View Javadoc
1   /**
2    * This Source Code Form is subject to the terms of the Mozilla Public
3    * License, v. 2.0. If a copy of the MPL was not distributed with this
4    * file, You can obtain one at http://mozilla.org/MPL/2.0/.
5    *
6    * If it is not possible or desirable to put the notice in a particular
7    * file, then You may include the notice in a location (such as a LICENSE
8    * file in a relevant directory) where a recipient would be likely to look
9    * for such a notice.
10  
11   * 
12   */
13   
14  /*  ---------------------------------------------------------------------------
15   *  U.S. Government, Department of the Army
16   *  Army Materiel Command
17   *  Research Development Engineering Command
18   *  Communications Electronics Research Development and Engineering Center
19   *  ---------------------------------------------------------------------------
20   */
21  
22  package org.miloss.fgsms.auth;
23  
24  import java.security.Principal;
25  import java.util.ArrayList;
26  import java.util.List;
27  
28  import javax.servlet.http.HttpServletRequest;
29  import javax.servlet.http.HttpServletRequestWrapper;
30  
31  /**
32   *
33   * @author AO
34   */
35  /**
36   * An extension for the HTTPServletRequest that overrides the getUserPrincipal() and isUserInRole().
37   *  We supply these implementations here, where they are not normally populated unless we are going through
38   *  the facility provided by the container.
39   * <p>If he user or roles are null on this wrapper, the parent request is consulted to try to fetch what ever the container has set for us.
40   * This is intended to be created and used by the UserRoleFilter.
41   * @author thein
42   *
43   */
44  public class PKIRequestWrapper extends HttpServletRequestWrapper {
45  
46      public PKIRequestWrapper(String user, List<String> roles, HttpServletRequest request) {
47          super(request);
48          this.user = user;
49          this.roles = roles;
50          this.realRequest = request;
51  
52      }
53      List<String> roles = null;
54      HttpServletRequest realRequest;
55      String user = null;
56  
57  
58      @Override
59      public String getAuthType() {
60          return "CLIENT-CERT";
61      }
62  
63      @Override
64      public boolean isUserInRole(String role) {
65          if (roles == null) {
66              return this.realRequest.isUserInRole(role);
67          }
68          return roles.contains(role);
69      }
70  
71      @Override
72      public Principal getUserPrincipal() {
73          if (this.user == null) {
74              return realRequest.getUserPrincipal();
75          }
76  
77          // make an anonymous implementation to just return our user
78          return new Principal() {
79  
80              @Override
81              public String getName() {
82                  return user;
83              }
84          };
85      }
86  }