[jboss-user] [Security & JAAS/JBoss] - Re: Capturing client IP address

ragavgomatam do-not-reply at jboss.com
Thu Jan 10 22:14:34 EST 2008 

One answer would be writing a Tomcat Valve that intercepts every HttpRequest before it make it to the container. This valve would intercept the request before your login module. I have given an example implementation. Package this in tomcat.sar , & check out how to configure this in jboss & you are set to go. Should not be too difficult

package test.tomcat;
  | 
  | import java.io.IOException;
  | import java.util.ArrayList;
  | import java.util.List;
  | import java.util.StringTokenizer;
  | 
  | import javax.servlet.ServletException;
  | import javax.servlet.http.HttpServletRequest;
  | 
  | import org.apache.catalina.*;
  | 
  | /**
  |  * The Tomcat valve that transfers credentials into a Principal object,
  |  * to provide seamless integration between Jaas and the J2EE security model.
  |  */
  | 
  | public class MyValve implements Valve {
  | 
  |   public String getInfo() {
  |     return null;
  |   }
  | 
  | 
  |   /**
  |    * Looks for the Http headers in the originating request and creates a
  |    * Principal representing these if they exist.
  |    */
  | 
  |   public void invoke(Request request, Response response, ValveContext valveContext)
  |     throws IOException, ServletException {
  | 
  |    // Ha ! Ha !...Got the request before it makes it to Login Module...
  | 
  |     HttpRequest httpRequest = (HttpRequest)request;
  |     HttpServletRequest httpServletRequest = (HttpServletRequest)request.getRequest();
  |     List roles = new ArrayList();
  |     String username = (String)httpServletRequest.getHeader("myHeader");
  |     String rolesAsString = (String)httpServletRequest.getHeader("myList");
  | 
  |     StringTokenizer tok = new StringTokenizer(rolesAsString, ",");
  |     while (tok.hasMoreTokens()) {
  |       String token = tok.nextToken().trim();
  |       roles.add(token);
  |     }
  | 
  |     httpRequest.setUserPrincipal(new MyPrincipal(
  |       httpRequest.getContext().getRealm(), username, roles));
  | 
  |     // now execute all other valves
  |     valveContext.invokeNext(request, response);
  |   }
  | 
  | }

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4118899#4118899

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4118899

More information about the jboss-user mailing list