Link to home
Start Free TrialLog in
Avatar of deongee
deongeeFlag for United States of America

asked on

How to get LDAP userid through Java using doFilter FilterChain?

I have a LDAP filter that already getting the userid, I'm just trying to pass the userid from the boolean isUserAuthorized method to the doFilter method. It is printing out to the console but I can't request the value in the doFilter method. What am I doing wroing?

import java.io.IOException;
import javax.naming.directory.Attributes;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.sql.DataSource;

import org.apache.commons.configuration.Configuration;

public class myFilter extends LdapFilter {
public static FilterConfig filterConfig;
public static Attributes attributes;
public AuditOracleImpl auditor = null;

public void init(FilterConfig filterConfig) throws ServletException {
  super.init(filterConfig);
  List<String>categories = new ArrayList<String>();
  categories.add("LDAP");
  try {
    super.setConfig(categories);
  } catch (Exception ex) { 
    throw new ServletException(ex);
  } 
  try {
   // Load configuration properties.
   List<String> configList = new ArrayList<String>();
   configList.add("TC");
   configList.add("TCA");
   configList.add("LDAP");

   Configuration config = SystemUtils.getConfiguration(configList);
   String strDbConnTCA = config.getString("DB_CONN_TCA");
   String strDbUserTCA = config.getString("DB_USER_TCA");
   String strDbPassTCA = config.getString("DB_PASS_TCA");
   String strWallet = config.getString("WALLET_FILE");

   //Obtain connection to the database.
   DataSource dataSourceCa = OracleClient.getDataSource(strDbConnTCA, strDbUserTCA, trDbPassTCA, strWallet);
   auditor = new AuditOracleImpl(dataSourceCa);
   } catch (Exception ex) {
   logger.error("Unable to create auditor {}", ex.getMessage());
   }
 }

 @Override 
 public boolean isUserAuthorized(Attributes attributes) {
  boolean isAuthorized = false;
  if (attributes !=null && attributes.size() > 0 ) {
    isAuthorized = true;
    logger.info("Authorized: " + isAuthorized);
    Properties properties = new Properties();
  try {
   propertiesUser.setProperty("CN", attributes.get("actualdn").get().toString().replaceFirst("CN=", "")); 
   propertiesUser.setProperty("EID", attributes.get("userid ").get().toString();
   propertiesUser.setProperty("EMAIL", attributes.get("useremail").get().toString();
   auditor.user(propertiesUser);

  } catch (Exception e) {
   logger.error("Error updating user:{}", e.getMessage());
   e.printStackTrace();
  } 
  String[] items = {"accesstime", "userid", "ipAddress", "actualdn", "useremail"};
  String result = parseData(items, attributes);
  String userid = attributes.get("userid").toString(); 
  //this is what i'm tyring to pass to the doFilter method.

    logger.info(result);
    System.out.print("This is the userID: " + userid); 
    //this prints out okay
   }
 logger.info("isAuthorized: " + isAuthorized);
 return isAuthorized;
}

public void doFilter(ServletRequest request, ServletResponse response,
    FilterChain chain, Attributes attributes) throws IOException, ServletException {
     userid = attributes.get("userid").toString();
     chain.doFilter(request, response);
     request.getAttribute(userid );
     System.out.print("DoFilter userID : " +userid ); 
     //Nothing prints out.
}
public void destroy() {
}

Open in new window

Avatar of Tomas Helgi Johannsson
Tomas Helgi Johannsson
Flag of Iceland image
Hi!


It should be something like this 

public void doFilter(ServletRequest request, ServletResponse response,
    FilterChain chain, Attributes attributes) throws IOException, ServletException {
     userid = attributes.get("userid").toString();
     if ( isUserAuthorized( attributes) ) {     
     chain.doFilter(request, response);
     request.getAttribute(userid );
     System.out.print("DoFilter userID : " +userid ); 
     }else{
     //Nothing prints out or user is sent to a "default page"
     }
}

Open in new window


You should make sure that the  isUserAuthorized function is correct and returns true only if the user has the correct privilege.

Regards,
      Tomas Helgi
Avatar of Am P
Am P
Flag of India image
From where you got this piece of code ? doFilter() method doesnt have Attributes attributes parameter.

By the way, if it is working fine and you got userid printed on console, then follow TomasHelgi.

Let us know if this is not the case.
Avatar of deongee
deongee
Flag of United States of America image

ASKER

just followed Tomas suggestion and it is still not working.
Avatar of Sathish David Kumar N
Sathish David Kumar N
Flag of India image
Can you post web.xml code for this filter
Avatar of deongee
deongee
Flag of United States of America image

ASKER

the web.xml filter works fine, but here it is.

<filter>
<filter-name>MyFilter</filter-name>
<filter-class>my.filter.MyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MyFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>MyServlet</servlet-name>
<servlet-class>my.servlet.MyServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>MyServlet</servlet-name>
<url-pattern>/MyServlet</url-pattern>
</servlet-mapping>

Open in new window

This question needs an answer!
Become an EE member today
7 DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.