|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.pentaho.platform.web.http.filters.ProxyTrustingFilter
public class ProxyTrustingFilter
This servlet is used to filter Servlet requests coming from another server for processing and sets authentication for the user passed in by the parameter _TRUST_USER_. It then passes the request down the servlet chain to be serviced. Only requests coming from a trusted host will be authenticated. Implement the filter and setup the trusted hosts by editing the web.xml file as follows.
<filter> <filter-name>ProxyTrustingFilter</filter-name> <filter-class>org.pentaho.platform.web.http.filters.ProxyTrustingFilter</filter-class> <init-param> <param-name>TrustedIpAddrs</param-name> <param-value>192.168.10.60,192.168.10.61</param-value> </init-param> </filter>In the above example, when a request coming from IP addresses 192.168.10.60 and 192.168.10.61 has the parameter _TRUST_USER_=name set, tha user name will be authenticated.
NOTES:
It is easy to spoof the URL or IP address so this technique should only be used if the server running the filter is not accessible to users. For example if the BI Platform is hosted in a DMZ.
For this class to be useful, both Pentaho servers should be using the same database repository.
The sending server should be using the ProxyServlet enabled to generate the requests.
ProxyServlet
Constructor Summary | |
---|---|
ProxyTrustingFilter()
|
Method Summary | |
---|---|
void |
destroy()
|
void |
doFilter(javax.servlet.ServletRequest request,
javax.servlet.ServletResponse response,
javax.servlet.FilterChain chain)
|
org.apache.commons.logging.Log |
getLogger()
|
void |
init(javax.servlet.FilterConfig filterConfiguration)
|
static void |
main(String[] args)
|
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public ProxyTrustingFilter()
Method Detail |
---|
public org.apache.commons.logging.Log getLogger()
public void init(javax.servlet.FilterConfig filterConfiguration) throws javax.servlet.ServletException
init
in interface javax.servlet.Filter
javax.servlet.ServletException
public void doFilter(javax.servlet.ServletRequest request, javax.servlet.ServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletException
doFilter
in interface javax.servlet.Filter
IOException
javax.servlet.ServletException
public void destroy()
destroy
in interface javax.servlet.Filter
public static void main(String[] args)
args
-
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |