| Code with Misuse: |
class AuthenticationFilter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
ConfigManager config = (ConfigManager) filterConfig.getServletContext().getAttribute("ConfigManager");
if (config != null) {
configuration.setRealm(config.get("realm", "karaf"));
configuration.setRole(config.get("role", "admin"));
configuration.setRolePrincipalClasses(config.get("rolePrincipalClasses", ""));
configuration.setEnabled(Boolean.parseBoolean(config.get("authenticationEnabled", "true")));
}
// JVM system properties can override always
if (System.getProperty(HAWTIO_AUTHENTICATION_ENABLED) != null) {
configuration.setEnabled(Boolean.getBoolean(HAWTIO_AUTHENTICATION_ENABLED));
}
if (System.getProperty(HAWTIO_REALM) != null) {
configuration.setRealm(System.getProperty(HAWTIO_REALM));
}
if (System.getProperty(HAWTIO_ROLE) != null) {
configuration.setRole(System.getProperty(HAWTIO_ROLE));
}
if (System.getProperty(HAWTIO_ROLE_PRINCIPAL_CLASSES) != null) {
configuration.setRolePrincipalClasses(System.getProperty(HAWTIO_ROLE_PRINCIPAL_CLASSES));
}
if (configuration.isEnabled()) {
for (AuthenticationContainerDiscovery discovery : discoveries) {
if (discovery.canAuthenticate(configuration)) {
LOG.info("Discovered container {} to use with hawtio authentication filter", discovery.getContainerName());
break;
}
}
}
if (configuration.isEnabled()) {
LOG.info("Starting hawtio authentication filter, JAAS realm: \"{}\" authorized role: \"{}\" role principal classes: \"{}\"",
new Object[]{configuration.getRealm(), configuration.getRole(), configuration.getRolePrincipalClasses()});
} else {
LOG.info("Starting hawtio authentication filter, JAAS authentication disabled");
}
}
}
|
