From 249ba419444fab92ea15fca49cc0283d022aed58 Mon Sep 17 00:00:00 2001 From: Robert von Burg Date: Sat, 20 Aug 2016 13:38:12 +0200 Subject: [PATCH] [New] AuthenicationRequestFilter now allows overriding of paths This is needed to be able to add project specific unsecured paths which should be allowed to be accessed without being authenticated --- .../strolch/rest/filters/AuthenicationRequestFilter.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java b/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java index 546df349f..86978c089 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/filters/AuthenicationRequestFilter.java @@ -18,6 +18,7 @@ package li.strolch.rest.filters; import static li.strolch.rest.StrolchRestfulConstants.STROLCH_CERTIFICATE; import java.io.IOException; +import java.util.Arrays; import java.util.List; import javax.ws.rs.container.ContainerRequestContext; @@ -46,13 +47,17 @@ public class AuthenicationRequestFilter implements ContainerRequestFilter { private static final Logger logger = LoggerFactory.getLogger(AuthenicationRequestFilter.class); + protected List getUnsecuredPaths() { + return Arrays.asList("strolch/authentication"); + } + @Override public void filter(ContainerRequestContext requestContext) throws IOException { List matchedURIs = requestContext.getUriInfo().getMatchedURIs(); // we allow unauthorized access to the authentication service - if (matchedURIs.contains("strolch/authentication")) { + if (matchedURIs.stream().anyMatch(s -> getUnsecuredPaths().contains(s))) { return; }