001/* 002 * The contents of this file are subject to the license and copyright 003 * detailed in the LICENSE and NOTICE files at the root of the source 004 * tree. 005 */ 006 007package org.fcrepo.webapp; 008 009import java.io.IOException; 010 011import javax.servlet.Filter; 012import javax.servlet.FilterChain; 013import javax.servlet.ServletException; 014import javax.servlet.http.HttpServletRequest; 015import javax.servlet.http.HttpServletResponse; 016 017import org.fcrepo.config.AuthPropsConfig; 018import org.fcrepo.config.ConditionOnPropertyFalse; 019 020import org.slf4j.Logger; 021import org.slf4j.LoggerFactory; 022import org.springframework.context.annotation.Bean; 023import org.springframework.context.annotation.Conditional; 024import org.springframework.context.annotation.Configuration; 025import org.springframework.web.filter.OncePerRequestFilter; 026 027/** 028 * Spring auth config when authorization is disabled 029 * 030 * @author pwinckles 031 */ 032@Configuration 033@Conditional(NoAuthConfig.AuthorizationDisabled.class) 034public class NoAuthConfig { 035 036 private static final Logger LOGGER = LoggerFactory.getLogger(NoAuthConfig.class); 037 038 static class AuthorizationDisabled extends ConditionOnPropertyFalse { 039 AuthorizationDisabled() { 040 super(AuthPropsConfig.FCREPO_AUTH_ENABLED, true); 041 } 042 } 043 044 /** 045 * This bean returns a no-op shiro filter when authorization is disabled. 046 * 047 * @return no-op shiro filter 048 */ 049 @Bean 050 public Filter shiroFilter() { 051 LOGGER.info("Authorization is disabled"); 052 return new OncePerRequestFilter() { 053 @Override 054 protected void doFilterInternal(final HttpServletRequest httpServletRequest, 055 final HttpServletResponse httpServletResponse, 056 final FilterChain filterChain) throws ServletException, IOException { 057 filterChain.doFilter(httpServletRequest, httpServletResponse); 058 } 059 }; 060 } 061 062}