/**
* Destroys the filter.
*
* <p>It invokes the {@link AuthenticationHandler#destroy()} method to release any resources it
* may hold.
*/
@Override
public void destroy() {
if (authHandler != null) {
authHandler.destroy();
authHandler = null;
}
if (secretProvider != null) {
secretProvider.destroy();
}
}
/**
* Initializes the authentication filter.
*
* <p>It instantiates and initializes the specified {@link AuthenticationHandler}.
*
* <p>
*
* @param filterConfig filter configuration.
* @throws ServletException thrown if the filter or the authentication handler could not be
* initialized properly.
*/
@Override
public void init(FilterConfig filterConfig) throws ServletException {
String configPrefix = filterConfig.getInitParameter(CONFIG_PREFIX);
configPrefix = (configPrefix != null) ? configPrefix + "." : "";
Properties config = getConfiguration(configPrefix, filterConfig);
String authHandlerName = config.getProperty(AUTH_TYPE, null);
String authHandlerClassName;
if (authHandlerName == null) {
throw new ServletException(
"Authentication type must be specified: "
+ PseudoAuthenticationHandler.TYPE
+ "|"
+ KerberosAuthenticationHandler.TYPE
+ "|<class>");
}
if (authHandlerName.toLowerCase(Locale.ENGLISH).equals(PseudoAuthenticationHandler.TYPE)) {
authHandlerClassName = PseudoAuthenticationHandler.class.getName();
} else if (authHandlerName
.toLowerCase(Locale.ENGLISH)
.equals(KerberosAuthenticationHandler.TYPE)) {
authHandlerClassName = KerberosAuthenticationHandler.class.getName();
} else {
authHandlerClassName = authHandlerName;
}
try {
Class<?> klass =
Thread.currentThread().getContextClassLoader().loadClass(authHandlerClassName);
authHandler = (AuthenticationHandler) klass.newInstance();
authHandler.init(config);
} catch (ClassNotFoundException ex) {
throw new ServletException(ex);
} catch (InstantiationException ex) {
throw new ServletException(ex);
} catch (IllegalAccessException ex) {
throw new ServletException(ex);
}
validity = Long.parseLong(config.getProperty(AUTH_TOKEN_VALIDITY, "36000")) * 1000; // 10 hours
secretProvider =
(SignerSecretProvider)
filterConfig.getServletContext().getAttribute(SIGNATURE_PROVIDER_ATTRIBUTE);
if (secretProvider == null) {
String signerSecretProviderClassName =
config.getProperty(configPrefix + SIGNER_SECRET_PROVIDER_CLASS, null);
if (signerSecretProviderClassName == null) {
String signatureSecret = config.getProperty(configPrefix + SIGNATURE_SECRET, null);
if (signatureSecret != null) {
secretProvider = new StringSignerSecretProvider(signatureSecret);
} else {
secretProvider = new RandomSignerSecretProvider();
randomSecret = true;
}
} else {
try {
Class<?> klass =
Thread.currentThread()
.getContextClassLoader()
.loadClass(signerSecretProviderClassName);
secretProvider = (SignerSecretProvider) klass.newInstance();
customSecretProvider = true;
} catch (ClassNotFoundException ex) {
throw new ServletException(ex);
} catch (InstantiationException ex) {
throw new ServletException(ex);
} catch (IllegalAccessException ex) {
throw new ServletException(ex);
}
}
try {
secretProvider.init(config, validity);
} catch (Exception ex) {
throw new ServletException(ex);
}
} else {
customSecretProvider = true;
}
signer = new Signer(secretProvider);
cookieDomain = config.getProperty(COOKIE_DOMAIN, null);
cookiePath = config.getProperty(COOKIE_PATH, null);
}
