SOLR-18041 PathExclusionFilter extracted from SolrDispatchFilter

changelog/unreleased/SOLR-18041.yml

@@ -0,0 +1,8 @@
+# See https://github.com/apache/solr/blob/main/dev-docs/changelog.adoc
+title: SOLR 18041 - Path exclusions for the admin UI are now defined in a separate servlet filter
+type: other # added, changed, fixed, deprecated, removed, dependency_update, security, other
+authors:
+  - name: Gus Heck
+links:
+  - name: SOLR-18041
+    url: https://issues.apache.org/jira/browse/SOLR-18041

solr/core/src/java/org/apache/solr/servlet/PathExclusionFilter.java

@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.solr.servlet;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpFilter;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class PathExclusionFilter extends HttpFilter {
+
+  private List<Pattern> excludePatterns;
+
+  boolean shouldBeExcluded(HttpServletRequest request) {
+    String requestPath = ServletUtils.getPathAfterContext(request);
+    if (excludePatterns != null) {
+      return excludePatterns.stream().map(p -> p.matcher(requestPath)).anyMatch(Matcher::lookingAt);
+    }
+    return false;
+  }
+
+  @Override
+  public void init(FilterConfig config) throws ServletException {
+    String patternConfig = config.getInitParameter("excludePatterns");
+    if (patternConfig != null) {
+      String[] excludeArray = patternConfig.split(",");
+      this.excludePatterns = Arrays.stream(excludeArray).map(Pattern::compile).toList();
+    }
+    super.init(config);
+  }
+
+  @Override
+  protected void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain)
+      throws IOException, ServletException {
+    if (!shouldBeExcluded(req)) {
+      chain.doFilter(req, res);
+    } else {
+      // N.B. "default" is the name for org.eclipse.jetty.ee10.servlet.DefaultServlet
+      // configured in solr/server/etc/webdefault.xml
+      req.getServletContext().getNamedDispatcher("default").forward(req, res);
+    }
+  }
+}

solr/core/src/java/org/apache/solr/servlet/ServletUtils.java

@@ -19,7 +19,6 @@
 
 import io.opentelemetry.api.trace.Span;
 import io.opentelemetry.context.Context;
-import jakarta.servlet.FilterChain;
 import jakarta.servlet.ReadListener;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.ServletInputStream;
@@ -33,10 +32,6 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.lang.invoke.MethodHandles;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 import org.apache.solr.common.SolrException;
 import org.apache.solr.common.SolrException.ErrorCode;
 import org.apache.solr.common.util.Utils;
@@ -131,45 +126,6 @@ public void close() {
     };
   }
 
-  static boolean excludedPath(
-      List<Pattern> excludePatterns,
-      HttpServletRequest request,
-      HttpServletResponse response,
-      FilterChain chain)
-      throws IOException, ServletException {
-    String requestPath = getPathAfterContext(request);
-    // No need to even create the HttpSolrCall object if this path is excluded.
-    if (excludePatterns != null) {
-      for (Pattern p : excludePatterns) {
-        Matcher matcher = p.matcher(requestPath);
-        if (matcher.lookingAt()) {
-          if (chain != null) {
-            chain.doFilter(request, response);
-          }
-          return true;
-        }
-      }
-    }
-    return false;
-  }
-
-  static boolean excludedPath(
-      List<Pattern> excludePatterns, HttpServletRequest request, HttpServletResponse response)
-      throws IOException, ServletException {
-    return excludedPath(excludePatterns, request, response, null);
-  }
-
-  static void configExcludes(PathExcluder excluder, String patternConfig) {
-    if (patternConfig != null) {
-      String[] excludeArray = patternConfig.split(",");
-      List<Pattern> patterns = new ArrayList<>();
-      excluder.setExcludePatterns(patterns);
-      for (String element : excludeArray) {
-        patterns.add(Pattern.compile(element));
-      }
-    }
-  }
-
   /**
    * Enforces rate limiting for a request. Should be converted to a servlet filter at some point.
    * Currently, this is tightly coupled with request tracing which is not ideal either.

solr/core/src/java/org/apache/solr/servlet/SolrDispatchFilter.java

@@ -17,8 +17,6 @@
 package org.apache.solr.servlet;
 
 import static org.apache.solr.servlet.ServletUtils.closeShield;
-import static org.apache.solr.servlet.ServletUtils.configExcludes;
-import static org.apache.solr.servlet.ServletUtils.excludedPath;
 import static org.apache.solr.util.tracing.TraceUtils.getSpan;
 import static org.apache.solr.util.tracing.TraceUtils.setTracer;
 
@@ -67,7 +65,7 @@
 // servlets that are more focused in scope. This should become possible now that we have a
 // ServletContextListener for startup/shutdown of CoreContainer that sets up a service from which
 // things like CoreContainer can be requested. (or better yet injected)
-public class SolrDispatchFilter extends HttpFilter implements PathExcluder {
+public class SolrDispatchFilter extends HttpFilter {
   private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
 
   private CoreContainerProvider containerProvider;
@@ -78,11 +76,6 @@ public class SolrDispatchFilter extends HttpFilter implements PathExcluder {
 
   private HttpSolrCallFactory solrCallFactory;
 
-  @Override
-  public void setExcludePatterns(List<Pattern> excludePatterns) {
-    this.excludePatterns = excludePatterns;
-  }
-
   private List<Pattern> excludePatterns;
 
   public final boolean isV2Enabled = V2ApiUtils.isEnabled();
@@ -133,7 +126,6 @@ public void init(FilterConfig config) throws ServletException {
         log.trace("SolrDispatchFilter.init(): {}", this.getClass().getClassLoader());
       }
 
-      configExcludes(this, config.getInitParameter("excludePatterns"));
     } catch (Throwable t) {
       // catch this so our filter still works
       log.error("Could not start Dispatch Filter.", t);
@@ -157,9 +149,6 @@ public CoreContainer getCores() throws UnavailableException {
           "Set the thread contextClassLoader for all 3rd party dependencies that we cannot control")
   public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
       throws IOException, ServletException {
-    if (excludedPath(excludePatterns, request, response, chain)) {
-      return;
-    }
 
     try (var mdcSnapshot = MDCSnapshot.create()) {
       assert null != mdcSnapshot; // prevent compiler warning

solr/webapp/web/WEB-INF/web.xml

@@ -26,11 +26,11 @@
   </listener>
   <!-- Any path (name) registered in solrconfig.xml will be sent to that filter -->
   <filter>
-    <filter-name>SolrRequestFilter</filter-name>
-    <filter-class>org.apache.solr.servlet.SolrDispatchFilter</filter-class>
+    <filter-name>PathExclusionsFilter</filter-name>
+    <filter-class>org.apache.solr.servlet.PathExclusionFilter</filter-class>
     <!--
-    Exclude patterns is a list of directories that would be short circuited by the
-    SolrDispatchFilter. It includes all Admin UI related static content.
+    Exclude patterns is a list of directories that would be short-circuited by this
+    Filter. It includes all Admin UI related static content.
     NOTE: It is NOT a pattern but only matches the start of the HTTP ServletPath.
     -->
     <init-param>
@@ -39,6 +39,16 @@
     </init-param>
   </filter>
 
+  <filter-mapping>
+    <filter-name>PathExclusionsFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+
+  <filter>
+    <filter-name>SolrRequestFilter</filter-name>
+    <filter-class>org.apache.solr.servlet.SolrDispatchFilter</filter-class>
+  </filter>
+
   <filter-mapping>
     <filter-name>SolrRequestFilter</filter-name>
     <url-pattern>/*</url-pattern>