[Lada-commits] [PATCH 2 of 3] Add option to completely disable the openIDFilter
Wald Commits
scm-commit at wald.intevation.org
Fri Mar 13 15:20:38 CET 2015
# HG changeset patch
# User Andre Heinecke <andre.heinecke at intevation.de>
# Date 1426256405 -3600
# Branch openid
# Node ID 81cdf448d2cfb1e8c2745c998f392bf0c82edd32
# Parent 2b7c7f3e51b716fb6ca2f38db62858cff9a607ba
Add option to completely disable the openIDFilter
diff -r 2b7c7f3e51b7 -r 81cdf448d2cf src/main/java/de/intevation/lada/util/auth/OpenIDFilter.java
--- a/src/main/java/de/intevation/lada/util/auth/OpenIDFilter.java Fri Mar 13 14:26:52 2015 +0100
+++ b/src/main/java/de/intevation/lada/util/auth/OpenIDFilter.java Fri Mar 13 15:20:05 2015 +0100
@@ -66,6 +66,8 @@
private static final int SESSION_TIMEOUT_DEFAULT_MINUTES = 60;
private int sessionTimeout;
+ private boolean enabled;
+
private static Logger logger = Logger.getLogger(OpenIDFilter.class);
/** Nonce verifier to allow a session based on openid information.
@@ -246,6 +248,8 @@
oidHeader = properties.getProperty("oidHeader", OID_HEADER_DEFAULT);
providerUrl = properties.getProperty("identity_provider",
IDENTITY_PROVIDER_DEFAULT);
+ enabled = !properties.getProperty("enabled",
+ "true").toLowerCase().equals("false");
manager = new ConsumerManager();
/* We probably want to implement our own association store to keep
@@ -260,6 +264,13 @@
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException
{
+ if (!enabled) {
+ /* If we are not enabled we pass everything through */
+ logger.debug("OpenID filter disabled. Passing through.");
+ chain.doFilter(req, resp);
+ return;
+ }
+
HttpServletRequest hReq = (HttpServletRequest) req;
HttpServletResponse hResp = (HttpServletResponse) resp;
if (!discoveryDone) {
diff -r 2b7c7f3e51b7 -r 81cdf448d2cf src/main/resources/openid.properties
--- a/src/main/resources/openid.properties Fri Mar 13 14:26:52 2015 +0100
+++ b/src/main/resources/openid.properties Fri Mar 13 15:20:05 2015 +0100
@@ -7,3 +7,8 @@
# Session timeout in minutes
session_timeout_minutes=60
+
+# Set this to false to disable the openID filter altogether
+# doing this will disable authentication and authorization
+# completely. Use this only for testing!
+enabled=true
More information about the Lada-commits
mailing list