ShibbolethAuthenticationFilter.java

/*
 * +====================================================================+
 * |         Copyright (C) 2015 Rochester Institute of Technology,      |
 * |            103 Lomb Memorial Drive, Rochester, NY - 14623          |
 * |                        All Rights Reserved.                        |
 * +====================================================================+
 *   FILENAME
 *    ShibbolethAuthenticationFilter.java
 *
 *   AUTHOR
 *    @author Khanh Ho (kchisd at rit.edu)
 *
 * =====================================================================
 */

package edu.rit.coopeval.security.sso;

import javax.servlet.http.HttpServletRequest;

import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

public class ShibbolethAuthenticationFilter extends RequestHeaderAuthenticationFilter {

    private String shibPath = "/auth";

    public ShibbolethAuthenticationFilter() {
        super();
        setExceptionIfHeaderMissing(false);
        setPrincipalRequestHeader("uid");
    }

    @Override
    protected Object getPreAuthenticatedPrincipal(HttpServletRequest request) {
        AntPathRequestMatcher matcher = new AntPathRequestMatcher(shibPath);
        if (matcher.matches(request)) {
            logger.debug("Getting request headers on Shibboleth-protected path");
            return super.getPreAuthenticatedPrincipal(request);
        }
        return SecurityContextHolder.getContext().getAuthentication();
    }

    public String getShibPath() {
        return shibPath;
    }

    public void setShibPath(String path) {
        shibPath = path;
    }
}