Setting Authentication Header in Servlet via Filter

Question

Preface

This is my first attempt at a Filter, be gentle.

Project Description

I am trying to finalize a build for a SSO

Answer 1

I'm adding a new answer, since it's completely different.

I did a test on my system. I copied your code, dumped the cookie test, and wrote a simple Servlet to dump things out for me.

And it worked fine, save for one caveat.

I don't know how your app is using this. But your ServletRequestWrapper implements getHeaderNames, and getHeader, but it does NOT implement getHeaders. I ran in to that problem as I used getHeaders to try and dump the request, and, of course, Authorization was missing.

So, you may want to look at your code closer to see if it is indeed not using getHeaders. If it is, it will "work fine", but completely skip the work you've done, and thus miss your Authorization header.

Here's my implementation, and it worked for me.

    @Override
    public Enumeration getHeaders(String name) {
        Enumeration e = super.getHeaders(name);
        if (e != null && e.hasMoreElements()) {
            return e;
        } else {
            List l = new ArrayList();
            if (headerMap.get(name) != null) {
                l.add(headerMap.get(name));
            }
            return Collections.enumeration(l);
        }
    }