static void allowAnonymous(FilterHolder authFilter) { /*note that will throw if Anonymous mode is not allowed & user.name is not in query string of the request; * this ensures that in the context of WebHCat, PseudoAuthenticationHandler allows Anonymous even though * WebHCat itself will throw if it can't figure out user.name*/ authFilter.setInitParameter("dfs.web.authentication." + PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true"); } static String getUserName(HttpServletRequest request) {
/** * corsFilterHandle. * @return corsFilterHandle */ public static FilterHolder corsFilterHandle() { FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter()); filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*"); filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "GET, POST, PUT"); filterHolder.setInitParameter( CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "X-Requested-With, X-Requested-By, Access-Control-Allow-Origin," + " Content-Type, Content-Length, Accept, Origin"); filterHolder.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "*"); return filterHolder; }
public FilterHolder makeXSRFFilter() { String customHeader = null; // The header to look for. We use "X-XSRF-HEADER" if this is null. String methodsToIgnore = null; // Methods to not filter. By default: "GET,OPTIONS,HEAD,TRACE" if null. FilterHolder fHolder = new FilterHolder(Utils.getXSRFFilter()); if (customHeader != null){ fHolder.setInitParameter(Utils.XSRF_CUSTOM_HEADER_PARAM, customHeader); } if (methodsToIgnore != null){ fHolder.setInitParameter(Utils.XSRF_CUSTOM_METHODS_TO_IGNORE_PARAM, methodsToIgnore); } FilterHolder xsrfFilter = fHolder; return xsrfFilter; }
public FilterHolder makeFrameOptionFilter() { FilterHolder frameOptionFilter = new FilterHolder(XFrameOptionsFilter.class); frameOptionFilter.setInitParameter(AppConfig.FRAME_OPTIONS_FILETER, conf.get(AppConfig.FRAME_OPTIONS_FILETER)); return frameOptionFilter; }
public FilterHolder makeAuthFilter() throws IOException { FilterHolder authFilter = new FilterHolder(AuthFilter.class); UserNameHandler.allowAnonymous(authFilter); if (UserGroupInformation.isSecurityEnabled()) { //http://hadoop.apache.org/docs/r1.1.1/api/org/apache/hadoop/security/authentication/server/AuthenticationFilter.html authFilter.setInitParameter("dfs.web.authentication.signature.secret", conf.kerberosSecret()); //https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1.2/src/packages/templates/conf/hdfs-site.xml String serverPrincipal = SecurityUtil.getServerPrincipal(conf.kerberosPrincipal(), "0.0.0.0"); authFilter.setInitParameter("dfs.web.authentication.kerberos.principal", serverPrincipal); //http://https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1.2/src/packages/templates/conf/hdfs-site.xml authFilter.setInitParameter("dfs.web.authentication.kerberos.keytab", conf.kerberosKeytab()); } return authFilter; }
protected Handler createAdminServlet(Server server, MutableServletContextHandler handler, MetricRegistry metrics, HealthCheckRegistry healthChecks) { configureSessionsAndSecurity(handler, server); handler.setServer(server); handler.getServletContext().setAttribute(MetricsServlet.METRICS_REGISTRY, metrics); handler.getServletContext().setAttribute(HealthCheckServlet.HEALTH_CHECK_REGISTRY, healthChecks); handler.addServlet(new NonblockingServletHolder(new AdminServlet()), "/*"); final String allowedMethodsParam = allowedMethods.stream() .collect(Collectors.joining(",")); handler.addFilter(AllowedMethodsFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST)) .setInitParameter(AllowedMethodsFilter.ALLOWED_METHODS_PARAM, allowedMethodsParam); return handler; }
final net.bull.javamelody.Parameter parameter = entry.getKey(); final String value = entry.getValue(); filterHolder.setInitParameter(parameter.getCode(), value);
protected Handler createAppServlet(Server server, JerseyEnvironment jersey, ObjectMapper objectMapper, Validator validator, MutableServletContextHandler handler, @Nullable Servlet jerseyContainer, MetricRegistry metricRegistry) { configureSessionsAndSecurity(handler, server); final String allowedMethodsParam = allowedMethods.stream() .collect(Collectors.joining(",")); handler.addFilter(AllowedMethodsFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST)) .setInitParameter(AllowedMethodsFilter.ALLOWED_METHODS_PARAM, allowedMethodsParam); if (enableThreadNameFilter) { handler.addFilter(ThreadNameFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST)); } serverPush.addFilter(handler); if (jerseyContainer != null) { jerseyRootPath.ifPresent(jersey::setUrlPattern); jersey.register(new JacksonFeature(objectMapper)); jersey.register(new HibernateValidationBinder(validator)); if (registerDefaultExceptionMappers == null || registerDefaultExceptionMappers) { jersey.register(new ExceptionMapperBinder(detailedJsonProcessingExceptionMapper)); } handler.addServlet(new NonblockingServletHolder(jerseyContainer), jersey.getUrlPattern()); } final InstrumentedHandler instrumented = new InstrumentedHandler(metricRegistry); instrumented.setServer(server); instrumented.setHandler(handler); return instrumented; }
final net.bull.javamelody.Parameter parameter = entry.getKey(); final String value = entry.getValue(); filterHolder.setInitParameter(parameter.getCode(), value);
holder.setInitParameter(pname, pvalue); context.getMetaData().setOrigin(name+".filter.init-param."+pname, descriptor); break; holder.setInitParameter(pname, pvalue); context.getMetaData().setOrigin(name+".filter.init-param."+pname, descriptor);
protected Handler createAdminServlet(Server server, MutableServletContextHandler handler, MetricRegistry metrics, HealthCheckRegistry healthChecks) { configureSessionsAndSecurity(handler, server); handler.setServer(server); handler.getServletContext().setAttribute(MetricsServlet.METRICS_REGISTRY, metrics); handler.getServletContext().setAttribute(HealthCheckServlet.HEALTH_CHECK_REGISTRY, healthChecks); handler.addServlet(new NonblockingServletHolder(new AdminServlet()), "/*"); handler.addFilter(AllowedMethodsFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST)) .setInitParameter(AllowedMethodsFilter.ALLOWED_METHODS_PARAM, Joiner.on(',').join(allowedMethods)); return handler; }
EnumSet.of(DispatcherType.REQUEST) ); filterHolder.setInitParameter( CrossOriginFilter.ALLOWED_ORIGINS_PARAM, allowedOrigins
protected Handler createAppServlet(Server server, JerseyEnvironment jersey, ObjectMapper objectMapper, Validator validator, MutableServletContextHandler handler, @Nullable Servlet jerseyContainer, MetricRegistry metricRegistry) { configureSessionsAndSecurity(handler, server); handler.addFilter(AllowedMethodsFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST)) .setInitParameter(AllowedMethodsFilter.ALLOWED_METHODS_PARAM, Joiner.on(',').join(allowedMethods)); if (enableThreadNameFilter) { handler.addFilter(ThreadNameFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST)); } serverPush.addFilter(handler); if (jerseyContainer != null) { jerseyRootPath.ifPresent(jersey::setUrlPattern); jersey.register(new JacksonBinder(objectMapper)); jersey.register(new HibernateValidationFeature(validator)); if (registerDefaultExceptionMappers == null || registerDefaultExceptionMappers) { jersey.register(new ExceptionMapperBinder(detailedJsonProcessingExceptionMapper)); } handler.addServlet(new NonblockingServletHolder(jerseyContainer), jersey.getUrlPattern()); } final InstrumentedHandler instrumented = new InstrumentedHandler(metricRegistry); instrumented.setServer(server); instrumented.setHandler(handler); return instrumented; }
static void allowAnonymous(FilterHolder authFilter) { /*note that will throw if Anonymous mode is not allowed & user.name is not in query string of the request; * this ensures that in the context of WebHCat, PseudoAuthenticationHandler allows Anonymous even though * WebHCat itself will throw if it can't figure out user.name*/ authFilter.setInitParameter("dfs.web.authentication." + PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true"); } static String getUserName(HttpServletRequest request) {
Enum<DispatcherType> dispatchers = EnumSet.allOf(DispatcherType.class); FilterHolder holder = contextHandler.addFilter(MyFilter.class, "/x", dispatchers); holder.setInitParameter("param", "a"); contextHandler.addFilter(holder, "*.y", dispatchers); contextHandler.addFilter(holder, "/z/*", dispatchers);
protected Object createInitParam(final Map map) { String name = (String) map.remove("name"); String value = (String) map.remove("value"); filterHolder.setInitParameter(name, value); return null; }
FilterHolder holder = new FilterHolder(new MyFilter()); holder.setName("my-filter"); holder.setInitParameter("param", "a"); contextHandler.addFilter(holder, "/x", EnumSet.allOf(DispatcherType.class)); contextHandler.addFilter(holder, "*.y", EnumSet.allOf(DispatcherType.class)); contextHandler.addFilter(holder, "/z/*", EnumSet.allOf(DispatcherType.class));
public FilterHolder makeFrameOptionFilter() { FilterHolder frameOptionFilter = new FilterHolder(XFrameOptionsFilter.class); frameOptionFilter.setInitParameter(AppConfig.FRAME_OPTIONS_FILETER, conf.get(AppConfig.FRAME_OPTIONS_FILETER)); return frameOptionFilter; }
private static ServletContextHandler generateServletContextHandler( WebApplicationContext webappContext ) throws IOException { ServletContextHandler contextHandler = new ServletContextHandler(); contextHandler.setContextPath("/"); contextHandler.addServlet(new ServletHolder(new DispatcherServlet(webappContext)), "/*"); contextHandler.addEventListener(new ContextLoaderListener(webappContext)); FilterHolder requestTracingFilterHolder = contextHandler.addFilter( RequestTracingFilter.class, "/*", EnumSet.allOf(DispatcherType.class) ); requestTracingFilterHolder.setInitParameter(USER_ID_HEADER_KEYS_LIST_INIT_PARAM_NAME, USER_ID_HEADER_KEYS); return contextHandler; }
private void applyCrossOriginFiltering(WebsocketEndpoint endpoint, ServletContextHandler context) { if (endpoint.isCrossOriginFilterOn()) { FilterHolder filterHolder = new FilterHolder(); CrossOriginFilter filter = new CrossOriginFilter(); filterHolder.setFilter(filter); filterHolder.setInitParameter("allowedOrigins", endpoint.getAllowedOrigins()); context.addFilter(filterHolder, endpoint.getFilterPath(), EnumSet.allOf(DispatcherType.class)); } }