Modifying inputStream in request

Modifying inputStream in request.
many thanks to Tofig

i am sorry if this entry seems to be prosaic (pro zaek;-)).
for me some sensation of miracle presents. so..


    1.webservice on ssl.
    2.client and service code can't be changed.
    3.service looks for userId in requests inputStream.
    4.client don't send userId, but send certificate (client authentication).
     1.take userId from certificate.
     2.push it into requests inputStream.
         1.write filter where is all work will be done -- trivial.
         2.take userId from certificate -- very trivial, but:
     String getUserIdFromCertificate(HttpServletRequest request){
            Object o = request.getAttribute("javax.servlet.request.X509Certificate");
        if (o != null) {
            X509Certificate certs[] = (X509Certificate[]) o;
            String name = certs[0].getSubjectDN().getName();
            //name = ", CN=superadmin, OU=1, O=tikal, L=hertslia, ST=center, C=il"
            //we need word "superadmin"
        return userId;

     interesting (for me) things start here.  
     3.push userId into requests inputStream.
     3.1. create requestWrapper:
     static class InputStreamModifiedRequestWrapper extends HttpServletRequestWrapper {

        private ServletInputStream modifiedInputStream;

        /** Constructor. */
        public InputStreamModifiedRequestWrapper(HttpServletRequest request) throws IOException {


        public ServletInputStream getInputStream() {
            return modifiedInputStream;

        public void setInputStream(ServletInputStream inputStream) {
            this.modifiedInputStream = inputStream;


    in our case only inputStream can be changed, but in this way all requests content can be modified (!)
    3.1. create our own class for inputStream that extends ServetInputStream and take byte[] as
         constructors argument:
         static class ServletByteArrayInputStream extends ServletInputStream {

        protected byte buf[];
        protected int pos;
        protected int mark = 0;
        protected int count;

        public ServletByteArrayInputStream(byte buf[]) {
            this.buf = buf;
            this.pos = 0;
            this.count = buf.length;

    3.3. finally our doFilter method looks something like:
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
            ServletException {
        String content = null;
        String modifiedContent = null;
        try {
                //get string from requests inputStream
            content = slurp(request.getInputStream());
            modifiedContent = modify(new StringBuffer(content));
        } catch (Exception e) {

        byte[] bytes = modifiedContent.getBytes();
        ServletByteArrayInputStream byteArrayInputStream = new ServletByteArrayInputStream(bytes);
        InputStreamModifiedRequestWrapper requestWrapper = new InputStreamModifiedRequestWrapper((HttpServletRequest) request);

        chain.doFilter(requestWrapper, response);
    String modify(StringBuffer contentBuffer){
        String userId = getAdminIdFromCertificate();
        //insert userId to contentBuffer
        return contentBuffer.toString();

    thats all, everyone is happy.