Mercurial > lada > lada-server

--- a/src/main/java/de/intevation/lada/util/auth/OpenIDFilter.java	Fri Mar 13 14:26:52 2015 +0100
+++ b/src/main/java/de/intevation/lada/util/auth/OpenIDFilter.java	Fri Mar 13 15:20:05 2015 +0100
@@ -66,6 +66,8 @@
     private static final int SESSION_TIMEOUT_DEFAULT_MINUTES = 60;
     private int sessionTimeout;

+    private boolean enabled;
+
     private static Logger logger = Logger.getLogger(OpenIDFilter.class);

     /** Nonce verifier to allow a session based on openid information.
@@ -246,6 +248,8 @@
         oidHeader = properties.getProperty("oidHeader", OID_HEADER_DEFAULT);
         providerUrl = properties.getProperty("identity_provider",
                 IDENTITY_PROVIDER_DEFAULT);
+        enabled = !properties.getProperty("enabled",
+                "true").toLowerCase().equals("false");

         manager = new ConsumerManager();
         /* We probably want to implement our own association store to keep
@@ -260,6 +264,13 @@
     public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
     throws IOException, ServletException
     {
+        if (!enabled) {
+            /* If we are not enabled we pass everything through */
+            logger.debug("OpenID filter disabled. Passing through.");
+            chain.doFilter(req, resp);
+            return;
+        }
+
         HttpServletRequest hReq = (HttpServletRequest) req;
         HttpServletResponse hResp = (HttpServletResponse) resp;
         if (!discoveryDone) {
--- a/src/main/resources/openid.properties	Fri Mar 13 14:26:52 2015 +0100
+++ b/src/main/resources/openid.properties	Fri Mar 13 15:20:05 2015 +0100
@@ -7,3 +7,8 @@

 # Session timeout in minutes
 session_timeout_minutes=60
+
+# Set this to false to disable the openID filter altogether
+# doing this will disable authentication and authorization
+# completely. Use this only for testing!
+enabled=true