Mercurial > dive4elements > river
comparison gwt-client/src/main/java/org/dive4elements/river/client/server/filter/GGInAFilter.java @ 6978:3bff11208d3d
Fix for Browser and server running both on localhost. Previously all requests from localhost where accepted w/o auth. Now they are only accepted when a HTTP header X_NO_GGINA_AUTH=TRUE is send, too. This is ddone when printing maps.
author | Sascha L. Teichmann <teichmann@intevation.de> |
---|---|
date | Mon, 09 Sep 2013 18:22:47 +0200 |
parents | 389bf6b7d371 |
children | 238fc722f87a |
comparison
equal
deleted
inserted
replaced
6977:e1010a0f0b05 | 6978:3bff11208d3d |
---|---|
98 | 98 |
99 logger.debug("Request for: " + requesturi); | 99 logger.debug("Request for: " + requesturi); |
100 | 100 |
101 // Allow access to localhost | 101 // Allow access to localhost |
102 if (isLocalAddress(req)) { | 102 if (isLocalAddress(req)) { |
103 logger.debug("Request to localhost"); | 103 String noAuth = sreq.getHeader("X_NO_GGINA_AUTH"); |
104 chain.doFilter(req, resp); | 104 if (noAuth != null && noAuth.equals("TRUE")) { |
105 return; | 105 logger.debug("Request to localhost"); |
106 chain.doFilter(req, resp); | |
107 return; | |
108 } | |
106 } | 109 } |
107 | 110 |
108 // Allow access to login pages | 111 // Allow access to login pages |
109 String path = this.sc.getContextPath(); | 112 String path = this.sc.getContextPath(); |
110 if (requesturi.equals(path + LOGIN_JSP) | 113 if (requesturi.equals(path + LOGIN_JSP) |