Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * JBoss, a division of Red Hat
   * Copyright 2013, Red Hat Middleware, LLC, and individual
   * contributors as indicated by the @authors tag. See the
   * copyright.txt in the distribution for a full listing of
   * individual contributors.
   *
   * This is free software; you can redistribute it and/or modify it
   * under the terms of the GNU Lesser General Public License as
  * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  *
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
 
 package org.gatein.web.security.impersonation;
 
 
Filter to wrap real javax.servlet.http.HttpServletRequest into wrapper, which will be treated as request of impersonated user It should be in filter chain after org.exoplatform.services.security.web.SetCurrentIdentityFilter

Author(s):
Marek Posolda
 
 public class ImpersonationFilter extends AbstractFilter {
     private static final Logger log = LoggerFactory.getLogger(ImpersonationFilter.class);
 
     @Override
     public void doFilter(ServletRequest requestServletResponse responseFilterChain chain)
             throws IOExceptionServletException {
         HttpServletRequest httpRequest = (HttpServletRequest)request;
 
         Identity currentIdentity = ConversationState.getCurrent().getIdentity();
         if (currentIdentity instanceof ImpersonatedIdentity) {
             ImpersonatedIdentity impersonatedIdentity = (ImpersonatedIdentity)currentIdentity;
 
             String remoteUser = httpRequest.getRemoteUser();
             String impersonatedUser = impersonatedIdentity.getUserId();
             String parentImpersonatedUser = impersonatedIdentity.getParentConversationState().getIdentity().getUserId();
 
             // Skip impersonation if impersonatedUser is same as remoteUser. This could theoretically happen during http request re-entrance
             if (remoteUser.equals(impersonatedUser)) {
                 if (.isTraceEnabled()) {
                     .trace("Reentrance detected. Impersonation will be skipped. User: " + remoteUser +
                             ", parentImpersonatedUser: " + parentImpersonatedUser + ", impersonatedUser: " + impersonatedUser);
                 }
             } else {
                 if (.isTraceEnabled()) {
                     .trace("Impersonating current HttpServletRequest. User: " + remoteUser +
                             ", parentImpersonatedUser: " + parentImpersonatedUser + ", impersonatedUser: " + impersonatedUser);
                 }
 
                 // Impersonate current http request
                 httpRequest = new ImpersonatedHttpServletRequestWrapper(httpRequestimpersonatedIdentity);
             }
         }
 
         // Continue with request in all cases
         chain.doFilter(httpRequestresponse);
     }
 
     @Override
     public void destroy() {
     }
 
     public static class ImpersonatedHttpServletRequestWrapper extends HttpServletRequestWrapper {
         private final ImpersonatedIdentity identity;
 
         public ImpersonatedHttpServletRequestWrapper(HttpServletRequest requestImpersonatedIdentity identity) {
             super(request);
             this. = identity;
         }
 
         @Override
        public String getRemoteUser() {
            return this..getUserId();
        }
        @Override
        public boolean isUserInRole(String role) {
            Collection<Stringroles = this..getRoles();
            return roles.contains(role);
        }
        @Override
        public Principal getUserPrincipal() {
            return new UserPrincipal(this..getUserId());
        }
    }
New to GrepCode? Check out our FAQ X