boudhayan-dev/FilterChainProxy.java

## FilterChainProxy.java
// 1. FilterChainProxy -> doFilter Method

private void doFilterInternal(ServletRequest request, ServletResponse response, FilterChain chain)
    throws IOException, ServletException {
  FirewalledRequest firewallRequest = this.firewall.getFirewalledRequest((HttpServletRequest) request);
  HttpServletResponse firewallResponse = this.firewall.getFirewalledResponse((HttpServletResponse) response);
  List<Filter> filters = getFilters(firewallRequest);
  if (filters == null || filters.size() == 0) {
    if (logger.isTraceEnabled()) {
      logger.trace(LogMessage.of(() -> "No security for " + requestLine(firewallRequest)));
    }
    firewallRequest.reset();
    chain.doFilter(firewallRequest, firewallResponse);
    return;
  }
  if (logger.isDebugEnabled()) {
    logger.debug(LogMessage.of(() -> "Securing " + requestLine(firewallRequest)));
  }
  VirtualFilterChain virtualFilterChain = new VirtualFilterChain(firewallRequest, chain, filters);
  virtualFilterChain.doFilter(firewallRequest, firewallResponse);
}


// 2. How are the list of filters resolved ??
// All the configured securityFilterChains are checked for request matching (Default -> AntPathRequestMatcher)

private List<Filter> getFilters(HttpServletRequest request) {
int count = 0;
for (SecurityFilterChain chain : this.filterChains) {
  if (logger.isTraceEnabled()) {
    logger.trace(LogMessage.format("Trying to match request against %s (%d/%d)", chain, ++count,
        this.filterChains.size()));
  }
  if (chain.matches(request)) {
    return chain.getFilters();
  }
}
return null;
}


// 3. Finally, how are the filters invoked ?
// Via a Virtual Filter Chain which traverses through the list of filters returned from a
// particular SecurityFilterChain and invokes their doFilter() method

@Override
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
  if (this.currentPosition == this.size) {
    if (logger.isDebugEnabled()) {
      logger.debug(LogMessage.of(() -> "Secured " + requestLine(this.firewalledRequest)));
    }
    // Deactivate path stripping as we exit the security filter chain
    this.firewalledRequest.reset();
    this.originalChain.doFilter(request, response);
    return;
  }
  this.currentPosition++;
  Filter nextFilter = this.additionalFilters.get(this.currentPosition - 1);
  if (logger.isTraceEnabled()) {
    logger.trace(LogMessage.format("Invoking %s (%d/%d)", nextFilter.getClass().getSimpleName(),
        this.currentPosition, this.size));
  }
  nextFilter.doFilter(request, response, this);
}
	// 1. FilterChainProxy -> doFilter Method

	private void doFilterInternal(ServletRequest request, ServletResponse response, FilterChain chain)
	throws IOException, ServletException {
	FirewalledRequest firewallRequest = this.firewall.getFirewalledRequest((HttpServletRequest) request);
	HttpServletResponse firewallResponse = this.firewall.getFirewalledResponse((HttpServletResponse) response);
	List<Filter> filters = getFilters(firewallRequest);
	if (filters == null \|\| filters.size() == 0) {
	if (logger.isTraceEnabled()) {
	logger.trace(LogMessage.of(() -> "No security for " + requestLine(firewallRequest)));
	}
	firewallRequest.reset();
	chain.doFilter(firewallRequest, firewallResponse);
	return;
	}
	if (logger.isDebugEnabled()) {
	logger.debug(LogMessage.of(() -> "Securing " + requestLine(firewallRequest)));
	}
	VirtualFilterChain virtualFilterChain = new VirtualFilterChain(firewallRequest, chain, filters);
	virtualFilterChain.doFilter(firewallRequest, firewallResponse);
	}


	// 2. How are the list of filters resolved ??
	// All the configured securityFilterChains are checked for request matching (Default -> AntPathRequestMatcher)

	private List<Filter> getFilters(HttpServletRequest request) {
	int count = 0;
	for (SecurityFilterChain chain : this.filterChains) {
	if (logger.isTraceEnabled()) {
	logger.trace(LogMessage.format("Trying to match request against %s (%d/%d)", chain, ++count,
	this.filterChains.size()));
	}
	if (chain.matches(request)) {
	return chain.getFilters();
	}
	}
	return null;
	}


	// 3. Finally, how are the filters invoked ?
	// Via a Virtual Filter Chain which traverses through the list of filters returned from a
	// particular SecurityFilterChain and invokes their doFilter() method

	@Override
	public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
	if (this.currentPosition == this.size) {
	if (logger.isDebugEnabled()) {
	logger.debug(LogMessage.of(() -> "Secured " + requestLine(this.firewalledRequest)));
	}
	// Deactivate path stripping as we exit the security filter chain
	this.firewalledRequest.reset();
	this.originalChain.doFilter(request, response);
	return;
	}
	this.currentPosition++;
	Filter nextFilter = this.additionalFilters.get(this.currentPosition - 1);
	if (logger.isTraceEnabled()) {
	logger.trace(LogMessage.format("Invoking %s (%d/%d)", nextFilter.getClass().getSimpleName(),
	this.currentPosition, this.size));
	}
	nextFilter.doFilter(request, response, this);
	}