Calling filter to authenticate kerberos token for pubsub
Project: http://git-wip-us.apache.org/repos/asf/incubator-apex-core/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-apex-core/commit/34b92cb8 Tree: http://git-wip-us.apache.org/repos/asf/incubator-apex-core/tree/34b92cb8 Diff: http://git-wip-us.apache.org/repos/asf/incubator-apex-core/diff/34b92cb8 Branch: refs/heads/devel-3 Commit: 34b92cb8cce49444a91f8bc5a272da7222a91b7e Parents: c0b1178 Author: Pramod Immaneni <[email protected]> Authored: Sat Dec 20 22:06:11 2014 -0800 Committer: David Yan <[email protected]> Committed: Fri Aug 28 10:56:57 2015 -0700 ---------------------------------------------------------------------- PubSubWebSocketServlet.java | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-apex-core/blob/34b92cb8/PubSubWebSocketServlet.java ---------------------------------------------------------------------- diff --git a/PubSubWebSocketServlet.java b/PubSubWebSocketServlet.java index 7693d92..f628364 100644 --- a/PubSubWebSocketServlet.java +++ b/PubSubWebSocketServlet.java @@ -11,7 +11,10 @@ import java.util.Iterator; import java.util.concurrent.ArrayBlockingQueue; import java.util.concurrent.BlockingQueue; +import javax.servlet.FilterChain; import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -124,6 +127,7 @@ public class PubSubWebSocketServlet extends WebSocketServlet @Override protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + boolean handled = false; DTPrincipal principal = null; AuthDatabase auth = gateway.getAuthDatabase(); if (gateway.isDTSessionHandled()) { @@ -148,13 +152,32 @@ public class PubSubWebSocketServlet extends WebSocketServlet throw new WebApplicationException(Status.UNAUTHORIZED); */ //} - } else if (gateway.isHadoopAuthFilterHandled()){ - principal = auth.getUser(request.getUserPrincipal().getName()); + } else if (gateway.isHadoopAuthFilterHandled()) { + final UserHolder userHolder = new UserHolder(); + gateway.getHadoopAuthFilter().doFilter(request, response, new FilterChain() + { + @Override + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException + { + userHolder.username = ((HttpServletRequest)servletRequest).getUserPrincipal().getName(); + } + }); + if (response.getStatus() == HttpServletResponse.SC_OK) { + principal = auth.getUser(userHolder.username); + } else { + handled = true; + } } - if (principal != null) { - request.setAttribute(AUTH_ATTRIBUTE, principal); + if (!handled) { + if (principal != null) { + request.setAttribute(AUTH_ATTRIBUTE, principal); + } + super.service(request, response); } - super.service(request, response); + } + + private class UserHolder { + public String username; } @Override
