aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/web/env/ShiroWebContextSecurer.java

   1 /*
   2  * Copyright (c) 2018 Red Hat, Inc. and others. All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8 package org.opendaylight.aaa.shiro.web.env;
   9
  10 import org.apache.shiro.web.env.EnvironmentLoaderListener;
  11 import org.eclipse.jetty.servlets.CrossOriginFilter;
  12 import org.opendaylight.aaa.shiro.filters.AAAShiroFilter;
  13 import org.opendaylight.aaa.web.FilterDetails;
  14 import org.opendaylight.aaa.web.WebContext;
  15 import org.opendaylight.aaa.web.WebContextBuilder;
  16 import org.opendaylight.aaa.web.WebContextSecurer;
  17
  18 /**
  19  * Secures a {@link WebContext} using Shiro.
  20  *
  21  * @author Michael Vorburger.ch
  22  */
  23 public class ShiroWebContextSecurer implements WebContextSecurer {
  24
  25     private final EnvironmentLoaderListener shiroEnvironmentLoaderListener;
  26
  27     public ShiroWebContextSecurer(EnvironmentLoaderListener shiroEnvironmentLoaderListener) {
  28         this.shiroEnvironmentLoaderListener = shiroEnvironmentLoaderListener;
  29     }
  30
  31     @Override
  32     public void requireAuthentication(WebContextBuilder webContextBuilder, boolean asyncSupported,
  33             String... urlPatterns) {
  34         webContextBuilder.addListener(shiroEnvironmentLoaderListener)
  35
  36                 // AAA filter in front of these REST web services as well as for moon endpoints
  37                 .addFilter(FilterDetails.builder()
  38                         .filter(new AAAShiroFilter())
  39                         .addUrlPatterns(urlPatterns)
  40                         .asyncSupported(asyncSupported)
  41                         .build())
  42
  43                 // CORS filter
  44                 .addFilter(FilterDetails.builder()
  45                         .filter(new CrossOriginFilter())
  46                         .addUrlPatterns(urlPatterns)
  47                         .asyncSupported(asyncSupported)
  48                         .putInitParam("allowedOrigins", "*")
  49                         .putInitParam("allowedMethods", "GET,POST,OPTIONS,DELETE,PUT,HEAD")
  50                         .putInitParam("allowedHeaders", "origin, content-type, accept, authorization")
  51                         .build());
  52
  53     }
  54
  55 }