Mercurial > dive4elements > river

comparison gwt-client/src/main/java/org/dive4elements/river/client/server/filter/GGInAFilter.java @ 6978:3bff11208d3d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix for Browser and server running both on localhost. Previously all requests from localhost where accepted w/o auth. Now they are only accepted when a HTTP header X_NO_GGINA_AUTH=TRUE is send, too. This is ddone when printing maps.
author Sascha L. Teichmann <teichmann@intevation.de>
date Mon, 09 Sep 2013 18:22:47 +0200
parents 389bf6b7d371
children 238fc722f87a
comparison
equal deleted inserted replaced
6977:e1010a0f0b05 6978:3bff11208d3d
98 98
99 logger.debug("Request for: " + requesturi); 99 logger.debug("Request for: " + requesturi);
100 100
101 // Allow access to localhost 101 // Allow access to localhost
102 if (isLocalAddress(req)) { 102 if (isLocalAddress(req)) {
103 logger.debug("Request to localhost"); 103 String noAuth = sreq.getHeader("X_NO_GGINA_AUTH");
104 chain.doFilter(req, resp); 104 if (noAuth != null && noAuth.equals("TRUE")) {
105 return; 105 logger.debug("Request to localhost");
106 chain.doFilter(req, resp);
107 return;
108 }
106 } 109 }
107 110
108 // Allow access to login pages 111 // Allow access to login pages
109 String path = this.sc.getContextPath(); 112 String path = this.sc.getContextPath();
110 if (requesturi.equals(path + LOGIN_JSP) 113 if (requesturi.equals(path + LOGIN_JSP)
http://dive4elements.wald.intevation.org