Creating a Custom Filter
The custom filter will be a basic authentication filter which will authenticate the user with hardcoded values. The Principal forwarded by the filter will be used to authenticate the user.
The filter will require the following dependencies:
q Javax Servlet
q Tomcat embed core
Steps:
1. Create a HTTP request wrapper.
The class will contain the following:
· the original incoming HTTP request
· the Principal which contains both the credentials and the roles for the authenticated user.
The HTTP wrapper will be forwarded to Panopticon Real Time instead of the original incoming HTTP request.
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.users.MemoryUser;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.security.Principal;
public class FilterRequestWrapper extends HttpServletRequestWrapper {
private final GenericPrincipal principal;
public FilterRequestWrapper(final HttpServletRequest request, final GenericPrincipal principal) {
super(request);
this.principal = principal;
}
@Override
public Principal getUserPrincipal() {
return principal;
}
@Override
public boolean isUserInRole(final String role) {
if (principal != null) {
return principal.hasRole(role);
}
return super.isUserInRole(role);
}
}
2. Create a custom filter. The filter will create a new Principal which includes both the credentials and the groups/roles for the user.
In this example, the class GenericPrincipal contains username, password, and groups. Panopticon Real Time is only able to extract the groups from GenericPrincipal class or the MemoryUser class. Both the Principal and the original HTTP request will be wrapped in an instance of FilterRequestWrapper. The wrapper will then be forwarded towards Panopticon Real Time.
import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.users.MemoryUser;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.Principal;
import java.util.Arrays;
import java.util.List;
public class ExampleFilter implements Filter{
@Override
public void init(FilterConfig filterConfig) throws ServletException {}
@Override
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
if (!(servletRequest instanceof HttpServletRequest || !(servletRequest instanceof HttpServletResponse))) {
return;
}
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse;
final String username = "username";
final String password = "password";
final List<String> groups = Arrays.asList("Group1", "Group2");
final GenericPrincipal principal = new GenericPrincipal(username, password, groups);
filterChain.doFilter(new FilterRequestWrapper(request, principal), response);
}
@Override
public void destroy() {}
}
3. When these classes have been created, you can compile them and package them in a jar file.
4. Copy the jar file to the WEB-INF/lib folder in the panopticon war file (or the extracted folder).
5. Enable the filter by adding the following code to the web.xml file in panopticon WEB-INF folder:
<filter>
<filter-name>ExampleFilter</filter-name>
<filter-class>com.datawatch.server.filter.ExampleFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ExampleFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>