HeaderPreAuthFilter.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */
  20. package org.openspcoop2.utils.service.authentication.preauth.filter;

  22. import javax.servlet.http.HttpServletRequest;

  24. import org.apache.commons.lang.StringUtils;
  25. import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;

  27. /**
  28.  * HeaderPreAuthFilter
  29.  * 
  30.  * Classe per la lettura del principal dell'utenza da un header.
  31.  * Estendere la classe e ridefinire il metodo getPrincipalHeaderName per leggere il nome dell'header da properties.
  32.  * 
  33.  * @author Giuliano Pintori (pintori@link.it)
  34.  * @author $Author$
  35.  * @version $Rev$, $Date$
  36.  */
  37. public class HeaderPreAuthFilter extends RequestHeaderAuthenticationFilter {

  39.     public HeaderPreAuthFilter() {
  40.         super();
  41.         String headerAuth = this.getPrincipalHeaderName();
  42.         
  43.         // se ho definito un header name allora lo uso per leggere il principal, altrimenti il filtro usa l'header 'SM_USER'
  44.         if(StringUtils.isNotEmpty(headerAuth))
  45.             this.setPrincipalRequestHeader(headerAuth);
  46.     }

  48.     @Override
  49.     protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {
  50.         return super.getPreAuthenticatedPrincipal(request);
  51.     }

  53.     @Override
  54.     protected Object getPreAuthenticatedCredentials(HttpServletRequest request) {
  55.         return super.getPreAuthenticatedCredentials(request);
  56.     }

  58.     /**
  59.      * Restituisce il nome dell'header dove e' contenuto il principal da usare
  60.      * Ridefinire il metodo per leggere il nome dell'header per esempio da file di properties
  61.      * 
  62.      * @return PrincipalHeaderName
  63.      */
  64.     protected String getPrincipalHeaderName() {
  65.         return null;
  66.     }
  67. }
Created with JaCoCo 0.8.8.202204050719