Examples of org.geoserver.security.config.RoleFilterConfig

• org.geoserver.security.config.RoleFilterConfig
  Configuration for {@link GeoServerRoleFilter} @author mcr

    @Override
    public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException {
        super.initializeFromConfig(config);
        RoleFilterConfig roleConfig = (RoleFilterConfig) config;

        headerAttribute = roleConfig.getHttpResponseHeaderAttrForIncludedRoles();
        // TODO, Justin, is this ok ?
        String converterName = roleConfig.getRoleConverterName();
        if (converterName==null || converterName.length()==0)
            converter = GeoServerExtensions.bean(GeoServerRoleConverter.class);
        else
            converter = (GeoServerRoleConverter)
                GeoServerExtensions.bean(converterName);

                LOGGER.warning(oldSecManagerConfig.getCanonicalPath()+" could be removed manually");
            return false; // already migrated
        }

        // add role filter
        RoleFilterConfig rfConfig= new RoleFilterConfig();
        rfConfig.setClassName(GeoServerRoleFilter.class.getName());
        rfConfig.setName(filterName);
        rfConfig.setHttpResponseHeaderAttrForIncludedRoles(GeoServerRoleFilter.DEFAULT_HEADER_ATTRIBUTE);
        rfConfig.setRoleConverterName(GeoServerRoleFilter.DEFAULT_ROLE_CONVERTER);
        saveFilter(rfConfig);

        // add ssl filter
        SSLFilterConfig sslConfig= new SSLFilterConfig();
        sslConfig.setClassName(GeoServerSSLFilter.class.getName());

        validator.validateFilterConfig(config);
    }

    @Test
    public void testRoleFilterConfigValidation() throws Exception{
        RoleFilterConfig config = new RoleFilterConfig();
        config.setClassName(GeoServerRoleFilter.class.getName());
        config.setName("testRoleFilter");

        GeoServerSecurityManager secMgr = getSecurityManager();
        FilterConfigValidator validator = new FilterConfigValidator(secMgr);
        try {
            validator.validateFilterConfig(config);
            fail("no header attribute should fail");
        } catch (FilterConfigException ex){
            assertEquals(FilterConfigException.HEADER_ATTRIBUTE_NAME_REQUIRED,ex.getId());
            assertEquals(0,ex.getArgs().length);
        }
        config.setHttpResponseHeaderAttrForIncludedRoles("roles");
        config.setRoleConverterName("unknown");

        try {
            validator.validateFilterConfig(config);
            fail("unkonwn role converter should fail");
        } catch (FilterConfigException ex){
            assertEquals(FilterConfigException.UNKNOWN_ROLE_CONVERTER,ex.getId());
            assertEquals(1,ex.getArgs().length);
            assertEquals("unknown",ex.getArgs()[0]);
        }

        config.setRoleConverterName(null);
        validator.validateFilterConfig(config);
    }

        assertTrue(oldLogoutFilterConfig.exists());

        File oldSecManagerConfig = new File(getSecurityManager().getSecurityRoot(), "config.xml.2.2.x");
        assertTrue(oldSecManagerConfig.exists());

        RoleFilterConfig rfConfig = (RoleFilterConfig)
                getSecurityManager().loadFilterConfig(GeoServerSecurityFilterChain.ROLE_FILTER);

        assertNotNull (rfConfig);

        SSLFilterConfig sslConfig = (SSLFilterConfig)

    @Test
    public void testFilterChainWithEnabled() throws Exception {

        GeoServerSecurityManager secMgr = getSecurityManager();
        RoleFilterConfig config = new RoleFilterConfig();
        config.setName("roleConverter");
        config.setClassName(GeoServerRoleFilter.class.getName());
        config.setRoleConverterName("roleConverter");
        config.setHttpResponseHeaderAttrForIncludedRoles("ROLES");
        secMgr.saveFilter(config);


        MockHttpServletRequest request = createRequest("/foo");