Mercurial > dive4elements > river
comparison flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java @ 4194:17fe00c09b7c
Don't redirect to request uri
If a url is requested which isn't the FLYS start page (FLYS.html) the user had
been redirected to this page after successfull authentication. This caused wrong
redirects after a authentication is expired and if the browser preloads e.g. the
CSS file. Therefore allow to set a redirect url in the web.xml config to always
redirect the user to the correct page after successfull authentication.
Fix for flys/issue970 (Zugangsfehler FLYS 2.9.3)
author | Björn Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Mon, 22 Oct 2012 09:51:12 +0200 |
parents | a4c9296f6efa |
children | 93b53eaee401 |
comparison
equal
deleted
inserted
replaced
4193:f63b39799d2d | 4194:17fe00c09b7c |
---|---|
30 /** Private logger. */ | 30 /** Private logger. */ |
31 private static Logger logger = Logger.getLogger(GGInAFilter.class); | 31 private static Logger logger = Logger.getLogger(GGInAFilter.class); |
32 | 32 |
33 private boolean deactivate = false; | 33 private boolean deactivate = false; |
34 private String authmethod; | 34 private String authmethod; |
35 private String redirecturl; | |
35 private ServletContext sc; | 36 private ServletContext sc; |
36 | 37 |
37 public static final String LOGIN_JSP = "/login.jsp"; | 38 public static final String LOGIN_JSP = "/login.jsp"; |
38 public static final String LOGIN_SERVLET = "/flys/login"; | 39 public static final String LOGIN_SERVLET = "/flys/login"; |
39 public static final String FLYS_CSS = "/FLYS.css"; | 40 public static final String FLYS_CSS = "/FLYS.css"; |
50 { | 51 { |
51 String deactivate = config.getInitParameter("deactivate"); | 52 String deactivate = config.getInitParameter("deactivate"); |
52 this.sc = config.getServletContext(); | 53 this.sc = config.getServletContext(); |
53 logger.debug("GGInAFilter context " + this.sc.getContextPath()); | 54 logger.debug("GGInAFilter context " + this.sc.getContextPath()); |
54 this.authmethod = sc.getInitParameter("authentication"); | 55 this.authmethod = sc.getInitParameter("authentication"); |
56 this.redirecturl = sc.getInitParameter("redirect-url"); | |
55 if (deactivate != null && deactivate.equalsIgnoreCase("true")) { | 57 if (deactivate != null && deactivate.equalsIgnoreCase("true")) { |
56 this.deactivate = true; | 58 this.deactivate = true; |
57 } | 59 } |
58 | 60 |
59 } | 61 } |
95 return; | 97 return; |
96 } | 98 } |
97 | 99 |
98 HttpSession session = sreq.getSession(); | 100 HttpSession session = sreq.getSession(); |
99 | 101 |
100 String uri = requesturi; | 102 String uri = "/" + this.redirecturl; |
103 | |
101 if (sreq.getQueryString() != null) { | 104 if (sreq.getQueryString() != null) { |
102 uri = uri + "?" + sreq.getQueryString(); | 105 uri = uri + "?" + sreq.getQueryString(); |
103 } | 106 } |
104 session.setAttribute("requesturi", uri); | 107 session.setAttribute("requesturi", uri); |
105 | 108 |