/** * Add a filter instance. * * @param name the filter's name * @param filter the filter instance * @return a {@link javax.servlet.FilterRegistration.Dynamic} instance allowing for further * configuration */ public FilterRegistration.Dynamic addFilter(String name, Filter filter) { return addFilter(name, new FilterHolder(requireNonNull(filter))); }
/** * Add a filter class. * * @param name the filter's name * @param klass the filter class * @return a {@link javax.servlet.FilterRegistration.Dynamic} instance allowing for further configuration */ public FilterRegistration.Dynamic addFilter(String name, Class<? extends Filter> klass) { return addFilter(name, new FilterHolder(requireNonNull(klass))); }
/** * mkAccessLoggingFilterHandle. * @return mkAccessLoggingFilterHandle */ public static FilterHolder mkAccessLoggingFilterHandle() { return new FilterHolder(new AccessLoggingFilter()); }
/** * addRequestContextFilter. * @param context context * @param configName configName * @param conf conf */ public static void addRequestContextFilter(ServletContextHandler context, String configName, Map<String, Object> conf) { IHttpCredentialsPlugin auth = ServerAuthUtils.getHttpCredentialsPlugin(conf, (String) conf.get(configName)); ReqContextFilter filter = new ReqContextFilter(auth); context.addFilter(new FilterHolder(filter), "/*", EnumSet.allOf(DispatcherType.class)); }
/** * Add a request context filter to the Servlet Context Handler. * @param context The Servlet Context handler * @param configName Config name * @param conf Conf to be added in context filter */ public static void addRequestContextFilter(ServletContextHandler context, String configName, Map<String, Object> conf) { IHttpCredentialsPlugin auth = ServerAuthUtils.getHttpCredentialsPlugin(conf, (String)conf.get(configName)); ReqContextFilter filter = new ReqContextFilter(auth); context.addFilter(new FilterHolder(filter), "/*", EnumSet.allOf(DispatcherType.class)); }
private void addFiltersTo( ServletContextHandler context ) { for ( FilterDefinition filterDef : filters ) { context.addFilter( new FilterHolder( filterDef.getFilter() ), filterDef.getPathSpec(), EnumSet.allOf( DispatcherType.class ) ); } }
public FilterHolder makeFrameOptionFilter() { FilterHolder frameOptionFilter = new FilterHolder(XFrameOptionsFilter.class); frameOptionFilter.setInitParameter(AppConfig.FRAME_OPTIONS_FILETER, conf.get(AppConfig.FRAME_OPTIONS_FILETER)); return frameOptionFilter; }
/** * Setup cross-origin requests (CORS) filter. * @param b - builder */ private void setupCORSFilter(Builder b) { FilterHolder holder = new FilterHolder(); holder.setClassName(CrossOriginFilter.class.getName()); Map<String, String> params = new HashMap<>(); params.put(CrossOriginFilter.ALLOWED_ORIGINS, b.allowedOrigins); params.put(CrossOriginFilter.ALLOWED_METHODS, b.allowedMethods); params.put(CrossOriginFilter.ALLOWED_HEADERS, b.allowedHeaders); holder.setInitParameters(params); ServletHandler handler = webAppContext.getServletHandler(); handler.addFilterWithMapping(holder, "/*", FilterMapping.ALL); }
public static void addAllowOptionsFilter(ServletContextHandler root, boolean allowUnauthenticatedHttpOptions) { FilterHolder holder = new FilterHolder(new AllowOptionsResourceFilter(allowUnauthenticatedHttpOptions)); root.addFilter( holder, "/*", null ); }
public static void addNoopAuthorizationFilters(ServletContextHandler root, List<String> unsecuredPaths) { for (String unsecuredPath : unsecuredPaths) { root.addFilter(new FilterHolder(new UnsecuredResourceFilter()), unsecuredPath, null); } }
public static void addSecuritySanityCheckFilter( ServletContextHandler root, ObjectMapper jsonMapper ) { root.addFilter( new FilterHolder( new SecuritySanityCheckFilter(jsonMapper) ), "/*", null ); }
public static void addPreResponseAuthorizationCheckFilter( ServletContextHandler root, List<Authenticator> authenticators, ObjectMapper jsonMapper ) { root.addFilter( new FilterHolder( new PreResponseAuthorizationCheckFilter(authenticators, jsonMapper) ), "/*", null ); } }
/** * Secure the web server with kerberos (AuthenticationFilter). */ void setupSpnegoFilter(Builder b) throws IOException { Map<String, String> params = new HashMap<String, String>(); params.put("kerberos.principal", SecurityUtil.getServerPrincipal(b.spnegoPrincipal, b.host)); params.put("kerberos.keytab", b.spnegoKeytab); params.put(AuthenticationFilter.AUTH_TYPE, "kerberos"); FilterHolder holder = new FilterHolder(); holder.setClassName(AuthenticationFilter.class.getName()); holder.setInitParameters(params); ServletHandler handler = webAppContext.getServletHandler(); handler.addFilterWithMapping( holder, "/*", FilterMapping.ALL); }
static void addCSRFFilter(ServletContextHandler ctxHandler, Configuration conf) { restCSRFEnabled = conf.getBoolean(REST_CSRF_ENABLED_KEY, REST_CSRF_ENABLED_DEFAULT); if (restCSRFEnabled) { Map<String, String> restCsrfParams = RestCsrfPreventionFilter .getFilterParams(conf, "hbase.rest-csrf."); FilterHolder holder = new FilterHolder(); holder.setName("csrf"); holder.setClassName(RestCsrfPreventionFilter.class.getName()); holder.setInitParameters(restCsrfParams); ctxHandler.addFilter(holder, PATH_SPEC_ANY, EnumSet.allOf(DispatcherType.class)); } }
@Override public void deployConfig(WebApplicationContext wac, Filter... filters) { ServletHolder servletHolder = new ServletHolder(new DispatcherServlet(wac)); this.contextHandler = new ServletContextHandler(); this.contextHandler.addServlet(servletHolder, "/"); for (Filter filter : filters) { this.contextHandler.addFilter(new FilterHolder(filter), "/*", getDispatcherTypes()); } this.jettyServer.setHandler(this.contextHandler); }
public FilterHolder makeXSRFFilter() { String customHeader = null; // The header to look for. We use "X-XSRF-HEADER" if this is null. String methodsToIgnore = null; // Methods to not filter. By default: "GET,OPTIONS,HEAD,TRACE" if null. FilterHolder fHolder = new FilterHolder(Utils.getXSRFFilter()); if (customHeader != null){ fHolder.setInitParameter(Utils.XSRF_CUSTOM_HEADER_PARAM, customHeader); } if (methodsToIgnore != null){ fHolder.setInitParameter(Utils.XSRF_CUSTOM_METHODS_TO_IGNORE_PARAM, methodsToIgnore); } FilterHolder xsrfFilter = fHolder; return xsrfFilter; }
private static FilterHolder getFilterHolder(String name, String classname, Map<String, String> parameters) { FilterHolder holder = new FilterHolder(); holder.setName(name); holder.setClassName(classname); if (parameters != null) { holder.setInitParameters(parameters); } return holder; }
public static void addExtensionFilters(ServletContextHandler handler, Injector injector) { Set<ServletFilterHolder> extensionFilters = injector.getInstance(Key.get(new TypeLiteral<Set<ServletFilterHolder>>(){})); for (ServletFilterHolder servletFilterHolder : extensionFilters) { // Check the Filter first to guard against people who don't read the docs and return the Class even // when they have an instance. FilterHolder holder; if (servletFilterHolder.getFilter() != null) { holder = new FilterHolder(servletFilterHolder.getFilter()); } else if (servletFilterHolder.getFilterClass() != null) { holder = new FilterHolder(servletFilterHolder.getFilterClass()); } else { throw new ISE("Filter[%s] for path[%s] didn't have a Filter!?", servletFilterHolder, servletFilterHolder.getPath()); } if (servletFilterHolder.getInitParameters() != null) { holder.setInitParameters(servletFilterHolder.getInitParameters()); } handler.addFilter(holder, servletFilterHolder.getPath(), servletFilterHolder.getDispatcherType()); } }
/** * corsFilterHandle. * @return corsFilterHandle */ public static FilterHolder corsFilterHandle() { FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter()); filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*"); filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "GET, POST, PUT"); filterHolder.setInitParameter( CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "X-Requested-With, X-Requested-By, Access-Control-Allow-Origin," + " Content-Type, Content-Length, Accept, Origin"); filterHolder.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "*"); return filterHolder; }
public static void addAuthenticationFilterChain( ServletContextHandler root, List<Authenticator> authenticators ) { for (Authenticator authenticator : authenticators) { FilterHolder holder = new FilterHolder( new AuthenticationWrappingFilter(authenticator.getFilter()) ); if (authenticator.getInitParameters() != null) { holder.setInitParameters(authenticator.getInitParameters()); } root.addFilter( holder, "/*", null ); } }