Mercurial > dive4elements > river
comparison flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java @ 2974:8255247da645
Implement re-authentication if the user (ticket) has expired.
Every "ticket" in GGInA has an end date. Therefore send a new
authentication request if the current date is after the end date.
flys-client/trunk@4970 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author | Bjoern Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Fri, 13 Jul 2012 07:56:10 +0000 |
parents | c12e29661e6a |
children | 71ba3cf3ec5e |
comparison
equal
deleted
inserted
replaced
2973:b732258fd546 | 2974:8255247da645 |
---|---|
13 import javax.servlet.http.HttpServletResponse; | 13 import javax.servlet.http.HttpServletResponse; |
14 import javax.servlet.http.HttpSession; | 14 import javax.servlet.http.HttpSession; |
15 | 15 |
16 import org.apache.log4j.Logger; | 16 import org.apache.log4j.Logger; |
17 | 17 |
18 import de.intevation.flys.client.server.auth.Authentication; | |
19 import de.intevation.flys.client.server.auth.AuthenticationException; | |
20 import de.intevation.flys.client.server.auth.AuthenticationFactory; | |
18 import de.intevation.flys.client.server.auth.User; | 21 import de.intevation.flys.client.server.auth.User; |
19 | 22 |
20 | 23 |
21 /** ServletFilter used for GGInA authentification and certain authorisation. */ | 24 /** ServletFilter used for GGInA authentification and certain authorisation. */ |
22 public class GGInAFilter implements Filter { | 25 public class GGInAFilter implements Filter { |
23 | 26 |
24 /** Private logger. */ | 27 /** Private logger. */ |
25 private static Logger logger = Logger.getLogger(GGInAFilter.class); | 28 private static Logger logger = Logger.getLogger(GGInAFilter.class); |
26 | 29 |
27 private boolean deactivate = false; | 30 private boolean deactivate = false; |
31 private String authmethod; | |
28 | 32 |
29 | 33 |
30 /** | 34 /** |
31 * Initialize. | 35 * Initialize. |
32 * | 36 * |
35 @Override | 39 @Override |
36 public void init(FilterConfig config) | 40 public void init(FilterConfig config) |
37 throws ServletException | 41 throws ServletException |
38 { | 42 { |
39 String deactivate = config.getInitParameter("deactivate"); | 43 String deactivate = config.getInitParameter("deactivate"); |
44 this.authmethod = config.getServletContext().getInitParameter( | |
45 "authentication"); | |
40 if (deactivate != null && deactivate.equalsIgnoreCase("true")) { | 46 if (deactivate != null && deactivate.equalsIgnoreCase("true")) { |
41 this.deactivate = true; | 47 this.deactivate = true; |
42 } | 48 } |
43 | 49 |
44 } | 50 } |
88 logger.debug("No user in session: " + requesturi); | 94 logger.debug("No user in session: " + requesturi); |
89 this.redirect(resp); | 95 this.redirect(resp); |
90 return; | 96 return; |
91 } | 97 } |
92 if (user.hasExpired()) { | 98 if (user.hasExpired()) { |
99 // try to re-authenticate the user | |
93 logger.debug("User ticket has expired: " + requesturi); | 100 logger.debug("User ticket has expired: " + requesturi); |
94 this.redirect(resp); | 101 String encoding = sreq.getCharacterEncoding(); |
95 return; | 102 try { |
103 Authentication auth = this.auth(user, encoding); | |
104 if (auth == null || !auth.isSuccess()) { | |
105 logger.debug("Re-athentication not successful"); | |
106 this.redirect(resp); | |
107 } | |
108 } | |
109 catch(AuthenticationException e) { | |
110 logger.error("Failure during re-authentication", e); | |
111 this.redirect(resp); | |
112 return; | |
113 } | |
96 } | 114 } |
97 | 115 |
98 logger.debug("GGInAFilter.doFilter"); | 116 logger.debug("GGInAFilter.doFilter"); |
99 chain.doFilter(req, resp); | 117 chain.doFilter(req, resp); |
100 return; | 118 return; |
110 * Do nothing at destruction. | 128 * Do nothing at destruction. |
111 */ | 129 */ |
112 @Override | 130 @Override |
113 public void destroy() { | 131 public void destroy() { |
114 } | 132 } |
133 | |
134 private Authentication auth(User user, String encoding) | |
135 throws AuthenticationException, IOException { | |
136 return AuthenticationFactory.getInstance(this.authmethod).auth( | |
137 user.getName(), user.getPassword(), encoding); | |
138 } | |
115 } | 139 } |
116 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : | 140 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : |