modules/samples/userguide/src/userguide/springbootdemo/src/main/java/userguide/springboot/security/webservices/WSLoginFilter.java - axis-axis2-java-core - Git at Google


 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements. See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership. The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License. You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package userguide.springboot.security.webservices;

 import java.io.IOException;
 import java.util.Enumeration;

 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.filter.GenericFilterBean;

 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;

 @PropertySource("classpath:application.properties")
 public class WSLoginFilter extends GenericFilterBean  {

     @Value("${requestDebuggingActivated}")
     private int requestDebuggingActivated;

     @Override
     public void doFilter(
         ServletRequest request,
         ServletResponse response,
         FilterChain chain) throws IOException, ServletException {

         final String logPrefix = "WSLoginFilter.doFilter() , requestDebuggingActivated: " + requestDebuggingActivated + " , ";

         logger.debug(logPrefix + "starting ... ");

         HttpServletRequest requestToUse = (HttpServletRequest) request;
         HttpServletResponse responseToUse = (HttpServletResponse) response;

         String currentUserIPAddress = null;
         if (requestToUse.getHeader("X-Forwarded-For") != null) {
             currentUserIPAddress = requestToUse.getHeader("X-Forwarded-For");
         } else {
             logger.warn(logPrefix + "cannot find X-Forwarded-For header, this field is required for proper IP auditing");
             logger.warn(logPrefix + "Because no X-Forwarded-For header was found, setting 'currentUserIPAddress = requestToUse.getRemoteAddr()' which is typically an internal address");
             currentUserIPAddress = requestToUse.getRemoteAddr();
         }

         if (currentUserIPAddress == null || currentUserIPAddress.length() == 0 || "unknown".equalsIgnoreCase(currentUserIPAddress)) {
             logger.warn(logPrefix + "cannot find valid currentUserIPAddress");
         } else {
             logger.warn(logPrefix + "IP validation and rate limiting can go here, on currentUserIPAddress: " + currentUserIPAddress);
         }

         if (requestDebuggingActivated == 1) {
 	    boolean foundElements = false;
             for (Enumeration en = requestToUse.getParameterNames(); en
                     .hasMoreElements();) {

                 foundElements = true;

                 Object obj = en.nextElement();
                 String value = request.getParameterValues((String) obj)[0];
                 logger.warn(logPrefix + "on requestDebuggingActivated=1 found String: " +value);

             }
             if (!foundElements) {
                 logger.warn(logPrefix + "on requestDebuggingActivated=1 , no HTTP elements found!");
             }
         }

         chain.doFilter(request, response);
     }

 }

	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package userguide.springboot.security.webservices;

	import java.io.IOException;
	import java.util.Enumeration;

	import javax.servlet.FilterChain;
	import javax.servlet.ServletException;
	import javax.servlet.ServletRequest;
	import javax.servlet.ServletResponse;
	import javax.servlet.http.HttpServletRequest;
	import javax.servlet.http.HttpServletResponse;

	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.web.filter.GenericFilterBean;

	import org.springframework.beans.factory.annotation.Value;
	import org.springframework.context.annotation.PropertySource;
	import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;

	@PropertySource("classpath:application.properties")
	public class WSLoginFilter extends GenericFilterBean {

	@Value("${requestDebuggingActivated}")
	private int requestDebuggingActivated;

	@Override
	public void doFilter(
	ServletRequest request,
	ServletResponse response,
	FilterChain chain) throws IOException, ServletException {

	final String logPrefix = "WSLoginFilter.doFilter() , requestDebuggingActivated: " + requestDebuggingActivated + " , ";

	logger.debug(logPrefix + "starting ... ");

	HttpServletRequest requestToUse = (HttpServletRequest) request;
	HttpServletResponse responseToUse = (HttpServletResponse) response;

	String currentUserIPAddress = null;
	if (requestToUse.getHeader("X-Forwarded-For") != null) {
	currentUserIPAddress = requestToUse.getHeader("X-Forwarded-For");
	} else {
	logger.warn(logPrefix + "cannot find X-Forwarded-For header, this field is required for proper IP auditing");
	logger.warn(logPrefix + "Because no X-Forwarded-For header was found, setting 'currentUserIPAddress = requestToUse.getRemoteAddr()' which is typically an internal address");
	currentUserIPAddress = requestToUse.getRemoteAddr();
	}

	if (currentUserIPAddress == null \|\| currentUserIPAddress.length() == 0 \|\| "unknown".equalsIgnoreCase(currentUserIPAddress)) {
	logger.warn(logPrefix + "cannot find valid currentUserIPAddress");
	} else {
	logger.warn(logPrefix + "IP validation and rate limiting can go here, on currentUserIPAddress: " + currentUserIPAddress);
	}

	if (requestDebuggingActivated == 1) {
	boolean foundElements = false;
	for (Enumeration en = requestToUse.getParameterNames(); en
	.hasMoreElements();) {

	foundElements = true;

	Object obj = en.nextElement();
	String value = request.getParameterValues((String) obj)[0];
	logger.warn(logPrefix + "on requestDebuggingActivated=1 found String: " +value);

	}
	if (!foundElements) {
	logger.warn(logPrefix + "on requestDebuggingActivated=1 , no HTTP elements found!");
	}
	}

	chain.doFilter(request, response);
	}

	}