Examples of ExceptionTranslationFilterConfig

• org.geoserver.security.config.ExceptionTranslationFilterConfig
  {@link GeoServerExceptionTranslationFilter} configuration object.

  The property {@link #authenticationFilterName} is the name of an authentication filter providing the {@link AuthenticationEntryPoint} object. The entry point is needed in the case of of a {@link AuthenticationException}.

  IMPORTANT: if no authentication entry point is given, {@link GeoServerExceptionTranslationFilter}uses the entry point found in the servlet request attribute {@link GeoServerSecurityFilter#AUTHENTICATION_ENTRY_POINT_HEADER}

  The property {@link #accessDeniedErrorPage} is optional and needed in case of an {@link AccessDeniedException}. Geoserver default is /accessDenied.jsp

  @author christian

Examples of org.geoserver.security.config.ExceptionTranslationFilterConfig

    @Override
    public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException {
        super.initializeFromConfig(config);

        ExceptionTranslationFilterConfig authConfig =
                (ExceptionTranslationFilterConfig) config;

        DynamicAuthenticationEntryPoint ep = new DynamicAuthenticationEntryPoint();

        if (StringUtils.hasLength(authConfig.getAuthenticationFilterName())) {
            GeoServerSecurityFilter authFilter = getSecurityManager().loadFilter(authConfig.getAuthenticationFilterName());
            ep.setEntryEntryPoint(authFilter.getAuthenticationEntryPoint());
        }

        HttpSessionRequestCache cache = new HttpSessionRequestCache();
        cache.setCreateSessionAllowed(false);
        ExceptionTranslationFilter filter = new ExceptionTranslationFilter(ep,cache);

        AccessDeniedHandlerImpl accessDeniedHandler = new AccessDeniedHandlerImpl();

        if (StringUtils.hasLength(authConfig.getAccessDeniedErrorPage())) {
            // check if page exists
            if (GeoServerExtensions.file(authConfig.getAccessDeniedErrorPage())!=null)
                accessDeniedHandler.setErrorPage(authConfig.getAccessDeniedErrorPage());
            else
                LOGGER.warning("Cannot find: "+ authConfig.getAccessDeniedErrorPage());
        }

        filter.setAccessDeniedHandler(accessDeniedHandler);

        filter.afterPropertiesSet();

Examples of org.geoserver.security.config.ExceptionTranslationFilterConfig

            saveFilter(loConfig);
        }
        filterName = GeoServerSecurityFilterChain.DYNAMIC_EXCEPTION_TRANSLATION_FILTER;
        filter = loadFilter(filterName);
        if (filter==null) {
            ExceptionTranslationFilterConfig bfConfig= new ExceptionTranslationFilterConfig();
            bfConfig.setClassName(GeoServerExceptionTranslationFilter.class.getName());
            bfConfig.setName(filterName);
            bfConfig.setAuthenticationFilterName(null);
            bfConfig.setAccessDeniedErrorPage("/accessDenied.jsp");
            saveFilter(bfConfig);
        }
        filterName = GeoServerSecurityFilterChain.GUI_EXCEPTION_TRANSLATION_FILTER;
        filter = loadFilter(filterName);
        if (filter==null) {
            ExceptionTranslationFilterConfig bfConfig= new ExceptionTranslationFilterConfig();
            bfConfig.setClassName(GeoServerExceptionTranslationFilter.class.getName());
            bfConfig.setName(filterName);
            bfConfig.setAuthenticationFilterName(GeoServerSecurityFilterChain.FORM_LOGIN_FILTER);
            bfConfig.setAccessDeniedErrorPage("/accessDenied.jsp");
            saveFilter(bfConfig);
        }

Examples of org.geoserver.security.config.ExceptionTranslationFilterConfig

     *
     * @throws Exception
     */
    void removeErroneousAccessDeniedPage() throws Exception {

        ExceptionTranslationFilterConfig config =
                (ExceptionTranslationFilterConfig) loadFilterConfig(GeoServerSecurityFilterChain.DYNAMIC_EXCEPTION_TRANSLATION_FILTER);
        if (config!=null && "/accessDenied.jsp".equals(config.getAccessDeniedErrorPage())) {
            config.setAccessDeniedErrorPage(null);
            saveFilter(config);
        }

         config =
                (ExceptionTranslationFilterConfig) loadFilterConfig(GeoServerSecurityFilterChain.GUI_EXCEPTION_TRANSLATION_FILTER);
        if (config!=null && "/accessDenied.jsp".equals(config.getAccessDeniedErrorPage())) {
            config.setAccessDeniedErrorPage(null);
            saveFilter(config);
        }

    }

Examples of org.geoserver.security.config.ExceptionTranslationFilterConfig

    }

    @Test
    public void testExceptionTranslationFilterConfigValidation() throws Exception{
        ExceptionTranslationFilterConfig config = new ExceptionTranslationFilterConfig();
        config.setClassName(GeoServerExceptionTranslationFilter.class.getName());
        config.setName("testEx");

        FilterConfigValidator validator = new FilterConfigValidator(getSecurityManager());
        config.setAuthenticationFilterName("unknown");

        try {
            validator.validateFilterConfig(config);
            fail("invalid entry point should fail");
        } catch (FilterConfigException ex){
            assertEquals(FilterConfigException.INVALID_ENTRY_POINT,ex.getId());
            assertEquals(1,ex.getArgs().length);
            assertEquals("unknown",ex.getArgs()[0]);
        }

        config.setAuthenticationFilterName(GeoServerSecurityFilterChain.FILTER_SECURITY_INTERCEPTOR);

        try {
            validator.validateFilterConfig(config);
            fail("no auth entry point should fail");
        } catch (FilterConfigException ex){
            assertEquals(FilterConfigException.NO_AUTH_ENTRY_POINT,ex.getId());
            assertEquals(1,ex.getArgs().length);
            assertEquals(GeoServerSecurityFilterChain.FILTER_SECURITY_INTERCEPTOR,ex.getArgs()[0]);
        }

        config.setAuthenticationFilterName(null);
        validator.validateFilterConfig(config);
    }