• Home
• org.neo4j.app
• neo4j-server
• 4.4.37
• source code
• AuthorizationModule.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.neo4j.server.modules.AuthorizationModule Maven / Gradle / Ivy

/*
 * Copyright (c) "Neo4j"
 * Neo4j Sweden AB [http://neo4j.com]
 *
 * This file is part of Neo4j.
 *
 * Neo4j is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see .
 */
package org.neo4j.server.modules;

import java.util.List;
import java.util.function.Supplier;
import java.util.regex.Pattern;
import javax.servlet.Filter;

import org.neo4j.configuration.Config;
import org.neo4j.configuration.GraphDatabaseSettings;
import org.neo4j.kernel.api.security.AuthManager;
import org.neo4j.logging.LogProvider;
import org.neo4j.server.rest.dbms.AuthorizationDisabledFilter;
import org.neo4j.server.rest.dbms.AuthorizationEnabledFilter;
import org.neo4j.server.web.WebServer;

/**
 * The authorization module applies a {@link org.neo4j.server.rest.dbms.AuthorizationFilter AuthorizationFilter} to all paths except those configured in {@link
 * org.neo4j.server.configuration.ServerSettings#http_auth_allowlist ServerSettings#http_auth_allowlist}.
 * 

 * It must be enabled as soon as any other module is enabled.
 */
public class AuthorizationModule implements ServerModule
{
    private final WebServer webServer;
    private final Config config;
    private final Supplier authManagerSupplier;
    private final LogProvider logProvider;
    private final List uriWhitelist;

    public AuthorizationModule( WebServer webServer, Supplier authManager, LogProvider logProvider,
            Config config, List uriWhitelist )
    {
        this.webServer = webServer;
        this.config = config;
        this.authManagerSupplier = authManager;
        this.logProvider = logProvider;
        this.uriWhitelist = uriWhitelist;
    }

    @Override
    public void start()
    {
        final Filter authorizationFilter;

        if ( config.get( GraphDatabaseSettings.auth_enabled ) )
        {
            authorizationFilter = new AuthorizationEnabledFilter( authManagerSupplier, logProvider, uriWhitelist );
        }
        else
        {
            authorizationFilter = createAuthorizationDisabledFilter();
        }

        webServer.addFilter( authorizationFilter, "/*" );
    }

    @Override
    public void stop()
    {
    }

    protected AuthorizationDisabledFilter createAuthorizationDisabledFilter()
    {
        return new AuthorizationDisabledFilter();
    }
}