Hello,
I have a small problem with my own stash plugin.
I have implemented a doFilter to manage user authentication.
Here is my atlassian-plugin.xml description:
<component-import key="userService" interface="com.atlassian.stash.user.UserService"/> <component-import key="userAdminService" interface="com.atlassian.stash.user.UserAdminService"/> <component-import key="securityService" interface="com.atlassian.stash.user.SecurityService"/> <component key="OAuthFilter" class="net.exemple.oauth.authentication.OAuthFilter"/> <servlet-filter name="OAuth Filter" key="stash-oauth-filter" class="bean:OAuthFilter" location="before-login" weight="10"> <url-pattern>*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </servlet-filter>
My doFilter function looks like:
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; Boolean standard_authent = false; if (req.getParameter("standard-authent") != null) { standard_authent = true; } System.out.println("URI => " + req.getRequestURI() + " and Next => " +req.getParameter("next")); System.out.println("Is Authenticated ? " + authenticationContext.isAuthenticated() + " with username = " + authenticationContext.getCurrentUser()); if(req.getRequestURI().equals("/stash/login")){ if( !standard_authent ){ //I do some stuff to authenticate enduser //with the preauthenticate method } } chain.doFilter(req, resp); }
Let's say I type:
http//localohost:7990/stash/login?standard-authent=true
I will then get the standard login form and I enter admin credentials. I access to project the page.
Now If I refresh the projects page, I can see that in the logs:
[INFO] [talledLocalContainer] URI => /stash/projects and Next => null [INFO] [talledLocalContainer] Is Authenticated ? false with username = null [INFO] [talledLocalContainer] URI => /stash/mvc/projects and Next => null [INFO] [talledLocalContainer] Is Authenticated ? false with username = null [INFO] [talledLocalContainer] URI => /stash/rest/inbox/latest/pull-requests/count and Next => null [INFO] [talledLocalContainer] Is Authenticated ? false with username = null [INFO] [talledLocalContainer] URI => /stash/plugins/servlet/dev-toolbar and Next => null [INFO] [talledLocalContainer] Is Authenticated ? false with username = null [INFO] [talledLocalContainer] 2013-05-21 11:39:47,186 DEBUG [http-bio-7990-exec-18] admin 699x2289x2 1iauojk 172.16.231.139 "GET /rest/inbox/latest/pull-requests/count HTTP/1.1" c.a.s.p.inbox.rest.InboxResource Retrieving pull request count for user Administrator [INFO] [talledLocalContainer] URI => /stash/projects/PROJECT_1/avatar.png and Next => null [INFO] [talledLocalContainer] Is Authenticated ? false with username = null [INFO] [talledLocalContainer] URI => /stash/mvc/projects/PROJECT_1/avatar.png and Next => null [INFO] [talledLocalContainer] Is Authenticated ? false with username = null [INFO] [talledLocalContainer] URI => /stash/rest/api/latest/profile/recent/repos and Next => null [INFO] [talledLocalContainer] Is Authenticated ? false with username = null
Each time I enter in my doFilter I am considered as unauthenticated whereas I can access all pages and I also can see my user loggedin name:
[INFO] [talledLocalContainer] 2013-05-21 11:39:47,186 DEBUG [http-bio-7990-exec-18] admin 699x2289x2 1iauojk 172.16.231.139 "GET /rest/inbox/latest/pull-requests/count HTTP/1.1" c.a.s.p.inbox.rest.InboxResource Retrieving pull request count for user Administrator
Am I missing something ?
Thanks for your help !
servlet-filter modules allow you to intercept requests at different parts of the filter change. For the full list and a description of each see the servlet-filter module documentation. In your situation you are using the 'before-login' location which means it will be applied before any of Stash's authentication filters. As a result stash doesn't know that a user is logined in yet for that request.
You may want to investigate using the http-authentication-handler module instead. This has the benefit of allowing you to specify a 'weight' if you would prefer to take lower precedence than Stash's standard authentication.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.