diff options
Diffstat (limited to 'odl-aaa-moon/aaa-authn-federation/src/main/java/org/opendaylight/aaa/federation/SssdFilter.java')
-rw-r--r-- | odl-aaa-moon/aaa-authn-federation/src/main/java/org/opendaylight/aaa/federation/SssdFilter.java | 151 |
1 files changed, 0 insertions, 151 deletions
diff --git a/odl-aaa-moon/aaa-authn-federation/src/main/java/org/opendaylight/aaa/federation/SssdFilter.java b/odl-aaa-moon/aaa-authn-federation/src/main/java/org/opendaylight/aaa/federation/SssdFilter.java deleted file mode 100644 index 9223c6dd..00000000 --- a/odl-aaa-moon/aaa-authn-federation/src/main/java/org/opendaylight/aaa/federation/SssdFilter.java +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Copyright (c) 2014, 2015 Red Hat, Inc. and others. All rights reserved. - * - * This program and the accompanying materials are made available under the - * terms of the Eclipse Public License v1.0 which accompanies this distribution, - * and is available at http://www.eclipse.org/legal/epl-v10.html - */ - -package org.opendaylight.aaa.federation; - -import java.io.IOException; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletRequestWrapper; - -class SssdHeadersRequest extends HttpServletRequestWrapper { - private static final String headerPrefix = "X-SSSD-"; - - public SssdHeadersRequest(HttpServletRequest request) { - super(request); - } - - public Object getAttribute(String name) { - HttpServletRequest request = (HttpServletRequest) getRequest(); - String headerValue; - - headerValue = request.getHeader(headerPrefix + name); - if (headerValue != null) { - return headerValue; - } else { - return request.getAttribute(name); - } - } - - @Override - public String getRemoteUser() { - HttpServletRequest request = (HttpServletRequest) getRequest(); - String headerValue; - - headerValue = request.getHeader(headerPrefix + "REMOTE_USER"); - if (headerValue != null) { - return headerValue; - } else { - return request.getRemoteUser(); - } - } - - @Override - public String getAuthType() { - HttpServletRequest request = (HttpServletRequest) getRequest(); - String headerValue; - - headerValue = request.getHeader(headerPrefix + "AUTH_TYPE"); - if (headerValue != null) { - return headerValue; - } else { - return request.getAuthType(); - } - } - - @Override - public String getRemoteAddr() { - HttpServletRequest request = (HttpServletRequest) getRequest(); - String headerValue; - - headerValue = request.getHeader(headerPrefix + "REMOTE_ADDR"); - if (headerValue != null) { - return headerValue; - } else { - return request.getRemoteAddr(); - } - } - - @Override - public String getRemoteHost() { - HttpServletRequest request = (HttpServletRequest) getRequest(); - String headerValue; - - headerValue = request.getHeader(headerPrefix + "REMOTE_HOST"); - if (headerValue != null) { - return headerValue; - } else { - return request.getRemoteHost(); - } - } - - @Override - public int getRemotePort() { - HttpServletRequest request = (HttpServletRequest) getRequest(); - String headerValue; - - headerValue = request.getHeader(headerPrefix + "REMOTE_PORT"); - if (headerValue != null) { - return Integer.parseInt(headerValue); - } else { - return request.getRemotePort(); - } - } - -} - -/** - * Populate HttpRequestServlet API data from HTTP extension headers. - * - * When SSSD is used for authentication and identity lookup those actions occur - * in an Apache HTTP server which is fronting the servlet container. After - * successful authentication Apache will proxy the request to the container - * along with additional authentication and identity metadata. - * - * The preferred way to transport the metadata and have it appear seamlessly in - * the servlet API is via the AJP protocol. However AJP may not be available or - * desirable. An alternative method is to transport the metadata in extension - * HTTP headers. However we still want the standard servlet request API methods - * to work. Another way to say this is we do not want upper layers to be aware - * of the transport mechanism. To achieve this we wrap the HttpServletRequest - * class and override specific methods which need to extract the data from the - * extension HTTP headers. (This is roughly equivalent to what happens when AJP - * is implemented natively in the container). - * - * The extension HTTP headers are identified by the prefix "X-SSSD-". The - * overridden methods check for the existence of the appropriate extension - * header and if present returns the value found in the extension header, - * otherwise it returns the value from the method it's wrapping. - * - */ -public class SssdFilter implements Filter { - @Override - public void init(FilterConfig fc) throws ServletException { - } - - @Override - public void destroy() { - } - - @Override - public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, - FilterChain filterChain) throws IOException, ServletException { - if (servletRequest instanceof HttpServletRequest) { - HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest; - SssdHeadersRequest request = new SssdHeadersRequest(httpServletRequest); - filterChain.doFilter(request, servletResponse); - } else { - filterChain.doFilter(servletRequest, servletResponse); - } - } -} |