Created
April 19, 2017 09:26
-
-
Save andreybpanfilov/4cf0bb9ebdb88599bb58583815c7678c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.emc.documentum.fs.cmis.impl.dfs.auth; | |
import java.util.Arrays; | |
import com.emc.documentum.fs.cmis.impl.dfs.utils.PreferenceUtils; | |
import com.emc.documentum.fs.cmis.impl.logging.CmisLogger; | |
import com.emc.documentum.fs.cmis.impl.logging.ICmisLogger; | |
import com.emc.documentum.fs.datamodel.core.context.Identity; | |
import com.emc.documentum.fs.datamodel.core.context.ServiceContext; | |
import com.emc.documentum.fs.rt.context.IServiceContext; | |
import com.emc.documentum.fs.rt.context.impl.LocalContextRegistry; | |
import com.emc.documentum.fs.rt.context.impl.ServiceContextAdapter; | |
import com.emc.documentum.fs.rt.context.impl.SessionManagerFactory; | |
import com.emc.documentum.fs.rt.context.impl.ThreadLocalContextStorage; | |
public enum DfsContextRegistry { | |
INSTANCE; | |
private static final ICmisLogger LOG = CmisLogger.getLogger(DfsContextRegistry.class); | |
private DfsContextRegistry() { | |
int cacheSize = PreferenceUtils.getServiceTokenCacheSize(); | |
int cacheExpired = PreferenceUtils.getServiceTokenCacheExpirationInSeconds(); | |
} | |
public void registerIdentity(Identity[] identities) { | |
if ((identities != null) && (identities.length > 0)) { | |
ServiceContextAdapter contextAdapter = createContextAndRegister(identities[0]); | |
contextAdapter.getIdentityList().clear(); | |
contextAdapter.getIdentityList().addAll(Arrays.asList(identities)); | |
ThreadLocalContextStorage.set(contextAdapter); | |
} | |
} | |
private ServiceContextAdapter createContextAndRegister(Identity identity) { | |
ServiceContextAdapter contextAdapter = new ServiceContextAdapter(); | |
contextAdapter.addIdentity(identity); | |
LocalContextRegistry contextRegistry = LocalContextRegistry.getInstance(); | |
String token = contextRegistry.register(contextAdapter.getConsolidatedContext(), "localhost"); | |
return contextAdapter; | |
} | |
public void cleanup(IServiceContext serviceContext) { | |
if (!(serviceContext instanceof ServiceContextAdapter)) { | |
return; | |
} | |
LocalContextRegistry contextRegistry = LocalContextRegistry.getInstance(); | |
SessionManagerFactory sessionManagerFactory = SessionManagerFactory.getInstance(); | |
ServiceContextAdapter contextAdapter = (ServiceContextAdapter) serviceContext; | |
ServiceContext context = contextAdapter.getConsolidatedContext(); | |
if (context != null) { | |
String token = context.getToken(); | |
if (token != null) { | |
contextRegistry.unregister(token); | |
} | |
} | |
context = contextAdapter.getDeltaContext(); | |
if (context != null) { | |
String token = context.getToken(); | |
if (token != null) { | |
sessionManagerFactory.removeSessionManager(token); | |
} | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.emc.documentum.fs.cmis.rs.impl.provider.auth; | |
import java.security.Principal; | |
import com.emc.documentum.fs.cmis.impl.dfs.auth.DfsContextRegistry; | |
import com.emc.documentum.fs.datamodel.core.context.Identity; | |
import com.emc.documentum.fs.datamodel.core.context.PrincipalIdentity; | |
import com.emc.documentum.fs.datamodel.core.context.RepositoryIdentity; | |
import com.emc.documentum.fs.rt.context.IServiceContext; | |
import com.emc.documentum.fs.rt.context.impl.ThreadLocalContextStorage; | |
import com.sun.jersey.spi.container.ContainerRequest; | |
import com.sun.jersey.spi.container.ContainerRequestFilter; | |
import com.sun.jersey.spi.container.ContainerResponse; | |
import com.sun.jersey.spi.container.ContainerResponseFilter; | |
public final class ServiceContextFilter implements ContainerRequestFilter, ContainerResponseFilter { | |
public ContainerRequest filter(ContainerRequest request) { | |
Principal principal = request.getUserPrincipal(); | |
if ((principal instanceof UsernamePasswordPrincipal)) { | |
RepositoryIdentity identity = new RepositoryIdentity(); | |
identity.setRepositoryName("*"); | |
identity.setUserName(principal.getName()); | |
identity.setPassword(((UsernamePasswordPrincipal) principal).getPassword()); | |
DfsContextRegistry.INSTANCE.registerIdentity(new Identity[] { identity }); | |
} else if (isTrusted(request)) { | |
PrincipalIdentity identity = new PrincipalIdentity(principal.getName()); | |
DfsContextRegistry.INSTANCE.registerIdentity(new Identity[] { identity }); | |
} | |
return request; | |
} | |
private boolean isTrusted(ContainerRequest request) { | |
return request.getUserPrincipal() != null; | |
} | |
public ContainerResponse filter(ContainerRequest request, ContainerResponse response) { | |
try { | |
IServiceContext serviceContext = ThreadLocalContextStorage.get(); | |
DfsContextRegistry.INSTANCE.cleanup(serviceContext); | |
} finally { | |
ThreadLocalContextStorage.set(null); | |
} | |
return response; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment