = new MockFilterConfig(); config.addInitParameter("casServerUrlPrefix", CAS_PREFIX); config.addInitParameter("service", CAS_SERVICE_URL); this.filter.init(config); }
@Test public void testGateway() throws Exception { final MockHttpSession session = new MockHttpSession(); final MockHttpServletRequest request = new MockHttpServletRequest(); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { // nothing to do } }; request.setSession(session); this.filter.setRenew(true); this.filter.setGateway(true); this.filter.doFilter(request, response, filterChain); assertNotNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY)); assertNotNull(response.getRedirectedUrl()); final MockHttpServletResponse response2 = new MockHttpServletResponse(); this.filter.doFilter(request, response2, filterChain); assertNotNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY)); assertNull(response2.getRedirectedUrl()); final MockHttpServletResponse response3 = new MockHttpServletResponse(); this.filter.doFilter(request, response3, filterChain); assertNotNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY)); assertNull(response3.getRedirectedUrl()); }
final HttpServletResponse response = (HttpServletResponse) servletResponse; if (isRequestUrlExcluded(request)) { logger.debug("Request is ignored."); filterChain.doFilter(request, response); final String serviceUrl = constructServiceUrl(request, response); final String ticket = retrieveTicketFromRequest(request); final boolean wasGatewayed = this.gateway && this.gatewayStorage.hasGatewayedAlready(request, serviceUrl); getProtocol().getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
final String serviceUrl = constructServiceUrl(request, response); final String ticket = CommonUtils.safeGetParameter(request,getArtifactParameterName()); final boolean wasGatewayed = this.gatewayStorage.hasGatewayedAlready(request, serviceUrl); final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
@Test public void testRenew() throws Exception { final MockHttpSession session = new MockHttpSession(); final MockHttpServletRequest request = new MockHttpServletRequest(); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { // nothing to do } }; this.filter.setRenew(true); request.setSession(session); this.filter.doFilter(request, response, filterChain); assertNotNull(response.getRedirectedUrl()); assertTrue(response.getRedirectedUrl().indexOf("renew=true") != -1); }
public final void setCasServerUrlPrefix(final String casServerUrlPrefix) { setCasServerLoginUrl(CommonUtils.addTrailingSlash(casServerUrlPrefix) + "login"); }
@Test public void testIgnorePatternsWithInvalidClassname() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("ignorePattern", "=valueToIgnore"); context.addInitParameter("ignoreUrlPatternType", "unknown.class.name"); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; request.setRequestURI(URL); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); System.out.println(response.getRedirectedUrl()); } }
@Before public void setUp() throws Exception { this.filter = new AuthenticationFilter(); final MockFilterConfig config = new MockFilterConfig(); config.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); config.addInitParameter("service", CAS_SERVICE_URL); this.filter.init(config); }
/** * AuthenticationFilter 授权过滤器 * * @return */ @Bean public FilterRegistrationBean filterAuthenticationRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); Map<String, String> initParameters = new HashMap(); registration.setFilter(new AuthenticationFilter()); registration.addUrlPatterns("*.html"); initParameters.put("casServerLoginUrl", CasConfig.APP_LOGIN_PAGE); initParameters.put("serverName", CasConfig.SERVER_NAME); // 不拦截的请求 initParameters.put("ignorePattern", "^.*[.](js|css|gif|png|zip)$"); // 表示过滤所有 initParameters.put("ignoreUrlPatternType", "com.tingfeng.cas.auth.SimpleUrlPatternMatcherStrategy"); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }
@Test public void testIgnorePatternsWithExactClassname() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("ignorePattern", "=valueToIgnore"); context.addInitParameter("ignoreUrlPatternType", ContainsPatternUrlPatternMatcherStrategy.class.getName()); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; request.setRequestURI(URL); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); }
@Test public void testAllowsRenewContextParam() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("service", CAS_SERVICE_URL); context.addInitParameter("renew", "true"); f.init(new MockFilterConfig(context)); final Field renewField = AuthenticationFilter.class.getDeclaredField("renew"); renewField.setAccessible(true); assertTrue((Boolean) renewField.get(f)); }
/** * AuthenticationFilter 授权过滤器 * * @return */ @Bean public FilterRegistrationBean filterAuthenticationRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); Map<String, String> initParameters = new HashMap(); registration.setFilter(new AuthenticationFilter()); registration.addUrlPatterns("/*"); initParameters.put("casServerLoginUrl", CasConfig.CAS_SERVER_LOGIN_PATH); initParameters.put("serverName", CasConfig.SERVER_NAME); // 不拦截的请求 .* 有后缀的文件 initParameters.put("ignorePattern", ".*"); // 表示过滤所有 initParameters.put("ignoreUrlPatternType", "com.tingfeng.cas.auth.SimpleUrlPatternMatcherStrategy"); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }
@Test public void testIgnorePatterns() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockServletContext context = new MockServletContext(); context.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); context.addInitParameter("ignorePattern", "=valueTo(\\w+)"); context.addInitParameter("service", CAS_SERVICE_URL); f.init(new MockFilterConfig(context)); final MockHttpServletRequest request = new MockHttpServletRequest(); final String URL = CAS_SERVICE_URL + "?param=valueToIgnore"; request.setRequestURI(URL); final MockHttpSession session = new MockHttpSession(); request.setSession(session); final MockHttpServletResponse response = new MockHttpServletResponse(); final FilterChain filterChain = new FilterChain() { public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { } }; f.doFilter(request, response, filterChain); assertNull(response.getRedirectedUrl()); }
@Test public void testRenewInitParamThrows() throws Exception { final AuthenticationFilter f = new AuthenticationFilter(); final MockFilterConfig config = new MockFilterConfig(); config.addInitParameter("casServerLoginUrl", CAS_LOGIN_URL); config.addInitParameter("service", CAS_SERVICE_URL); config.addInitParameter("renew", "true"); try { f.init(config); fail("Should have thrown IllegalArgumentException."); } catch (final IllegalArgumentException e) { assertTrue(e.getMessage().contains("Renew MUST")); } }
/** * AuthenticationFilter 授权过滤器 * * @return */ @Bean public FilterRegistrationBean filterAuthenticationRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); Map<String, String> initParameters = new HashMap(); registration.setFilter(new AuthenticationFilter()); registration.addUrlPatterns("/*"); initParameters.put("casServerLoginUrl", CasConfig.CAS_SERVER_LOGIN_PATH); initParameters.put("serverName", CasConfig.SERVER_NAME); // 不拦截的请求 .* 有后缀的文件 initParameters.put("ignorePattern", ".*"); // 表示过滤所有 initParameters.put("ignoreUrlPatternType", "com.tingfeng.cas.auth.SimpleUrlPatternMatcherStrategy"); registration.setInitParameters(initParameters); // 设定加载的顺序 registration.setOrder(1); return registration; }