Spring boot custom filter is not working
18,791
This is how I solved it
Added WebSecurityConfig
as
@EnableWebSecurity //(debug = true) // when you want to see what filters are applied
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable().authorizeRequests()
.antMatchers("/css/**", "/js/**", "/images/**", "/static/**", "/**/favicon.ico").permitAll()
.antMatchers(HttpMethod.POST, "/login").permitAll()
.antMatchers("/rest/*").permitAll()
.antMatchers("/").permitAll()
.anyRequest().authenticated();
}
}
and then added Filters
package com.hhimanshu.secure.auth.filters;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
import com.hhimanshu.secure.auth.AppTokenProviderAndAuthenticator;
import com.hhimanshu.secure.auth.GoogleTokenVerifier;
import com.hhimanshu.secure.common.InvalidTokenException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("init /login filter");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
String idToken = ((HttpServletRequest) servletRequest).getHeader("X-ID-TOKEN");
HttpServletResponse response = (HttpServletResponse) servletResponse;
System.out.println("filtered /login request: " + idToken);
if (idToken != null) {
final Payload payload;
try {
payload = GoogleTokenVerifier.verify(idToken);
if (payload != null) {
// TODO: 5/6/17 get this username from DB (createOrGet)
String username = "myUniqueUser";
AppTokenProviderAndAuthenticator.addAuthentication(response, username);
filterChain.doFilter(servletRequest, response);
return;
}
} catch (GeneralSecurityException | InvalidTokenException e) {
// This is not a valid token, we will send HTTP 401 back
}
}
((HttpServletResponse) servletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED);
}
@Override
public void destroy() {
}
}
and
package com.hhimanshu.secure.auth.filters;
import static com.hhimanshu.secure.auth.AppTokenProviderAndAuthenticator.addAuthentication;
import static com.hhimanshu.secure.auth.AppTokenProviderAndAuthenticator.getUserFromToken;
import java.io.IOException;
import java.util.Optional;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
@Component
public class RestFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("init /rest/* filter");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
System.out.println("Token Filter pathInfo:" + request.getRequestURI());
Optional<String> userFromToken = getUserFromToken(request);
if (!userFromToken.isPresent()) {
response.sendError(HttpStatus.UNAUTHORIZED.value());
return;
}
addAuthentication(response, userFromToken.get());
filterChain.doFilter(request, servletResponse);
}
@Override
public void destroy() {
}
}
and registered the filter as
package com.hhimanshu.secure.auth.filters;
import java.util.Collections;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class Filters {
@Bean
public FilterRegistrationBean loginRegistrationBean() {
System.out.println("Setting up loginRegistrationBean");
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(new LoginFilter());
filterRegistrationBean.setUrlPatterns(Collections.singletonList("/login/*"));
return filterRegistrationBean;
}
@Bean
public FilterRegistrationBean restRegistrationBean() {
System.out.println("Setting up restRegistrationBean");
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(new RestFilter());
filterRegistrationBean.setUrlPatterns(Collections.singletonList("/rest/*"));
return filterRegistrationBean;
}
}
and then it started to work
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v1.5.3.RELEASE)
2017-05-09 15:32:42.551 INFO 88944 --- [ restartedMain] com.hhimanshu.secure.ServerApplication : Starting ServerApplication on HHimanshu-MBR64.local with PID 88944 (/Users/Harit.Himanshu/IdeaProjects/q2/server/target/classes started by Harit.Himanshu in /Users/Harit.Himanshu/IdeaProjects/q2/server)
2017-05-09 15:32:42.553 INFO 88944 --- [ restartedMain] com.hhimanshu.secure.ServerApplication : No active profile set, falling back to default profiles: default
2017-05-09 15:32:42.613 INFO 88944 --- [ restartedMain] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@5164cfb9: startup date [Tue May 09 15:32:42 NZST 2017]; root of context hierarchy
2017-05-09 15:32:43.472 INFO 88944 --- [ restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8080 (http)
2017-05-09 15:32:43.480 INFO 88944 --- [ restartedMain] o.apache.catalina.core.StandardService : Starting service Tomcat
2017-05-09 15:32:43.481 INFO 88944 --- [ restartedMain] org.apache.catalina.core.StandardEngine : Starting Servlet Engine: Apache Tomcat/8.5.14
2017-05-09 15:32:43.524 INFO 88944 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2017-05-09 15:32:43.525 INFO 88944 --- [ost-startStop-1] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 914 ms
Setting up loginRegistrationBean
Setting up restRegistrationBean
2017-05-09 15:32:43.622 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'characterEncodingFilter' to: [/*]
2017-05-09 15:32:43.623 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
2017-05-09 15:32:43.623 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'httpPutFormContentFilter' to: [/*]
2017-05-09 15:32:43.623 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'requestContextFilter' to: [/*]
2017-05-09 15:32:43.624 INFO 88944 --- [ost-startStop-1] .s.DelegatingFilterProxyRegistrationBean : Mapping filter: 'springSecurityFilterChain' to: [/*]
2017-05-09 15:32:43.624 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'loginFilter' to urls: [/login/*]
2017-05-09 15:32:43.624 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'restFilter' to urls: [/rest/*]
2017-05-09 15:32:43.624 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Filter restFilter was not registered (possibly already registered?)
2017-05-09 15:32:43.624 INFO 88944 --- [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean : Mapping servlet: 'dispatcherServlet' to [/]
init /login filter
init /rest/* filter
2017-05-09 15:32:43.830 INFO 88944 --- [ restartedMain] b.a.s.AuthenticationManagerConfiguration :
Using default security password: b5705a6c-418d-44b1-8ec0-04d1094693f8
2017-05-09 15:32:43.911 INFO 88944 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: org.springframework.security.web.util.matcher.AnyRequestMatcher@1, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@4494ada7, org.springframework.security.web.context.SecurityContextPersistenceFilter@155437e7, org.springframework.security.web.header.HeaderWriterFilter@1e35a1a1, org.springframework.security.web.authentication.logout.LogoutFilter@5f1a3502, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@2f5ae09c, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@244b340d, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@66f2d458, org.springframework.security.web.session.SessionManagementFilter@76507fe1, org.springframework.security.web.access.ExceptionTranslationFilter@74272ac7, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@3619c72b]
2017-05-09 15:32:43.965 INFO 88944 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerAdapter : Looking for @ControllerAdvice: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@5164cfb9: startup date [Tue May 09 15:32:42 NZST 2017]; root of context hierarchy
2017-05-09 15:32:43.997 INFO 88944 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/rest/hello],methods=[GET]}" onto public java.lang.String com.hhimanshu.secure.api.HelloWorldService.sayHello()
2017-05-09 15:32:43.998 INFO 88944 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/login],methods=[POST]}" onto public void com.hhimanshu.secure.api.LoginService.authenticate()
2017-05-09 15:32:43.999 INFO 88944 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/rest/tweets],methods=[GET]}" onto public java.lang.String com.hhimanshu.secure.api.TweetsService.tweets()
2017-05-09 15:32:44.002 INFO 88944 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error]}" onto public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)
2017-05-09 15:32:44.003 INFO 88944 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error],produces=[text/html]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)
2017-05-09 15:32:44.022 INFO 88944 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/webjars/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-05-09 15:32:44.022 INFO 88944 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-05-09 15:32:44.044 INFO 88944 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/**/favicon.ico] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler]
2017-05-09 15:32:44.058 INFO 88944 --- [ restartedMain] oConfiguration$WelcomePageHandlerMapping : Adding welcome page: class path resource [static/index.html]
2017-05-09 15:32:44.117 INFO 88944 --- [ restartedMain] o.s.b.d.a.OptionalLiveReloadServer : LiveReload server is running on port 35729
2017-05-09 15:32:44.150 INFO 88944 --- [ restartedMain] o.s.j.e.a.AnnotationMBeanExporter : Registering beans for JMX exposure on startup
2017-05-09 15:32:44.188 INFO 88944 --- [ restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (http)
2017-05-09 15:32:44.192 INFO 88944 --- [ restartedMain] com.hhimanshu.secure.ServerApplication : Started ServerApplication in 2.112 seconds (JVM running for 2.425)
2017-05-09 15:32:49.114 INFO 88944 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring FrameworkServlet 'dispatcherServlet'
2017-05-09 15:32:49.114 INFO 88944 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization started
2017-05-09 15:32:49.123 INFO 88944 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization completed in 9 ms
Token Filter pathInfo:/rest/goobar
filtered /login request: eyJhbGciOiJSUzI1NiIsImtpZCI6IjdlM2Q4MDg3NjU1ZWRkMTVjMmU0MjdiODA2ZWQ5MTM1NGRkZGU4ZDUifQ.eyJhenAiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDAyMTY2OTY4MzI0NzA0MzE1MDciLCJlbWFpbCI6Imhhcml0LnN1YnNjcmlwdGlvbnNAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJ2UHItSWR5MGc2TDlQTzZ0V1UtdFBBIiwiaXNzIjoiYWNjb3VudHMuZ29vZ2xlLmNvbSIsImlhdCI6MTQ5NDI5NjQ3MSwiZXhwIjoxNDk0MzAwMDcxLCJuYW1lIjoiSGFyaXQgSGltYW5zaHUiLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDQuZ29vZ2xldXNlcmNvbnRlbnQuY29tLy1fbFhqMk9VbVRuZy9BQUFBQUFBQUFBSS9BQUFBQUFBQUFDTS9YYU5jMTJadGV5OC9zOTYtYy9waG90by5qcGciLCJnaXZlbl9uYW1lIjoiSGFyaXQiLCJmYW1pbHlfbmFtZSI6IkhpbWFuc2h1IiwibG9jYWxlIjoiZW4ifQ.kU6tkNvfqaWrcj6UhptCHT8_JzP89wM_GdRFeqwgr3mbZCaT_k_lV3TbYbV-m_yBXQcTUe0vmxLYrpF2myJevSczK3jVTHpFM2xdQsN0Vxi9JgLIChpoKBDLQIcFyacOYq2UGXQzOq1atEjqNoXeaPEsKYk9E2coGEJZ0RQmthnJ0GtNMnZlF_djds_yV0LSOjbeWPS2gCGjk__WFsSr8rBWh9xG8hoBBY8E94k4zPVzEgb18UhN3_ghrOV30j7UVGETSkFIaQeL0oJ6KEptY_O-kjCQgdy_Ji0GH7OIQ9bqG4UjgEDUbVqC97X1s5QcHQ19rjE8RbA3sPL2zQT5qw
validating:eyJhbGciOiJSUzI1NiIsImtpZCI6IjdlM2Q4MDg3NjU1ZWRkMTVjMmU0MjdiODA2ZWQ5MTM1NGRkZGU4ZDUifQ.eyJhenAiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDAyMTY2OTY4MzI0NzA0MzE1MDciLCJlbWFpbCI6Imhhcml0LnN1YnNjcmlwdGlvbnNAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJ2UHItSWR5MGc2TDlQTzZ0V1UtdFBBIiwiaXNzIjoiYWNjb3VudHMuZ29vZ2xlLmNvbSIsImlhdCI6MTQ5NDI5NjQ3MSwiZXhwIjoxNDk0MzAwMDcxLCJuYW1lIjoiSGFyaXQgSGltYW5zaHUiLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDQuZ29vZ2xldXNlcmNvbnRlbnQuY29tLy1fbFhqMk9VbVRuZy9BQUFBQUFBQUFBSS9BQUFBQUFBQUFDTS9YYU5jMTJadGV5OC9zOTYtYy9waG90by5qcGciLCJnaXZlbl9uYW1lIjoiSGFyaXQiLCJmYW1pbHlfbmFtZSI6IkhpbWFuc2h1IiwibG9jYWxlIjoiZW4ifQ.kU6tkNvfqaWrcj6UhptCHT8_JzP89wM_GdRFeqwgr3mbZCaT_k_lV3TbYbV-m_yBXQcTUe0vmxLYrpF2myJevSczK3jVTHpFM2xdQsN0Vxi9JgLIChpoKBDLQIcFyacOYq2UGXQzOq1atEjqNoXeaPEsKYk9E2coGEJZ0RQmthnJ0GtNMnZlF_djds_yV0LSOjbeWPS2gCGjk__WFsSr8rBWh9xG8hoBBY8E94k4zPVzEgb18UhN3_ghrOV30j7UVGETSkFIaQeL0oJ6KEptY_O-kjCQgdy_Ji0GH7OIQ9bqG4UjgEDUbVqC97X1s5QcHQ19rjE8RbA3sPL2zQT5qw
Token Filter pathInfo:/rest/tweets
filtered /login request: eyJhbGciOiJSUzI1NiIsImtpZCI6IjdlM2Q4MDg3NjU1ZWRkMTVjMmU0MjdiODA2ZWQ5MTM1NGRkZGU4ZDUifQ.eyJhenAiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDAyMTY2OTY4MzI0NzA0MzE1MDciLCJlbWFpbCI6Imhhcml0LnN1YnNjcmlwdGlvbnNAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJ2UHItSWR5MGc2TDlQTzZ0V1UtdFBBIiwiaXNzIjoiYWNjb3VudHMuZ29vZ2xlLmNvbSIsImlhdCI6MTQ5NDI5NjQ3MSwiZXhwIjoxNDk0MzAwMDcxLCJuYW1lIjoiSGFyaXQgSGltYW5zaHUiLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDQuZ29vZ2xldXNlcmNvbnRlbnQuY29tLy1fbFhqMk9VbVRuZy9BQUFBQUFBQUFBSS9BQUFBQUFBQUFDTS9YYU5jMTJadGV5OC9zOTYtYy9waG90by5qcGciLCJnaXZlbl9uYW1lIjoiSGFyaXQiLCJmYW1pbHlfbmFtZSI6IkhpbWFuc2h1IiwibG9jYWxlIjoiZW4ifQ.kU6tkNvfqaWrcj6UhptCHT8_JzP89wM_GdRFeqwgr3mbZCaT_k_lV3TbYbV-m_yBXQcTUe0vmxLYrpF2myJevSczK3jVTHpFM2xdQsN0Vxi9JgLIChpoKBDLQIcFyacOYq2UGXQzOq1atEjqNoXeaPEsKYk9E2coGEJZ0RQmthnJ0GtNMnZlF_djds_yV0LSOjbeWPS2gCGjk__WFsSr8rBWh9xG8hoBBY8E94k4zPVzEgb18UhN3_ghrOV30j7UVGETSkFIaQeL0oJ6KEptY_O-kjCQgdy_Ji0GH7OIQ9bqG4UjgEDUbVqC97X1s5QcHQ19rjE8RbA3sPL2zQT5q
validating:eyJhbGciOiJSUzI1NiIsImtpZCI6IjdlM2Q4MDg3NjU1ZWRkMTVjMmU0MjdiODA2ZWQ5MTM1NGRkZGU4ZDUifQ.eyJhenAiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDAyMTY2OTY4MzI0NzA0MzE1MDciLCJlbWFpbCI6Imhhcml0LnN1YnNjcmlwdGlvbnNAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJ2UHItSWR5MGc2TDlQTzZ0V1UtdFBBIiwiaXNzIjoiYWNjb3VudHMuZ29vZ2xlLmNvbSIsImlhdCI6MTQ5NDI5NjQ3MSwiZXhwIjoxNDk0MzAwMDcxLCJuYW1lIjoiSGFyaXQgSGltYW5zaHUiLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDQuZ29vZ2xldXNlcmNvbnRlbnQuY29tLy1fbFhqMk9VbVRuZy9BQUFBQUFBQUFBSS9BQUFBQUFBQUFDTS9YYU5jMTJadGV5OC9zOTYtYy9waG90by5qcGciLCJnaXZlbl9uYW1lIjoiSGFyaXQiLCJmYW1pbHlfbmFtZSI6IkhpbWFuc2h1IiwibG9jYWxlIjoiZW4ifQ.kU6tkNvfqaWrcj6UhptCHT8_JzP89wM_GdRFeqwgr3mbZCaT_k_lV3TbYbV-m_yBXQcTUe0vmxLYrpF2myJevSczK3jVTHpFM2xdQsN0Vxi9JgLIChpoKBDLQIcFyacOYq2UGXQzOq1atEjqNoXeaPEsKYk9E2coGEJZ0RQmthnJ0GtNMnZlF_djds_yV0LSOjbeWPS2gCGjk__WFsSr8rBWh9xG8hoBBY8E94k4zPVzEgb18UhN3_ghrOV30j7UVGETSkFIaQeL0oJ6KEptY_O-kjCQgdy_Ji0GH7OIQ9bqG4UjgEDUbVqC97X1s5QcHQ19rjE8RbA3sPL2zQT5q
Token Filter pathInfo:/rest/hello
filtered /login request: eyJhbGciOiJSUzI1NiIsImtpZCI6IjdlM2Q4MDg3NjU1ZWRkMTVjMmU0MjdiODA2ZWQ5MTM1NGRkZGU4ZDUifQ.eyJhenAiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDAyMTY2OTY4MzI0NzA0MzE1MDciLCJlbWFpbCI6Imhhcml0LnN1YnNjcmlwdGlvbnNAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJ3VU1RcG9DemRfYm9jaEJEMjBlYkhRIiwiaXNzIjoiYWNjb3VudHMuZ29vZ2xlLmNvbSIsImlhdCI6MTQ5NDI3Nzg2NSwiZXhwIjoxNDk0MjgxNDY1LCJuYW1lIjoiSGFyaXQgSGltYW5zaHUiLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDQuZ29vZ2xldXNlcmNvbnRlbnQuY29tLy1fbFhqMk9VbVRuZy9BQUFBQUFBQUFBSS9BQUFBQUFBQUFDTS9YYU5jMTJadGV5OC9zOTYtYy9waG90by5qcGciLCJnaXZlbl9uYW1lIjoiSGFyaXQiLCJmYW1pbHlfbmFtZSI6IkhpbWFuc2h1IiwibG9jYWxlIjoiZW4ifQ.hQSvNFuh7MBNhHjpmAT40xi43Siyz2xF6j1kQ2cvvc-sB-5wDDgHOfKJFzvktYUQrT0Vso-d9Vdq4gmLyfwGBfWEkj1dNNZIn5IE4RWG4gKYrQkT2iDDI_9d1QyqYNPmdgP_RGlszMoL4Le5s1QXMU9p-Uj39-2dIwD2ska-n3ebH7fPv1iBkCOibnbuCtadn5NqTmJ-NtJ5nRhXNyiuK3QNV83g2w17cDnZF_s2pNLHPNWaciuJpqiVOhzS_3l4OL82yYv0O7vKc8wOjwz8B8izyCh-oI3wGe7puFqrsf_Sl2WMKrm4B7pc20x3XuaKgGLdRaIXpwSS8sh8jMHiaA
validating:eyJhbGciOiJSUzI1NiIsImtpZCI6IjdlM2Q4MDg3NjU1ZWRkMTVjMmU0MjdiODA2ZWQ5MTM1NGRkZGU4ZDUifQ.eyJhenAiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiIyMDU5MzYzNDM3OTQtOWhxMzNnM3VxZHJxa3JycXEyMGZuYTBrMDZjMnU5YnAuYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDAyMTY2OTY4MzI0NzA0MzE1MDciLCJlbWFpbCI6Imhhcml0LnN1YnNjcmlwdGlvbnNAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJ3VU1RcG9DemRfYm9jaEJEMjBlYkhRIiwiaXNzIjoiYWNjb3VudHMuZ29vZ2xlLmNvbSIsImlhdCI6MTQ5NDI3Nzg2NSwiZXhwIjoxNDk0MjgxNDY1LCJuYW1lIjoiSGFyaXQgSGltYW5zaHUiLCJwaWN0dXJlIjoiaHR0cHM6Ly9saDQuZ29vZ2xldXNlcmNvbnRlbnQuY29tLy1fbFhqMk9VbVRuZy9BQUFBQUFBQUFBSS9BQUFBQUFBQUFDTS9YYU5jMTJadGV5OC9zOTYtYy9waG90by5qcGciLCJnaXZlbl9uYW1lIjoiSGFyaXQiLCJmYW1pbHlfbmFtZSI6IkhpbWFuc2h1IiwibG9jYWxlIjoiZW4ifQ.hQSvNFuh7MBNhHjpmAT40xi43Siyz2xF6j1kQ2cvvc-sB-5wDDgHOfKJFzvktYUQrT0Vso-d9Vdq4gmLyfwGBfWEkj1dNNZIn5IE4RWG4gKYrQkT2iDDI_9d1QyqYNPmdgP_RGlszMoL4Le5s1QXMU9p-Uj39-2dIwD2ska-n3ebH7fPv1iBkCOibnbuCtadn5NqTmJ-NtJ5nRhXNyiuK3QNV83g2w17cDnZF_s2pNLHPNWaciuJpqiVOhzS_3l4OL82yYv0O7vKc8wOjwz8B8izyCh-oI3wGe7puFqrsf_Sl2WMKrm4B7pc20x3XuaKgGLdRaIXpwSS8sh8jMHiaA
Author by
daydreamer
Hello Viewer, Some of the places to see my work are BonsaiiLabs My Website
Updated on June 04, 2022Comments
-
daydreamer almost 2 years
I have 2 filters as
@WebFilter(urlPatterns = "/rest/*") public class TokenFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { System.out.println("filtering /rest/* requests"); } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("Matching /rest/* request"); HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; Optional<String> userFromToken = getUserFromToken(request); if (!userFromToken.isPresent()) { response.sendError(HttpStatus.UNAUTHORIZED.value()); return; } System.out.println("filtered /rest request for " + userFromToken.get()); addAuthentication(response, userFromToken.get()); filterChain.doFilter(servletRequest, response); } @Override public void destroy() { } }
and
@WebFilter(urlPatterns = "/login") public class AppLoginFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { System.out.println("filtering /login/ requests"); } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("Matching /login/ request"); HttpServletRequest request = (HttpServletRequest) servletRequest; String idToken = ((HttpServletRequest) servletRequest).getHeader("X-ID-TOKEN"); HttpServletResponse response = (HttpServletResponse) servletResponse; System.out.println("filtered /login request: " + idToken); if (idToken != null) { final Payload payload; try { payload = GoogleTokenVerifier.verify(idToken); if (payload != null) { // TODO: 5/6/17 get this username from DB (createOrGet) final String username = "myUniqueUser"; AppTokenProviderAndAuthenticator.addAuthentication(response, username); filterChain.doFilter(servletRequest, response); return; } } catch (GeneralSecurityException | InvalidTokenException e) { // This is not a valid token, we will send HTTP 401 back } } ((HttpServletResponse) servletResponse).sendError(HttpServletResponse.SC_UNAUTHORIZED); } @Override public void destroy() { } }
and my
Application
asimport org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.web.servlet.ServletComponentScan; @ServletComponentScan @SpringBootApplication public class ServerApplication { public static void main(String[] args) { SpringApplication.run(ServerApplication.class, args); } }
When I start my application, I see following in log
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \ ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \ \\/ ___)| |_)| | | | | || (_| | ) ) ) ) ' |____| .__|_| |_|_| |_\__, | / / / / =========|_|==============|___/=/_/_/_/ :: Spring Boot :: (v1.5.3.RELEASE) 2017-05-09 13:28:40.841 INFO 80936 --- [ restartedMain] com.hhimanshu.secure.ServerApplication : Starting ServerApplication on HHimanshu-MBR64.local with PID 80936 (/Users/Harit.Himanshu/IdeaProjects/q2/server/target/classes started by Harit.Himanshu in /Users/Harit.Himanshu/IdeaProjects/q2/server) 2017-05-09 13:28:40.841 INFO 80936 --- [ restartedMain] com.hhimanshu.secure.ServerApplication : No active profile set, falling back to default profiles: default 2017-05-09 13:28:40.887 INFO 80936 --- [ restartedMain] ationConfigEmbeddedWebApplicationContext : Refreshing org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@4e0339c5: startup date [Tue May 09 13:28:40 NZST 2017]; root of context hierarchy 2017-05-09 13:28:41.787 INFO 80936 --- [ restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat initialized with port(s): 8080 (http) 2017-05-09 13:28:41.793 INFO 80936 --- [ restartedMain] o.apache.catalina.core.StandardService : Starting service Tomcat 2017-05-09 13:28:41.794 INFO 80936 --- [ restartedMain] org.apache.catalina.core.StandardEngine : Starting Servlet Engine: Apache Tomcat/8.5.14 2017-05-09 13:28:41.838 INFO 80936 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext 2017-05-09 13:28:41.838 INFO 80936 --- [ost-startStop-1] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 954 ms 2017-05-09 13:28:41.931 INFO 80936 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'characterEncodingFilter' to: [/*] 2017-05-09 13:28:41.931 INFO 80936 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'hiddenHttpMethodFilter' to: [/*] 2017-05-09 13:28:41.931 INFO 80936 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'httpPutFormContentFilter' to: [/*] 2017-05-09 13:28:41.931 INFO 80936 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'requestContextFilter' to: [/*] 2017-05-09 13:28:41.932 INFO 80936 --- [ost-startStop-1] .s.DelegatingFilterProxyRegistrationBean : Mapping filter: 'springSecurityFilterChain' to: [/*] 2017-05-09 13:28:41.932 INFO 80936 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'com.hhimanshu.secure.auth.filters.AppLoginFilter' to urls: [/login] 2017-05-09 13:28:41.932 INFO 80936 --- [ost-startStop-1] o.s.b.w.servlet.FilterRegistrationBean : Mapping filter: 'com.hhimanshu.secure.auth.filters.TokenFilter' to urls: [/rest/*] 2017-05-09 13:28:41.932 INFO 80936 --- [ost-startStop-1] o.s.b.w.servlet.ServletRegistrationBean : Mapping servlet: 'dispatcherServlet' to [/] filtering /login/ requests filtering /rest/* requests 2017-05-09 13:28:42.089 INFO 80936 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerAdapter : Looking for @ControllerAdvice: org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebApplicationContext@4e0339c5: startup date [Tue May 09 13:28:40 NZST 2017]; root of context hierarchy 2017-05-09 13:28:42.120 INFO 80936 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/rest/hello],methods=[GET]}" onto public java.lang.String com.hhimanshu.secure.api.HelloWorld.sayHello() 2017-05-09 13:28:42.120 INFO 80936 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/login],methods=[POST]}" onto public void com.hhimanshu.secure.api.Login.authenticate() 2017-05-09 13:28:42.123 INFO 80936 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error]}" onto public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest) 2017-05-09 13:28:42.123 INFO 80936 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped "{[/error],produces=[text/html]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.boot.autoconfigure.web.BasicErrorController.errorHtml(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse) 2017-05-09 13:28:42.141 INFO 80936 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/webjars/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler] 2017-05-09 13:28:42.142 INFO 80936 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/**] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler] 2017-05-09 13:28:42.164 INFO 80936 --- [ restartedMain] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped URL path [/**/favicon.ico] onto handler of type [class org.springframework.web.servlet.resource.ResourceHttpRequestHandler] 2017-05-09 13:28:42.175 INFO 80936 --- [ restartedMain] oConfiguration$WelcomePageHandlerMapping : Adding welcome page: class path resource [static/index.html] 2017-05-09 13:28:42.278 INFO 80936 --- [ restartedMain] b.a.s.AuthenticationManagerConfiguration : Using default security password: d1915adb-5af3-48a2-b716-a87141be0fed 2017-05-09 13:28:42.305 INFO 80936 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/css/**'], Ant [pattern='/js/**'], Ant [pattern='/images/**'], Ant [pattern='/webjars/**'], Ant [pattern='/**/favicon.ico'], Ant [pattern='/error']]], [] 2017-05-09 13:28:42.349 INFO 80936 --- [ restartedMain] o.s.s.web.DefaultSecurityFilterChain : Creating filter chain: OrRequestMatcher [requestMatchers=[Ant [pattern='/**']]], [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@1142b9af, org.springframework.security.web.context.SecurityContextPersistenceFilter@23f70e9, org.springframework.security.web.header.HeaderWriterFilter@476d93e7, org.springframework.security.web.authentication.logout.LogoutFilter@5e7064a4, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@605326d1, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@4a058da6, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@4b32f03e, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@3a8a09e6, org.springframework.security.web.session.SessionManagementFilter@6a816ad4, org.springframework.security.web.access.ExceptionTranslationFilter@2ab3c6b5, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@474d7d8f] 2017-05-09 13:28:42.389 INFO 80936 --- [ restartedMain] o.s.b.d.a.OptionalLiveReloadServer : LiveReload server is running on port 35729 2017-05-09 13:28:42.425 INFO 80936 --- [ restartedMain] o.s.j.e.a.AnnotationMBeanExporter : Registering beans for JMX exposure on startup 2017-05-09 13:28:42.464 INFO 80936 --- [ restartedMain] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (http) 2017-05-09 13:28:42.468 INFO 80936 --- [ restartedMain] com.hhimanshu.secure.ServerApplication : Started ServerApplication in 1.779 seconds (JVM running for 2.088) 2017-05-09 13:28:47.546 INFO 80936 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring FrameworkServlet 'dispatcherServlet' 2017-05-09 13:28:47.546 INFO 80936 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization started 2017-05-09 13:28:47.556 INFO 80936 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : FrameworkServlet 'dispatcherServlet': initialization completed in 10 ms
So the beans are registered, however, when I hit the URL
curl -v -H "Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJteVVuaXF1ZVVzZXIiLCJleHAiOjE0OTUwMDA3NjV9.B4Ax_BIkrW044rwVnN-qvLcT9r0JzP4VCECjExp3yTFqv4STNmEiG4LNBHU-BXjAOSgt9xuLV7LhVXPKLYApbQ" http://localhost:8080/rest/hello * Trying ::1... * Connected to localhost (::1) port 8080 (#0) > GET /rest/hello HTTP/1.1 > Host: localhost:8080 > User-Agent: curl/7.43.0 > Accept: */* > Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJteVVuaXF1ZVVzZXIiLCJleHAiOjE0OTUwMDA3NjV9.B4Ax_BIkrW044rwVnN-qvLcT9r0JzP4VCECjExp3yTFqv4STNmEiG4LNBHU-BXjAOSgt9xuLV7LhVXPKLYApbQ > < HTTP/1.1 401 < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Cache-Control: no-cache, no-store, max-age=0, must-revalidate < Pragma: no-cache < Expires: 0 < X-Frame-Options: DENY < Strict-Transport-Security: max-age=31536000 ; includeSubDomains < WWW-Authenticate: Basic realm="Spring" < Content-Type: application/json;charset=UTF-8 < Transfer-Encoding: chunked < Date: Tue, 09 May 2017 01:28:47 GMT < * Connection #0 to host localhost left intact {"timestamp":1494293327580,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/rest/hello"}
they are not intercepted by
/rest/*
pattern as described inTokenFilter
.Also, my static resources are filtered behind the authentication (which I do not want)
✗ curl -v http://localhost:8080/ * Trying ::1... * Connected to localhost (::1) port 8080 (#0) > GET / HTTP/1.1 > Host: localhost:8080 > User-Agent: curl/7.43.0 > Accept: */* > < HTTP/1.1 401 < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < Cache-Control: no-cache, no-store, max-age=0, must-revalidate < Pragma: no-cache < Expires: 0 < X-Frame-Options: DENY < Strict-Transport-Security: max-age=31536000 ; includeSubDomains < WWW-Authenticate: Basic realm="Spring" < Content-Type: application/json;charset=UTF-8 < Transfer-Encoding: chunked < Date: Tue, 09 May 2017 01:28:54 GMT < * Connection #0 to host localhost left intact {"timestamp":1494293334189,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/"}% ➜ server git:(jwt) ✗
Where did I made the mistake?
-
Soheil Rahsaz about 4 yearsWhen I do this and deploy it on external tomcat it says: one or more filters failed to start. could you help me?
-
Mohammad Awwaad almost 4 yearsYou shouldn't annotate RestFilter with @Component sence you are going to register it manually.