Skip to main content
Version: 7.2405.x.x LTS

LuaFilter - configuration

NameType, Usage Constraints, DefaultsDescription
ScriptString required, basicLua script with implemented outputStream function. Be aware that every "<", ">" and "&" must be html encoded like "<", ">", "&". Loading external scripts is planned.
Script.PathString optional, basic default: nonePath to the Lua script with implemented inputStream/outputStream function.
Script.InputFunctionNameString optional, basic default: noneDefines the Lua function name which is called on input. If it is not defined nothing is called. The method's syntax expects three arguments: the request object the response object * the request body chunk object
Script.InputHeaderFunctionNameString optional, basic default: noneDefines the Lua function name which is called on input headers. This function does not need to deal with a possible request body. It is called once on every request. The method's syntax expects two arguments: the request object the response object
Script.OutputFunctionNameString optional, basic default:noneDefines the Lua function name which is called on output. If it is not defined nothing is called. The method's syntax expects three arguments: the request object the response object * the response body chunk object
Script.OutputHeaderFunctionNameString, optional, basic, default: noneDefines the Lua function name which is called on output headers. If it is not defined nothing is called. It is called once for every response. The method's syntax expects two arguments: the request object the response object
Script.NotifySessionInvalidateFunctionNameString, optional, advanced. default: noneDefines the function name which is called if a session is invalidated. For this function to be called, the LuaFilter has to be mapped to the same path as the filter which creates the session, e.g., the IdentityCreationFilter or AuthenticationFilter. The function has an input parameter of type session. This feature is only supported when using the Dynamic Session Management Engine.
Script.GlobalStoreAttributeTimeoutFunctionNameString optionalDefines the function that will be called if an attribute in the global store expires. The called function has three input-parameters: the name of the expired attribute the value of the expired attribute * the name of the servlet used for the global store
Script.NamespaceString optional, advanced default: noneDefines a namespace for filter attributes that will be propagated to the Lua script. The attributes are accessible in the Lua script with the prefixing namespace as global variables. Currently, dots are not allowed in the variable names.
Script.HashString optional, default: noneDefines the expected SHA256 hash of the loaded Lua script. On startup the calculated hash is compared with this and a NOTICE is logged if the two hashes differ. This parameter is only usable to check the integrity of external scripts. To get the correct hash for your script use the openssl dgst -sha256 <script.lua> command or copy it from the traced notice.

Sample:

<filter>
<filter-name>LuaFilterTest</filter-name>
<filter-class>ch::nevis::isiweb4::filter::lua::LuaFilter</filter-class>
<init-param>
<param-name>Script.Namespace</param-name>
<param-value>My</param-value>
</init-param>
<init-param>
<param-name>MyParameter</param-name>
<param-value>my stuff</param-value>
</init-param>
<init-param>
<param-name>Script.OutputFunctionName</param-name>
<param-value>outputStream</param-value>
</init-param>
<init-param>
<param-name>Script</param-name>
<param-value>
firstHit = false
function outputStream(req, resp, chunk)
trace = req:getTracer()
if not firstHit then
firstHit = true
-- this should trace "This is my
-- parameter: my stuff"
trace:info("This is my parameter: "..MyParameter)
end
return chunk
end
</param-value>
</init-param>
</filter>