opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerCustomFilter.java

   1 /*
   2  * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
   3  *
   4  * This program and the accompanying materials are made available under the
   5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
   6  * and is available at http://www.eclipse.org/legal/epl-v10.html
   7  */
   8
   9 package org.opendaylight.controller.web;
  10
  11 import java.io.IOException;
  12 import java.util.List;
  13 import java.util.Map;
  14
  15 import javax.servlet.FilterChain;
  16 import javax.servlet.ServletException;
  17 import javax.servlet.ServletRequest;
  18 import javax.servlet.ServletResponse;
  19 import javax.servlet.http.Cookie;
  20 import javax.servlet.http.HttpServletRequest;
  21 import javax.servlet.http.HttpServletResponse;
  22
  23 import org.opendaylight.controller.sal.utils.ServiceHelper;
  24 import org.opendaylight.controller.usermanager.IUserManager;
  25 import org.slf4j.Logger;
  26 import org.slf4j.LoggerFactory;
  27 import org.springframework.security.access.AccessDeniedException;
  28 import org.springframework.security.core.context.SecurityContextHolder;
  29 import org.springframework.web.filter.GenericFilterBean;
  30
  31 public class ControllerCustomFilter extends GenericFilterBean {
  32
  33     private static final Logger logger = LoggerFactory
  34             .getLogger(ControllerCustomFilter.class);
  35
  36
  37     @Override
  38     public void doFilter(ServletRequest req, ServletResponse resp,
  39             FilterChain chain) throws IOException, ServletException {
  40         //custom filter to handle logged out users
  41         HttpServletRequest request = (HttpServletRequest) req;
  42         HttpServletResponse response = (HttpServletResponse) resp;
  43
  44         String url = request.getRequestURL().toString();
  45
  46         //skip anonymous auth
  47         if (!(url.indexOf("login") > -1) && !(url.indexOf("logout") > -1)) {
  48             if (SecurityContextHolder.getContext().getAuthentication() != null
  49                     && SecurityContextHolder.getContext().getAuthentication()
  50                             .isAuthenticated()) {
  51
  52                 IUserManager userManager = (IUserManager) ServiceHelper
  53                         .getGlobalInstance(IUserManager.class, this);
  54                 if (userManager != null) {
  55                     Map<String, List<String>> activeUsers = userManager
  56                             .getUserLoggedIn();
  57                     if (activeUsers != null && activeUsers.size() > 0) {
  58
  59                         String username = SecurityContextHolder.getContext()
  60                                 .getAuthentication().getName();
  61                         if (!activeUsers.containsKey(username)) {
  62                             throw new AccessDeniedException(
  63                                     "UserManager activeUserList does not contain user "
  64                                             + username);
  65                         }
  66                     } else {
  67                         logger.error("UserManager return empty activeusers");
  68                         throw new AccessDeniedException(
  69                                 "UserManager activeUserList is empty. ");
  70                     }
  71                 } else {
  72                     logger.error("UserManager Ref is null. ");
  73                     throw new RuntimeException("UserManager Ref is null. ");
  74                 }
  75
  76             } else {
  77                 logger.error("SecurityContextHolder getAuthentication is null");
  78                 throw new AccessDeniedException(
  79                         "SecurityContextHolder is not populated");
  80             }
  81         }
  82
  83         chain.doFilter(request, response);
  84     }
  85
  86
  87 }