Class SOLRAuthenticationFilter

java.lang.Object
org.alfresco.repo.web.scripts.solr.SOLRAuthenticationFilter
All Implemented Interfaces:
DependencyInjectedFilter, org.springframework.beans.factory.InitializingBean

public class SOLRAuthenticationFilter extends Object implements DependencyInjectedFilter, org.springframework.beans.factory.InitializingBean
This filter protects the solr callback urls by verifying a shared secret on the request header if the secureComms property is set to "secret". If it is set to "https", this will will just verify that the request came in through a "secure" tomcat connector. (but it will not validate the certificate on the request; this done in a different filter).
Since:
4.0
  • Constructor Details

    • SOLRAuthenticationFilter

      public SOLRAuthenticationFilter()
  • Method Details

    • setSecureComms

      public void setSecureComms(String type)
    • setSharedSecret

      public void setSharedSecret(String sharedSecret)
    • setSharedSecretHeader

      public void setSharedSecretHeader(String sharedSecretHeader)
    • afterPropertiesSet

      public void afterPropertiesSet() throws Exception
      Specified by:
      afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
      Throws:
      Exception
    • doFilter

      public void doFilter(javax.servlet.ServletContext context, javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
      Description copied from interface: DependencyInjectedFilter
      The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain. The FilterChain passed in to this method allows the Filter to pass on the request and response to the next entity in the chain.

      A typical implementation of this method would follow the following pattern:-
      1. Examine the request
      2. Optionally wrap the request object with a custom implementation to filter content or headers for input filtering
      3. Optionally wrap the response object with a custom implementation to filter content or headers for output filtering
      4. a) Either invoke the next entity in the chain using the FilterChain object ( chain.doFilter()),
      4. b) or not pass on the request/response pair to the next entity in the filter chain to block the request processing
      5. Directly set headers on the response after invocation of the next entity in the filter chain.

      Specified by:
      doFilter in interface DependencyInjectedFilter
      Throws:
      IOException
      javax.servlet.ServletException