Showing posts with label Filters. Show all posts
Showing posts with label Filters. Show all posts

Sunday, June 17, 2018

Grails on Groovy > Grails Filter to Redirect HTTP to HTTPS > Redirecting WWW to Root with Grails > Grails Append Something to URL before Redirect > URL Modification On Grails Filters

The problem is need to modify http to https as well as add www to domain name if not exists. To do so have to modify in our Grails Filters.

For Grails applications, a filter can be used to improved security by redirecting traffic from regular HTTP to encrypted HTTPS. The convention is that filters are written in Groovy using filenames ending in Filters, and the files go into the grails-app/conf folder.
Redirecting from HTTP to HTTPS provides a better user experience than simply blocking HTTP requests, as redirecting seamlessly forwards users to the web pages they expect to see.
The example below shows the redirect code
package com.pkm

import grails.util.Environment

import javax.servlet.http.HttpServletRequest

class SecurityFilters {
    String getDomainName(HttpServletRequest request) {
        return request.getRequestURL().substring(0, request.getRequestURL().indexOf("/", 8)) + request.contextPath
    }
    String getFullRequestURI(HttpServletRequest request) {
        String query = request.getQueryString()
        String request_uri = request.getAttribute("javax.servlet.forward.request_uri")
        if (request_uri == null) {
            return request.getRequestURL().toString().substring(0, request.getRequestURL().toString().length() - 1) + (query ? "?$query".toString() : "")
        }
        return request.getRequestURL().substring(0,request.getRequestURL().indexOf("/", 8)) + request_uri + (query ? "?$query".toString() : "")
    }

    def filters = {
        filter1(uri: "/**") {
            before = {
                Boolean isSecure = request.isSecure(), doRedirect = false
                String domain = getDomainName(request)
                String url = getFullRequestURI(request)

                println("SECURE=${isSecure.toString().capitalize()}" +
                        "\n\t >DOMAIN=${domain}" +
                        "\n\t\t>URL=${url}")

                /*if (!request.getServerName().toLowerCase().startsWith("www")) {
                    doRedirect = true
                    url = url.substring(0, url.indexOf("//")) + "//www." + url.substring(url.indexOf("//") + 2)
                }*/
                if (!request.isSecure() && !Environment.isDevelopmentMode()) {
                    doRedirect = true
                    url = "https://" + url.substring(url.indexOf("//") + 2)
                }
                if (!url.toLowerCase().endsWith("redirected=true-2")) {
                    doRedirect = true
                    url = url + (url.contains("?") ? "&redirected=true-2" : "?redirected=true-2")
                }
                if (doRedirect && request.isGet()) {
                    response.setStatus(302)
                    response.setHeader("Location", url)
                    response.flushBuffer()
                    return false
                }
            }
            after = { Map model ->

            }
            afterView = { Exception e ->

            }
        }
    }
}
If your server listens for https requests (or any requests on ports other than 80), you can add checks using the same format, replacing http and port 80 with the appropriate values. You can also redirect from any subdomain you want to the root site (or another subdomain), by simply swapping www with your subdomain.
And output would be like below. First request forwarded to second URL with additional parameters.
SECURE=False
  >DOMAIN=http://localhost:3346/CONTEXT_PATH
  >URL=http://localhost:3346/CONTEXT_PATH/home/index
SECURE=False
  >DOMAIN=http://localhost:3346/CONTEXT_PATH
  >URL=http://localhost:3346/CONTEXT_PATH/home/index?redirected=true-2

Saturday, June 16, 2018

Grails on Groovy > Grails 2.X > How is the invocation sequence of Grails filters defined | Sequence of Filter Execution

I am using filters to handle authentication and some other pre-condition checks for a Grails application. I've run into a situation where it'd be nice to ensure that filter A is always invoked before filter B
If several filters are declared within one class, it's obvious that they'll be executed in the order that they were declared like below code block.
package com.pkm

class SecurityFilters {

    def filters = {
        filter1(controller:'*', action:'*') {
            before = {
                println("FILTER-1")
            }
            after = { Map model ->

            }
            afterView = { Exception e ->

            }
        }

        filter2(uri: "/**") {
            before = {
                println("FILTER-2")
            }
            after = { Map model ->

            }
            afterView = { Exception e ->

            }
        }
    }
}
Now what will happen if they would defined in different classes. Yes, there is a way around and that is dependsOn. You can define dependsOn on which filter it will depend on. Say I created another filter named Security2Filters and set my first filter named SecurityFilters to dependsOn. So SecirutyFilters will be execute before Security2Filters.
package com.pkm

class Security2Filters {
    def dependsOn=[SecurityFilters]

    def filters = {
        all(controller:'*', action:'*') {
            before = {
                println("FILTER-3")
            }
            after = { Map model ->

            }
            afterView = { Exception e ->

            }
        }
    }
}

Wednesday, September 30, 2015

Myob Cloud Integration: Use Filter In Myob Integration


Equal Method (String)
{domain}/{cf guid}/Sale/Invoice/?$filter=PaymentDetails/Method eq 'Cash'

Equal Method (UID)
{domain}/{cf guid}/Sale/Invoice/?$filter=Customer/UID eq guid'd61a6a86-453a-48bf-9402-6eb6b4ea23cf'

Equal Method (Boolean)
{domain}/{cf guid}/Contact/?$filter=IsIndividual eq true

Filtering in List
{domain}/{cf guid}/Contact/Customer/?$filter=Addresses/any(x: x/Email eq null) 

Equal Method (Date)
{domain}/{cf guid}/Purchase/Bill/?$filter=Date ge datetime'2014-07-01' and Date le datetime'2014-09-24'

Monday, September 16, 2013

Grails Controller allow Declarative Exception Handling with Filters

I guess you can handle declarative exception from Controllers but Filters. You can use response instead to send the error code
class AuthorizationFilters {
    def filters = {
        auth(controller: '*' /* or controller name */
            action: '*' /* or action name */, invert: true) {
            before = {
                HashMap map = new HashMap();
                map.put("success", false);
                map.put("message", "Error occurred"); 
                if(1){ //If auth fails
                    response.sendError(5000) /* Custom error code */
                    response.errorMessage = "Error message to error controller";
 
                    // OR 
                    //render(status: 403);
                    //render(contentType: "text/json", text: map.toJSON());
 
                    // OR 
                    //redirect(controller: 'error', action: 'errorDisplay');
                }
                return false
            }
        }
    }
}
Above logic will render the response from ErrorController's errorDisplay action based on the UrlMapping that is provided below.
Make sure you are excluding error controller from filters.

Make sure you have the entry in UrlMappings.groovy:
"5000"(controller: "error", action: "errorDisplay")

And ErrorController.groovy:
class ErrorController {
    def errorDisplay() {
        render(status: 500); /* Change error code to 500 from custom code: 5000 */
        render("Error: "+response.errorMessage);
        //response.errorMessage would be "Error message to error controller";
        return;
    }
}