001/** 002 * Copyright (C) 2006-2020 Talend Inc. - www.talend.com 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.talend.sdk.component.server.front.security.web; 017 018import java.io.IOException; 019 020import javax.inject.Inject; 021import javax.servlet.Filter; 022import javax.servlet.FilterChain; 023import javax.servlet.ServletException; 024import javax.servlet.ServletRequest; 025import javax.servlet.ServletResponse; 026import javax.servlet.http.HttpServletResponse; 027 028public abstract class SecuredFilter implements Filter { 029 030 @Inject 031 private EndpointSecurityService endpointSecurityService; 032 033 @Override 034 public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, 035 final FilterChain filterChain) throws IOException, ServletException { 036 if (endpointSecurityService.isAllowed(servletRequest) && canCall(servletRequest)) { 037 filterChain.doFilter(servletRequest, servletResponse); 038 return; 039 } 040 041 final HttpServletResponse response = HttpServletResponse.class.cast(servletResponse); 042 response.setStatus(HttpServletResponse.SC_NOT_FOUND); 043 } 044 045 protected boolean canCall(final ServletRequest servletRequest) { 046 return true; 047 } 048}