From 5caf0800a080d3ac4fb9573b319336160b2ebcba Mon Sep 17 00:00:00 2001 From: Zlatko Murgoski Date: Wed, 17 Apr 2019 10:10:30 +0200 Subject: VES Collector - certBasicAuth https://jira.onap.org/browse/DCAEGEN2-1440 Issue-ID: DCAEGEN2-1440 Change-Id: I7976d03c65e261930533a49a6716fd6161124ad9 Signed-off-by: Zlatko Murgoski --- .../dcae/common/configuration/CustomFilter.java | 83 ---------------------- 1 file changed, 83 deletions(-) delete mode 100644 src/main/java/org/onap/dcae/common/configuration/CustomFilter.java (limited to 'src/main/java/org/onap/dcae/common/configuration/CustomFilter.java') diff --git a/src/main/java/org/onap/dcae/common/configuration/CustomFilter.java b/src/main/java/org/onap/dcae/common/configuration/CustomFilter.java deleted file mode 100644 index ae693fa6..00000000 --- a/src/main/java/org/onap/dcae/common/configuration/CustomFilter.java +++ /dev/null @@ -1,83 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * org.onap.dcaegen2.collectors.ves - * ================================================================================ - * Copyright (C) 2019 Nokia. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.dcae.common.configuration; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Paths; -import java.security.cert.X509Certificate; -import java.util.Arrays; -import java.util.regex.Pattern; -import java.util.stream.Collectors; -import java.util.stream.Stream; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; -import org.onap.dcae.ApplicationSettings; -import org.springframework.context.annotation.Configuration; -import org.springframework.web.filter.GenericFilterBean; - -@Configuration -public class CustomFilter extends GenericFilterBean { - - private static final String CERTIFICATE_X_509 = "javax.servlet.request.X509Certificate"; - private static final String MESSAGE = "SubjectDN didn't match with any regexp from %s file like %s"; - private ApplicationSettings properties; - - public CustomFilter(ApplicationSettings properties) { - this.properties = properties; - } - - @Override - public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, - FilterChain filterChain) throws IOException, ServletException { - - X509Certificate[] cert = (X509Certificate[]) servletRequest.getAttribute(CERTIFICATE_X_509); - - if (cert != null) { - if (getLines().anyMatch(element -> Pattern.compile(element).matcher(getSubjectDN(cert)).find())) { - filterChain.doFilter(servletRequest, servletResponse); - } else { - setResponse((HttpServletResponse) servletResponse); - } - } else { - filterChain.doFilter(servletRequest, servletResponse); - } - } - - private void setResponse(HttpServletResponse servletResponse) throws IOException { - HttpServletResponse response = servletResponse; - response.sendError(HttpServletResponse.SC_FORBIDDEN, - String.format(MESSAGE, properties.certSubjectMatcher(), getLines().collect(Collectors.joining(" ")))); - } - - private Stream getLines() throws IOException { - return Files.lines(Paths.get(properties.certSubjectMatcher())); - } - - private String getSubjectDN(X509Certificate[] certs) { - return Arrays.stream(certs).map(e -> e.getSubjectDN().getName()) - .map(x -> x.split(",")).flatMap(Arrays::stream) - .collect(Collectors.joining(",")); - } -} -- cgit 1.2.3-korg