1 21 22 package com.jaspersoft.jasperserver.api.metadata.user.service.impl; 23 24 import java.io.IOException ; 25 26 import javax.servlet.Filter ; 27 import javax.servlet.FilterChain ; 28 import javax.servlet.FilterConfig ; 29 import javax.servlet.ServletException ; 30 import javax.servlet.ServletRequest ; 31 import javax.servlet.ServletResponse ; 32 33 import org.acegisecurity.Authentication; 34 import org.acegisecurity.context.SecurityContextHolder; 35 import org.acegisecurity.userdetails.UserDetails; 36 import org.apache.commons.logging.Log; 37 import org.apache.commons.logging.LogFactory; 38 import org.springframework.beans.factory.InitializingBean; 39 import org.springframework.util.Assert; 40 41 import com.jaspersoft.jasperserver.api.metadata.user.domain.impl.client.MetadataUserDetails; 42 43 58 public class MetadataAuthenticationProcessingFilter implements Filter , InitializingBean { 59 60 private static Log log = LogFactory.getLog(MetadataAuthenticationProcessingFilter.class); 61 62 protected ExternalUserService externalUserService; 63 64 public void afterPropertiesSet() throws Exception { 65 Assert.notNull(externalUserService); 66 } 67 68 75 public void init(FilterConfig ignored) throws ServletException {} 76 77 80 public void destroy() {} 81 82 public void doFilter(ServletRequest request, ServletResponse response, 83 FilterChain chain) throws IOException , ServletException { 84 85 Authentication auth = SecurityContextHolder.getContext().getAuthentication(); 86 87 if (log.isDebugEnabled()) { 88 if (auth == null) { 89 log.debug("No authentication token"); 90 } else { 91 log.debug("Authentication token: '" + auth + "'"); 92 } 93 } 94 97 if (auth != null && auth.getPrincipal() != null && 98 auth.getPrincipal() instanceof UserDetails && 99 !(auth.getPrincipal() instanceof MetadataUserDetails)) { 100 101 UserDetails userDetails = (UserDetails) auth.getPrincipal(); 102 103 getExternalUserService().maintainInternalUser(userDetails); 104 105 getExternalUserService().makeUserLoggedIn(userDetails.getUsername()); 106 107 if (log.isDebugEnabled()) { 108 log.debug( 109 "Populated SecurityContextHolder with JI metadata token: '" 110 + SecurityContextHolder.getContext().getAuthentication() 111 + "'"); 112 } 113 114 Authentication newAuth = SecurityContextHolder.getContext().getAuthentication(); 115 116 if (newAuth.getPrincipal() instanceof MetadataUserDetails) { 117 MetadataUserDetails newPrincipal = (MetadataUserDetails) newAuth.getPrincipal(); 118 119 newPrincipal.setOriginalUserDetails(userDetails); 122 } 123 } else { 124 if (log.isDebugEnabled()) { 125 log.debug( 126 "SecurityContextHolder was changed to a different JI internal metadata token: " + 127 ((auth == null) ? "authentication was null" : 128 ((auth.getPrincipal() == null) ? "authentication principal was null" : 129 "authentication principal was: '" + auth.getPrincipal()) + "'") 130 ); 131 } 132 } 133 134 chain.doFilter(request, response); 135 136 if (log.isDebugEnabled()) { 137 log.debug( 138 "After chain, JI metadata token is: '" 139 + SecurityContextHolder.getContext().getAuthentication() 140 + "'"); 141 } 142 } 143 144 145 public ExternalUserService getExternalUserService() { 146 return externalUserService; 147 } 148 149 public void setExternalUserService(ExternalUserService externalUserService) { 150 this.externalUserService = externalUserService; 151 } 152 153 } 154 | Popular Tags |