• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• spring-rest-server-master
  • src
    • main
      • resources
        • dozer-global-configuration.xml
        • logback.xml
        • i18n
          • messages_en_GB.properties
          • messages_en_US.properties
          • messages_sv.properties
        • config.properties
        • dozer-mapping.xml
      • java
        • com
          • captechconsulting
            • security
              • EncryptionUtil.java
              • HeaderTokenSecurityContext.java
              • HeaderAuthenticationFilter.java
              • HeaderUtil.java
            • config
              • DozerConfig.java
              • WebConfig.java
              • DataConfig.java
              • MyWebAppInitializer.java
              • AppConfig.java
              • SecurityConfig.java
              • SecurityWebAppInitializer.java
            • facade
              • Versions.java
              • DefaultExceptionHandler.java
              • v1_0
                • validators
                  • Numeric.java
                  • Alphabetic.java
                  • MatchingPackageNumbers.java
                  • PackageNumber.java
                  • PhoneNumber.java
                  • Alphanumeric.java
                • controllers
                  • TicketFacade.java
                  • LocationFacade.java
                • data
                  • AddressVO.java
                  • LocationScanVO.java
                  • LocationVO.java
                  • TicketVO.java
              • v2_0
                • validators
                  • Email.java
                • controllers
                  • TicketFacade.java
                  • LocationFacade.java
                • data
                  • LocationScanVO.java
                  • TicketVO.java
            • core
              • dao
                • TicketDao.java
                • LocationDao.java
              • Fixtures.java
              • service
                • TicketService.java
                • MappingService.java
                • LocationService.java
              • domain
                • LocationScan.java
                • Address.java
                • Location.java
                • Ticket.java
  • pom.xml
  • LICENSE
  • README.md
  • .gitignore

package com.captechconsulting.security;

import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.web.filter.GenericFilterBean;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class HeaderAuthenticationFilter extends GenericFilterBean {

    private UserDetailsService userDetailsService;

    private HeaderUtil headerUtil;

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {

        UserDetails userDetails = loadUserDetails((HttpServletRequest) request);
        SecurityContext contextBeforeChainExecution = createSecurityContext(userDetails);

        try {
            SecurityContextHolder.setContext(contextBeforeChainExecution);
            if (contextBeforeChainExecution.getAuthentication() != null && contextBeforeChainExecution.getAuthentication().isAuthenticated()) {
                String userName = (String) contextBeforeChainExecution.getAuthentication().getPrincipal();
                headerUtil.addHeader((HttpServletResponse) response, userName);
            }
            filterChain.doFilter(request, response);
        }
        finally {
            // Clear the context and free the thread local
            SecurityContextHolder.clearContext();
        }
    }

    private SecurityContext createSecurityContext(UserDetails userDetails) {
        if (userDetails != null) {
            SecurityContextImpl securityContext = new SecurityContextImpl();
            Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails.getUsername(), userDetails.getPassword(), userDetails.getAuthorities());
            securityContext.setAuthentication(authentication);
            return securityContext;
        }
        return SecurityContextHolder.createEmptyContext();
    }

    private UserDetails loadUserDetails(HttpServletRequest request) {
        String userName = headerUtil.getUserName(request);

        return userName != null
                ? userDetailsService.loadUserByUsername(userName)
                : null;
    }

    public void userDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public void headerUtil(HeaderUtil headerUtil) {
        this.headerUtil = headerUtil;
    }
}