WebLogic Security: Servlet Authentication Filter (SAF)

Posted on February 28, 2012 by Jianming Li

Contents

  1. Build Custom Identity Provider
    1. Build wlfullclient.jar
    2. Create Eclipse Project
    3. Create Servlet Filter
    4. Create a Java Class to Implement: AuthenticationProviderV2, ServletAuthenticationFilter
    5. Create an MBeanType XML File
  2. Build
  3. Deploy
    1. Copy Provider Jar
    2. Configure New Provider
  4. Test
  5. References
 

Build Custom Identity Provider

Build wlfullclient.jar

* See this post to build a wlfullclient.jar

Create Eclipse Project

* Create a new Eclipse Java project named SimpleSAF
* Place wlfullclient.jar in build path
* Copy ${WL_HOME}/server/lib/commo.dtd to project root directory.
* Create a new package named: examples.security.providers.saf.simple

Create Servlet Filter

* Create a new servlet filter named: TokenFilter.java

package examples.security.providers.saf.simple;
 
import java.io.IOException;
import java.util.Enumeration;
 
import javax.servlet.*;
import javax.servlet.http.*;
 
public class TokenFilter implements Filter {
 
	private FilterConfig filterConfig = null;
 
	@Override
	public void destroy() {
		// TODO Auto-generated method stub
 
	}
 
	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain arg2) throws IOException, ServletException {
		System.out.println("In do filter");
		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse res = (HttpServletResponse) response;
 
		Enumeration names = ((HttpServletRequest) request).getHeaderNames();
 
		while (names.hasMoreElements()) {
			String name = (String) names.nextElement();
			System.out.println("Header Name " + name + " Content "
					+ ((HttpServletRequest) request).getHeader(name));
		}
 
	}
 
	@Override
	public void init(FilterConfig fc) throws ServletException {
		this.filterConfig = fc;
 
	}
 
}

Create a Java Class to Implement: AuthenticationProviderV2, ServletAuthenticationFilter

* Named: SimpleSampleServletAuthenticationFilter.java

package examples.security.providers.saf.simple;
 
import javax.security.auth.login.AppConfigurationEntry;
import javax.servlet.Filter;
 
import weblogic.management.security.ProviderMBean;
import weblogic.security.spi.AuthenticationProviderV2;
import weblogic.security.spi.IdentityAsserterV2;
import weblogic.security.spi.PrincipalValidator;
import weblogic.security.spi.SecurityServices;
import weblogic.security.spi.ServletAuthenticationFilter;
 
public class SimpleSampleServletAuthenticationFilter implements
		AuthenticationProviderV2, ServletAuthenticationFilter {
 
	private String description;
 
	@Override
	public String getDescription() {
		// TODO Auto-generated method stub
		return this.description;
	}
 
	@Override
	public void initialize(ProviderMBean arg0, SecurityServices arg1) {
		System.out.println("SimpleSampleServletAuthenticationFilter.initialize");
 
	}
 
	@Override
	public void shutdown() {
		System.out.println("SimpleSampleServletAuthenticationFilter.shutdown");
	}
 
	@Override
	public Filter[] getServletAuthenticationFilters() {
		System.out.println("SimpleSampleServletAuthenticationFilter.getServletAuthenticationFilters");
 
		Filter[] filters = new Filter[1];
		TokenFilter token = new TokenFilter();
		filters[0]= token;
		return filters;
	}
 
	@Override
	public AppConfigurationEntry getAssertionModuleConfiguration() {
		// TODO Auto-generated method stub
		return null;
	}
 
	@Override
	public IdentityAsserterV2 getIdentityAsserter() {
		// TODO Auto-generated method stub
		return null;
	}
 
	@Override
	public AppConfigurationEntry getLoginModuleConfiguration() {
		// TODO Auto-generated method stub
		return null;
	}
 
	@Override
	public PrincipalValidator getPrincipalValidator() {
		// TODO Auto-generated method stub
		return null;
	}
 
}

Create an MBeanType XML File

* Create an XML file named: SimpleSampleServletAuthenticationFilter.xml

<?xml version="1.0" ?>
<!DOCTYPE MBeanType SYSTEM "commo.dtd">
 
<MBeanType Name="SimpleServletAuthenticationFilter"
	DisplayName="SimpleServletAuthenticationFilter" 
	Package="examples.security.providers.saf.simple"
	Extends="weblogic.management.security.authentication.Authenticator"
	Implements="weblogic.management.security.authentication.ServletAuthenticationFilter"
	PersistPolicy="OnUpdate">
 
	<MBeanAttribute Name="ProviderClassName" 
		Type="java.lang.String"
		Writeable="false"
		Preprocessor="weblogic.management.configuration.LegalHelper.checkClassName(value)"
		Default="&quot;examples.security.providers.saf.simple.SimpleSampleServletAuthenticationFilter&quot;" />
 
	<MBeanAttribute Name="Description" Type="java.lang.String"
		Writeable="false" Default="&quot;WebLogic Simple Sample Servlet Authentication Filter &quot;" />
 
	<MBeanAttribute Name="Version" Type="java.lang.String"
		Writeable="false" Default="&quot;1.0&quot;" />
 
</MBeanType>

* Create an Ant build.xml

<project name="SimpleSAF" default="build" basedir=".">
 
	<property name="src.dir" value="src" />
	<property name="build.dir" value="build" />
	<property name="jdk.home" value="C:/Program Files/Java/jdk1.6.0_25" />
	<property name="ant.home" value="C:/prog/apache-ant-1.8.2" />
	<property name="wl.lib.dir" value="C:/jml/demo/wls10.3/server/lib" />
	<property name="wl.modules.dir" value="C:/jml/demo/wls10.3/modules" />
	<property name="namespace" value="http://www.bea.com/ns/90/weblogic/security/samples"/>
	<property name="provider.jar" value="SimpleSampleServletAuthenticationFilter.jar"/>
 
	<path id="wl.cp">
		<fileset dir="${jdk.home}/lib">
		    <include name="tools.jar"/>
		</fileset>
		<fileset dir="${ant.home}/lib">
		    <include name="*.jar"/>
		</fileset>
		<fileset dir="${wl.lib.dir}">
		    <include name="wlfullclient.jar"/>
		</fileset>
		<fileset dir="${wl.modules.dir}">
		    <include name="*xml*.jar"/>
		</fileset>
	</path>
 
	<!-- Copy all needed files to the build dir -->
	<target name="copy" description="Copy files">
    	<mkdir dir="${build.dir}"/>
        <copy todir="${build.dir}" flatten="true">
          <fileset dir="${basedir}">
            <include name="commo.dtd"/>
          </fileset>
        </copy>
        <copy todir="${build.dir}" flatten="true">
          <fileset dir="${src.dir}">
            <include name="**/*.xml"/>
            <include name="**/*.java"/>
          </fileset>
        </copy>
    </target>
 
	<target name="rebuild" depends="clean, build"/>
 
	<target name="build" depends="copy">
	    <java classname="weblogic.management.commo.WebLogicMBeanMaker" fork="true" failonerror="true">
	      <jvmarg line="-Dfiles=${build.dir}  -DMDFDIR=${build.dir} -DMJF=${build.dir}/${provider.jar} -DtargetNameSpace=${namespace} -DpreserveStubs=true -DcreateStubs=true"/>
	      <classpath refid="wl.cp"></classpath>
	    </java>
	</target>
 
	<target name="clean">
		<delete dir="${build.dir}" failonerror="false"/>
		<delete file="${provider.jar}" failonerror="false"/>
		<echo message="Clean finish" />
	</target>
 
</project>

Build

* Run Ant task rebuild. A provider jar file named SimpleSampleServletAuthenticationFilter.jar should be generated in the build directory.

Deploy

Copy Provider Jar

* Copy generated provider jar file, i.e. SimpleSampleServletAuthenticationFilter.jar, into $WL_HOME/server/lib/mbeantypes directory.
* Restart Weblogic server.

Configure New Provider

* Login WLS admin console
* Go to Security Realms > myrealm > Providers > Authentication
* Create a new Simple Sample Identity Asserter named SimpleSAF

* Restart WLS

Test

References

* Custom Identity Asserter for Weblogic Server

This entry was posted in weblogic. Bookmark the permalink.

One Response to WebLogic Security: Servlet Authentication Filter (SAF)

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.