/** looks up a named filter */ public Filter lookupFilter(String filterName) throws IOException { Filter filter = securityManager.loadFilter(filterName); if (filter == null) { try { Object obj = GeoServerExtensions.bean(filterName, appContext); if (obj != null && obj instanceof Filter) { filter = (Filter) obj; } } catch (NoSuchBeanDefinitionException ex) { // do nothing } } return filter; }
GeoServerSecurityFilter filter = loadFilter(filterName);
public SortedSet<String> listFilterCandidates(GeoServerSecurityManager m) throws IOException { SortedSet<String> result = new TreeSet<String>(); for (String filterName : m.listFilters(GeoServerAuthenticationFilter.class)) { GeoServerAuthenticationFilter filter = (GeoServerAuthenticationFilter) m.loadFilter(filterName); if (filter.applicableForHtml()) result.add(filterName); } return result; } }
expect(authFilter.applicableForServices()).andReturn(true).anyTimes(); expect(authFilter.applicableForHtml()).andReturn(true).anyTimes(); expect(secMgr.loadFilter(GeoServerSecurityFilterChain.ANONYMOUS_FILTER)) .andReturn(authFilter) .anyTimes(); expect(secMgr.loadFilter(GeoServerSecurityFilterChain.ROLE_FILTER)) .andReturn(roleFilter) .anyTimes(); createNiceMock(GeoServerUserNamePasswordAuthenticationFilter.class); expect(formFilter.applicableForHtml()).andReturn(true).anyTimes(); expect(secMgr.loadFilter(GeoServerSecurityFilterChain.FORM_LOGIN_FILTER)) .andReturn(formFilter) .anyTimes(); createNiceMock(GeoServerBasicAuthenticationFilter.class); expect(basicFilter.applicableForServices()).andReturn(true).anyTimes(); expect(secMgr.loadFilter(GeoServerSecurityFilterChain.BASIC_AUTH_FILTER)) .andReturn(basicFilter) .anyTimes();
public SortedSet<String> listFilterCandidates(GeoServerSecurityManager m) throws IOException { SortedSet<String> result = new TreeSet<String>(); for (String filterName : m.listFilters(GeoServerAuthenticationFilter.class)) { GeoServerAuthenticationFilter filter = (GeoServerAuthenticationFilter) m.loadFilter(filterName); if (filter.applicableForServices()) result.add(filterName); } return result; } }
/** * Convenience method for {@link GeoServerLogoutFilter#doLogout(HttpServletRequest, * HttpServletResponse, String...)} * * @param manager * @param request * @param response * @param skipHandlerName * @throws IOException * @throws ServletException */ public void doLogout( GeoServerSecurityManager manager, HttpServletRequest request, HttpServletResponse response, String... skipHandlerName) throws IOException, ServletException { GeoServerLogoutFilter filter = (GeoServerLogoutFilter) manager.loadFilter(GeoServerSecurityFilterChain.FORM_LOGOUT_FILTER); if (filter == null) { LOGGER.warning( "Cannot find filter: " + GeoServerSecurityFilterChain.FORM_LOGOUT_FILTER); return; } filter.doLogout(request, response, skipHandlerName); } }
result.add((LogoutHandler) getSecurityManager().loadFilter(handlerName));
getSecurityManager().loadFilter(authConfig.getAuthenticationFilterName()); ep.setEntryEntryPoint(authFilter.getAuthenticationEntryPoint());
GeoServerSecurityFilter filter = loadFilter(filterName); if (filter == null) { BasicAuthenticationFilterConfig bfConfig = new BasicAuthenticationFilterConfig(); filter = loadFilter(filterName); if (filter == null) { UsernamePasswordAuthenticationFilterConfig upConfig = filter = loadFilter(filterName); if (filter == null) { SecurityContextPersistenceFilterConfig pConfig = filter = loadFilter(filterName); if (filter == null) { SecurityContextPersistenceFilterConfig pConfig = filter = loadFilter(filterName); if (filter == null) { AnonymousAuthenticationFilterConfig aConfig = new AnonymousAuthenticationFilterConfig(); filter = loadFilter(filterName); if (filter == null) { RememberMeAuthenticationFilterConfig rConfig = filter = loadFilter(filterName); if (filter == null) { SecurityInterceptorFilterConfig siConfig = new SecurityInterceptorFilterConfig(); filter = loadFilter(filterName);
@Override public void doLoad(T config) throws Exception { getSecurityManager().loadFilter(config.getName()); } }
@Override public void doLoad(GeoServerKeycloakFilterConfig config) throws Exception { LOG.log(Level.FINER, "KeycloakAuthFilterPanel.doLoad ENTRY"); getSecurityManager().loadFilter(config.getName()); }
@Override public void doLoad(T config) throws Exception { getSecurityManager().loadFilter(config.getName()); } }
@Override public void doLoad(T config) throws Exception { getSecurityManager().loadFilter(config.getName()); } }
/** * Enable the Spring Security authentication filters, we want the test to be complete and * realistic */ @Override protected List<javax.servlet.Filter> getFilters() { SecurityManagerConfig mconfig = getSecurityManager().getSecurityConfig(); GeoServerSecurityFilterChain filterChain = mconfig.getFilterChain(); VariableFilterChain chain = (VariableFilterChain) filterChain.getRequestChainByName("default"); List<Filter> result = new ArrayList<Filter>(); for (String filterName : chain.getCompiledFilterNames()) { try { result.add(getSecurityManager().loadFilter(filterName)); } catch (IOException e) { throw new RuntimeException(e); } } return result; }
@Test public void testMapperParameters() throws Exception { String authKeyUrlParam = "myAuthKeyParams"; String filterName = "testAuthKeyParams1"; AuthenticationKeyFilterConfig config = new AuthenticationKeyFilterConfig(); config.setClassName(GeoServerAuthenticationKeyFilter.class.getName()); config.setName(filterName); config.setUserGroupServiceName("ug1"); config.setAuthKeyParamName(authKeyUrlParam); config.setAuthKeyMapperName("fakeMapper"); Map<String, String> mapperParams = new HashMap<String, String>(); mapperParams.put("param1", "value1"); mapperParams.put("param2", "value2"); config.setMapperParameters(mapperParams); getSecurityManager().saveFilter(config); GeoServerAuthenticationKeyFilter filter = (GeoServerAuthenticationKeyFilter) getSecurityManager().loadFilter(filterName); assertTrue(filter.getMapper() instanceof FakeMapper); FakeMapper fakeMapper = (FakeMapper) filter.getMapper(); assertEquals("value1", fakeMapper.getMapperParameter("param1")); assertEquals("value2", fakeMapper.getMapperParameter("param2")); }
(GeoServerAuthenticationKeyFilter) getSecurityManager().loadFilter(filterName); PropertyAuthenticationKeyMapper mapper = (PropertyAuthenticationKeyMapper) authKeyFilter.getMapper();
@Test public void testFilterChainWithEnabled() throws Exception { GeoServerSecurityManager secMgr = getSecurityManager(); RoleFilterConfig config = new RoleFilterConfig(); config.setName("roleConverter"); config.setClassName(GeoServerRoleFilter.class.getName()); config.setRoleConverterName("roleConverter"); config.setHttpResponseHeaderAttrForIncludedRoles("ROLES"); secMgr.saveFilter(config); MockHttpServletRequest request = createRequest("/foo"); MockHttpServletResponse response = new MockHttpServletResponse(); Servlet servlet = EasyMock.createNiceMock(Servlet.class); MockFilterChain chain = new MockFilterChain(servlet, getSecurityManager().loadFilter("roleConverter")); GeoServerSecurityFilterChainProxy filterChainProxy = GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class); filterChainProxy.doFilter(request, response, chain); assertEquals(GeoServerRole.ANONYMOUS_ROLE.getAuthority(), response.getHeader("ROLES")); }
(GeoServerAuthenticationKeyFilter) getSecurityManager().loadFilter(filterName);
(GeoServerLogoutFilter) getSecurityManager().loadFilter(GeoServerSecurityFilterChain.FORM_LOGOUT_FILTER); logoutFilter.doFilter(request, response, chain); assertEquals(HttpServletResponse.SC_OK, response.getErrorCode()); request.setupAddParameter("logoutRequest", getBodyForLogoutRequest(ticket)); GeoServerCasAuthenticationFilter casFilter = (GeoServerCasAuthenticationFilter) getSecurityManager().loadFilter(casFilterName);
(GeoServerAuthenticationKeyFilter) getSecurityManager().loadFilter(filterName);