1 package com.atlassian.refapp.auth.internal;
2
3 import com.atlassian.seraph.auth.AuthenticationContext;
4 import com.atlassian.seraph.config.SecurityConfig;
5
6 import javax.servlet.Filter;
7 import javax.servlet.FilterChain;
8 import javax.servlet.FilterConfig;
9 import javax.servlet.ServletException;
10 import javax.servlet.ServletRequest;
11 import javax.servlet.ServletResponse;
12 import java.io.IOException;
13
14 public class AuthenticationContextCopyFilter implements Filter {
15 private final AuthenticationContext authenticationContext;
16 private SecurityConfig securityConfig;
17 private final ThreadLocal<Integer> entryCount = new ThreadLocal<Integer>();
18
19 public AuthenticationContextCopyFilter(AuthenticationContext authenticationContext) {
20 this.authenticationContext = authenticationContext;
21 }
22
23 public void init(FilterConfig filterConfig) throws ServletException {
24 securityConfig = (SecurityConfig) filterConfig.getServletContext().getAttribute(SecurityConfig.STORAGE_KEY);
25 if (securityConfig == null) {
26 throw new ServletException("No SecurityConfig found in servlet context!");
27 }
28 }
29
30 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
31 authenticationContext.setUser(securityConfig.getAuthenticationContext().getUser());
32 entryCount.set(entryCount.get() == null ? 1 : entryCount.get() + 1);
33 try {
34 chain.doFilter(request, response);
35 } finally {
36 entryCount.set(entryCount.get() - 1);
37 if (entryCount.get() == 0) {
38 authenticationContext.clearUser();
39 }
40 }
41 }
42
43 public void destroy() {
44 }
45 }