Package net.sf.spnego

Class IAMHttpGatewayFilter

  • All Implemented Interfaces:
    jakarta.servlet.Filter
    public class IAMHttpGatewayFilter
extends Object
implements jakarta.servlet.Filter
    Be sure to specify this filter (IAMHttpGatewayFilter) BEFORE the IAMUserGatewayFilter.

    Do all you can to avoid using IAM Gateways. Do not use IAM Gateways unless you absolutely have no options and someone is forcing you down this HTTP HEADER based approach to authentication.

    Using IAM Gateways and sending usernames via an HTTP HEADER is inherently unsafe.

    Note:

    The two example classes (IAMHttpGatewayFilter and IAMUserGatewayFilter) is only meant to be illustrative. Feel free to use these two example classes as an inspiration on how you can make your implementation more robust.

    Implementation Note:

    The corresponding filter-mapping for this filter (IAMHttpGatewayFilter) must be specified BEFORE the filter-mapping for the IAMUserGatewayFilter.

    Author:
    Darwin V. Felix

    • Constructor Detail

      • IAMHttpGatewayFilter

        public IAMHttpGatewayFilter()

    • Method Detail

      • init

        public void init​(jakarta.servlet.FilterConfig filterConfig)
          throws jakarta.servlet.ServletException
        Specified by:
        init in interface jakarta.servlet.Filter
        Throws:
        jakarta.servlet.ServletException

      • destroy

        public void destroy()
        Specified by:
        destroy in interface jakarta.servlet.Filter

      • doFilter

        public void doFilter​(jakarta.servlet.ServletRequest request,
                     jakarta.servlet.ServletResponse response,
                     jakarta.servlet.FilterChain chain)
              throws IOException,
                     jakarta.servlet.ServletException
        Specified by:
        doFilter in interface jakarta.servlet.Filter
        Throws:
        IOException
        jakarta.servlet.ServletException