Creating a Custom Filter

The custom filter will be a basic authentication filter which will authenticate the user with hardcoded values. The Principal forwarded by the filter will be used to authenticate the user.

The filter will require the following dependencies:

q  Javax Servlet

q  Tomcat embed core

Steps:

1.     Create a HTTP request wrapper.

The class will contain the following:

·         the original incoming HTTP request

·         the Principal which contains both the credentials and the roles for the authenticated user.

The HTTP wrapper will be forwarded to Panopticon Real Time instead of the original incoming HTTP request.

import org.apache.catalina.realm.GenericPrincipal;

import org.apache.catalina.users.MemoryUser;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletRequestWrapper;

import java.security.Principal;

 

public class FilterRequestWrapper extends HttpServletRequestWrapper {

 

   private final GenericPrincipal principal;

 

   public FilterRequestWrapper(final HttpServletRequest request, final GenericPrincipal principal) {

        super(request);

        this.principal = principal;

    }

 

    @Override

    public Principal getUserPrincipal() {

        return principal;

    }

 

    @Override

    public boolean isUserInRole(final String role) {

        if (principal != null) {

            return principal.hasRole(role);

        }

        return super.isUserInRole(role);

    }

}

2.     Create a custom filter. The filter will create a new Principal which includes both the credentials and the groups/roles for the user.

In this example, the class GenericPrincipal  contains username, password, and groups. Panopticon Real Time is only able to extract the groups from GenericPrincipal  class or the MemoryUser  class. Both the Principal and the original HTTP request will be wrapped in an instance of FilterRequestWrapper. The wrapper will then be forwarded towards Panopticon Real Time.

import org.apache.catalina.realm.GenericPrincipal;

import org.apache.catalina.users.MemoryUser;

import javax.servlet.*;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

import java.security.Principal;

import java.util.Arrays;

import java.util.List;

 

public class ExampleFilter implements Filter{

 

    @Override

    public void init(FilterConfig filterConfig) throws ServletException {}

 

    @Override

    public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

        if (!(servletRequest instanceof HttpServletRequest || !(servletRequest instanceof HttpServletResponse))) {

            return;

        }

 

        final HttpServletRequest request = (HttpServletRequest) servletRequest;

        final HttpServletResponse response = (HttpServletResponse) servletResponse;

        final String username = "username";

        final String password = "password";

        final List<String> groups = Arrays.asList("Group1", "Group2");

        final GenericPrincipal principal = new GenericPrincipal(username, password, groups);

        filterChain.doFilter(new FilterRequestWrapper(request, principal), response);

    }

 

    @Override

    public void destroy() {}

}

3.     When these classes have been created, you can compile them and package them in a jar file.

4.     Copy the jar file to the WEB-INF/lib  folder in the panopticon  war file (or the extracted folder).

5.     Enable the filter by adding the following code to the web.xml  file in panopticon WEB-INF  folder:

    <filter>

        <filter-name>ExampleFilter</filter-name>

        <filter-class>com.datawatch.server.filter.ExampleFilter</filter-class>

    </filter>

    <filter-mapping>

        <filter-name>ExampleFilter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>