summaryrefslogtreecommitdiff
path: root/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/ForbiddingAuthorisationFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/ForbiddingAuthorisationFilter.java')
-rw-r--r--qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/ForbiddingAuthorisationFilter.java73
1 files changed, 73 insertions, 0 deletions
diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/ForbiddingAuthorisationFilter.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/ForbiddingAuthorisationFilter.java
new file mode 100644
index 0000000000..b7f4b347c7
--- /dev/null
+++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/ForbiddingAuthorisationFilter.java
@@ -0,0 +1,73 @@
+package org.apache.qpid.server.management.plugin.filter;
+
+import java.io.IOException;
+import java.security.AccessControlException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
+import org.apache.qpid.server.management.plugin.HttpManagementUtil;
+import org.apache.qpid.server.model.Broker;
+
+public class ForbiddingAuthorisationFilter implements Filter
+{
+ public static String INIT_PARAM_ALLOWED = "allowed";
+ private String _allowed = null;
+
+ private Broker _broker;
+ private HttpManagementConfiguration _managementConfiguration;
+
+ @Override
+ public void destroy()
+ {
+ }
+
+ @Override
+ public void init(FilterConfig config) throws ServletException
+ {
+ String allowed = config.getInitParameter(INIT_PARAM_ALLOWED);
+ if (allowed != null)
+ {
+ _allowed = allowed;
+ }
+ ServletContext servletContext = config.getServletContext();
+ _broker = HttpManagementUtil.getBroker(servletContext);
+ _managementConfiguration = HttpManagementUtil.getManagementConfiguration(servletContext);
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
+ ServletException
+ {
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpServletResponse httpResponse = (HttpServletResponse) response;
+ String servletPath = httpRequest.getServletPath();
+ if (_allowed == null || "".equals(_allowed) || servletPath.indexOf(_allowed) == -1)
+ {
+ try
+ {
+ HttpManagementUtil.checkRequestAuthenticatedAndAccessAuthorized(httpRequest, _broker, _managementConfiguration);
+ }
+ catch(AccessControlException e)
+ {
+ httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
+ return;
+ }
+ catch(SecurityException e)
+ {
+ httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+ return;
+ }
+ }
+ chain.doFilter(request, response);
+ }
+
+}
View Lorry Controller Status