I am developing a security plugin for our use where we intercept all Rest Action through a RestHandlerWrapper and authenticate user based on the given criteria.
Once Authenticated we want perform some authorization later based on the specific Action with the help of ActionFilter as an example if SearchAction we validate if user had access on the index he is querying plus the fields he is requesting as part of the request. For this I am setting a variable in ThreadLocal at the RestHandlerWrapper level and retrieving it in the ActionFilter.
My only question here do we see an issue with this approach of storing variable in threadlocal(we unset it within the ActionFilter itself) and can I use ThreadContext here? and if so how do i access ThreadContext within a ActionFilter
Thanks for the reply after the code review of elastic I found the way how to move data through thread context for my use case.
Below is the Approach
In the ActionPlugin implementation we are going to override the getTaskHeaders() method and add the header name the application sends, secondly in the RestHandlerWrapper impl we are going to add the headers we retrieve from the request to the ThreadContext.putHeader()
Once the above two are done in the ActionFilter implementation the Task Object will then provide the custom header we are looking for.
On a side note in the RestHandlerWrapper Impl we do call the super.handleRequest() which then eventually delegates the call to the ActionFilter hence even ThreadLocal will work as it is the same thread which executes the filter but ThreadContext is neater and better managed option
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.