[New] AuthenicationRequestFilter now allows overriding of paths
This is needed to be able to add project specific unsecured paths which should be allowed to be accessed without being authenticated
This commit is contained in:
parent
3474d9c890
commit
249ba41944
|
@ -18,6 +18,7 @@ package li.strolch.rest.filters;
|
||||||
import static li.strolch.rest.StrolchRestfulConstants.STROLCH_CERTIFICATE;
|
import static li.strolch.rest.StrolchRestfulConstants.STROLCH_CERTIFICATE;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import javax.ws.rs.container.ContainerRequestContext;
|
import javax.ws.rs.container.ContainerRequestContext;
|
||||||
|
@ -46,13 +47,17 @@ public class AuthenicationRequestFilter implements ContainerRequestFilter {
|
||||||
|
|
||||||
private static final Logger logger = LoggerFactory.getLogger(AuthenicationRequestFilter.class);
|
private static final Logger logger = LoggerFactory.getLogger(AuthenicationRequestFilter.class);
|
||||||
|
|
||||||
|
protected List<String> getUnsecuredPaths() {
|
||||||
|
return Arrays.asList("strolch/authentication");
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void filter(ContainerRequestContext requestContext) throws IOException {
|
public void filter(ContainerRequestContext requestContext) throws IOException {
|
||||||
|
|
||||||
List<String> matchedURIs = requestContext.getUriInfo().getMatchedURIs();
|
List<String> matchedURIs = requestContext.getUriInfo().getMatchedURIs();
|
||||||
|
|
||||||
// we allow unauthorized access to the authentication service
|
// we allow unauthorized access to the authentication service
|
||||||
if (matchedURIs.contains("strolch/authentication")) {
|
if (matchedURIs.stream().anyMatch(s -> getUnsecuredPaths().contains(s))) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue