Mercurial > dive4elements > river
comparison flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java @ 2952:3cacd42a0336
Filter all requests to FLYS
If a user is not authenticated redirect him to the login.jsp.
The GGinAFilter can be deactivated via the web.xml file.
flys-client/trunk@4931 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author | Bjoern Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Wed, 11 Jul 2012 10:57:24 +0000 |
parents | 6e4e4b96ca6c |
children | f1030909eeb6 |
comparison
equal
deleted
inserted
replaced
2951:20ae06d2eeff | 2952:3cacd42a0336 |
---|---|
1 package de.intevation.flys.client.server; | 1 package de.intevation.flys.client.server; |
2 | 2 |
3 import java.io.IOException; | 3 import java.io.IOException; |
4 import java.io.InputStream; | |
4 | 5 |
5 import javax.servlet.Filter; | 6 import javax.servlet.Filter; |
6 import javax.servlet.FilterChain; | 7 import javax.servlet.FilterChain; |
7 import javax.servlet.FilterConfig; | 8 import javax.servlet.FilterConfig; |
8 import javax.servlet.ServletException; | 9 import javax.servlet.ServletException; |
9 import javax.servlet.ServletRequest; | 10 import javax.servlet.ServletRequest; |
10 import javax.servlet.ServletResponse; | 11 import javax.servlet.ServletResponse; |
11 | 12 |
12 /* | |
13 import javax.servlet.http.HttpServlet; | |
14 import javax.servlet.http.HttpServletRequest; | 13 import javax.servlet.http.HttpServletRequest; |
15 import javax.servlet.http.HttpServletResponse; | 14 import javax.servlet.http.HttpServletResponse; |
16 */ | 15 import javax.servlet.http.HttpSession; |
17 | 16 |
18 import org.apache.log4j.Logger; | 17 import org.apache.log4j.Logger; |
18 | |
19 import de.intevation.flys.client.server.was.User; | |
19 | 20 |
20 | 21 |
21 /** ServletFilter used for GGInA authentification and certain authorisation. */ | 22 /** ServletFilter used for GGInA authentification and certain authorisation. */ |
22 public class GGInAFilter implements Filter { | 23 public class GGInAFilter implements Filter { |
23 | 24 |
24 /** Private logger. */ | 25 /** Private logger. */ |
25 private static Logger logger = Logger.getLogger(GGInAFilter.class); | 26 private static Logger logger = Logger.getLogger(GGInAFilter.class); |
26 | 27 |
27 public static final String LOG4J_PROPERTIES = "FLYS_CLIENT_LOG4J_PROPERIES"; | 28 private boolean deactivate = false; |
28 | 29 |
29 | 30 |
30 /** | 31 /** |
31 * Initialize. | 32 * Initialize. |
33 * | |
34 * Read FilterConfig parameter deactivate | |
32 */ | 35 */ |
33 @Override | 36 @Override |
34 public void init(FilterConfig config) | 37 public void init(FilterConfig config) |
35 throws ServletException | 38 throws ServletException |
36 { | 39 { |
37 System.out.println("GGInAFilter.init"); | 40 String deactivate = config.getInitParameter("deactivate"); |
41 if (deactivate != null && deactivate.equals("1")) { | |
42 this.deactivate = true; | |
43 } | |
44 | |
38 } | 45 } |
39 | 46 |
40 | 47 |
41 /** | 48 /** |
42 * Called when filter in chain invoked. | 49 * Called when filter in chain invoked. |
46 */ | 53 */ |
47 @Override | 54 @Override |
48 public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) | 55 public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) |
49 throws IOException, ServletException | 56 throws IOException, ServletException |
50 { | 57 { |
51 /* | 58 if (this.deactivate) { |
52 String userAgent = ((HttpServletRequest) req).getHeader("User-Agent"); | 59 logger.debug("GGinAFilter is deactivated"); |
53 // Redirect | 60 chain.doFilter(req, resp); |
54 ((HttpServletResponse) resp).sendRedirect(this.geh,gina); | 61 return; |
55 */ | 62 } |
56 System.out.println("GGInAFilter.doFilter"); | 63 |
64 HttpServletRequest sreq = (HttpServletRequest) req; | |
65 | |
66 String requesturi = sreq.getRequestURI(); | |
67 | |
68 logger.debug("Request for: " + requesturi); | |
69 | |
70 // Allow access to login pages | |
71 // TODO Maybe replace with Filter <url-pattern> | |
72 if (requesturi.equals("/login.jsp") || requesturi.equals("/flys/login") | |
73 || requesturi.equals("/FLYS.css")) { | |
74 logger.debug("Request for login " + requesturi); | |
75 chain.doFilter(req, resp); | |
76 return; | |
77 } | |
78 | |
79 HttpSession session = sreq.getSession(); | |
80 | |
81 String uri = requesturi; | |
82 if (sreq.getQueryString() != null) { | |
83 uri = uri + "?" + sreq.getQueryString(); | |
84 } | |
85 session.setAttribute("requesturi", uri); | |
86 | |
87 User user = (User)session.getAttribute("user"); | |
88 if (user == null) { | |
89 logger.debug("No user in session: " + requesturi); | |
90 this.redirect(resp); | |
91 return; | |
92 } | |
93 if (user.hasExpired()) { | |
94 logger.debug("User ticket has expired: " + requesturi); | |
95 this.redirect(resp); | |
96 return; | |
97 } | |
98 | |
57 logger.debug("GGInAFilter.doFilter"); | 99 logger.debug("GGInAFilter.doFilter"); |
58 chain.doFilter(req, resp); | 100 chain.doFilter(req, resp); |
59 return; | 101 return; |
102 } | |
103 | |
104 private void redirect(ServletResponse resp) throws IOException { | |
105 logger.debug("Redirect to login"); | |
106 ((HttpServletResponse) resp).sendRedirect("/login.jsp"); | |
60 } | 107 } |
61 | 108 |
62 | 109 |
63 /** | 110 /** |
64 * Do nothing at destruction. | 111 * Do nothing at destruction. |