2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.securityutil.filters;
24 import org.openecomp.sdc.securityutil.ISessionValidationFilterConfiguration;
26 import javax.servlet.http.Cookie;
27 import java.util.ArrayList;
28 import java.util.Arrays;
29 import java.util.List;
31 public class SampleFilter extends SessionValidationFilter {
33 private static class Configuration implements ISessionValidationFilterConfiguration {
35 private static Configuration instance;
37 private String securityKey;
38 private long maxSessionTimeOut;
39 private long sessionIdleTimeOut;
40 private String redirectURL;
41 private List<String> excludedUrls;
43 private String cookieName;
44 private String cookieDomain;
45 private String cookiePath;
46 private boolean isCookieHttpOnly;
48 private Configuration() {
49 //security key should be exactly 16 characters long clear text and then encoded to base64
50 this.securityKey = "AGLDdG4D04BKm2IxIWEr8o==";
51 this.maxSessionTimeOut = 24L*60L*60L*1000L;
52 this.sessionIdleTimeOut = 60L*60L*1000L;
53 this.redirectURL = "https://www.e-access.att.com/ecomp_portal_ist/ecompportal/process_csp";
54 this.excludedUrls = new ArrayList<>(Arrays.asList("/config","/configmgr","/rest","/kibanaProxy","/healthcheck","/upload.*"));
56 this.cookieName = "kuku";
57 this.cookieDomain = "";
58 this.cookiePath = "/";
59 this.isCookieHttpOnly = true;
62 public void setSecurityKey(String securityKey) {
63 this.securityKey = securityKey;
66 public void setMaxSessionTimeOut(long maxSessionTimeOut) {
67 this.maxSessionTimeOut = maxSessionTimeOut;
70 public void setCookieName(String cookieName) {
71 this.cookieName = cookieName;
74 public void setRedirectURL(String redirectURL) {
75 this.redirectURL = redirectURL;
78 public void setExcludedUrls(List<String> excludedUrls) {
79 this.excludedUrls = excludedUrls;
82 public static Configuration getInstance(){
83 if (instance == null ){
84 instance = new Configuration();
90 public String getSecurityKey() {
95 public long getMaxSessionTimeOut() {
96 return maxSessionTimeOut;
100 public long getSessionIdleTimeOut() {
101 return sessionIdleTimeOut;
105 public String getCookieName() {
110 public String getCookieDomain() {
115 public String getCookiePath() {
120 public boolean isCookieHttpOnly() {
121 return isCookieHttpOnly;
125 public String getRedirectURL() {
130 public List<String> getExcludedUrls() {
136 public ISessionValidationFilterConfiguration getFilterConfiguration() {
137 return Configuration.getInstance();
141 protected Cookie addRoleToCookie(Cookie updatedCookie) {
142 return updatedCookie;
146 protected boolean isRoleValid(Cookie cookie) {