Mercurial > dive4elements > river
comparison flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java @ 4549:9a2432485371
Allow requests from localhost in GGInA filter
Fix print-server and possible other services by allowing request from out
current machine.
author | Björn Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Fri, 16 Nov 2012 11:56:43 +0100 |
parents | 9fca4d60fb7c |
children | 83a42e6a562d |
comparison
equal
deleted
inserted
replaced
4548:105dd4cc33a6 | 4549:9a2432485371 |
---|---|
5 import de.intevation.flys.client.server.auth.AuthenticationFactory; | 5 import de.intevation.flys.client.server.auth.AuthenticationFactory; |
6 import de.intevation.flys.client.server.auth.User; | 6 import de.intevation.flys.client.server.auth.User; |
7 import de.intevation.flys.client.server.features.Features; | 7 import de.intevation.flys.client.server.features.Features; |
8 | 8 |
9 import java.io.IOException; | 9 import java.io.IOException; |
10 import java.net.InetAddress; | |
11 import java.net.UnknownHostException; | |
10 import java.util.Enumeration; | 12 import java.util.Enumeration; |
11 | 13 |
12 import javax.servlet.Filter; | 14 import javax.servlet.Filter; |
13 import javax.servlet.FilterChain; | 15 import javax.servlet.FilterChain; |
14 import javax.servlet.FilterConfig; | 16 import javax.servlet.FilterConfig; |
32 private boolean deactivate = false; | 34 private boolean deactivate = false; |
33 private String authmethod; | 35 private String authmethod; |
34 private String redirecturl; | 36 private String redirecturl; |
35 private ServletContext sc; | 37 private ServletContext sc; |
36 | 38 |
37 public static final String LOGIN_JSP = "/login.jsp"; | 39 private static final String LOGIN_JSP = "/login.jsp"; |
38 public static final String LOGIN_SERVLET = "/flys/login"; | 40 private static final String LOGIN_SERVLET = "/flys/login"; |
39 public static final String FLYS_CSS = "/FLYS.css"; | 41 private static final String FLYS_CSS = "/FLYS.css"; |
40 public static final String MAP_PRINT = "/flys/map-print"; | |
41 public static final String MAPFISH_PRINT = "/flys/mapfish-print/print.pdf"; | |
42 | 42 |
43 | 43 |
44 /** | 44 /** |
45 * Initialize. | 45 * Initialize. |
46 * | 46 * |
85 logger.debug(e.nextElement()); | 85 logger.debug(e.nextElement()); |
86 } | 86 } |
87 | 87 |
88 logger.debug("Request for: " + requesturi); | 88 logger.debug("Request for: " + requesturi); |
89 | 89 |
90 // Allow acces to localhost | |
91 if (isLocalAddress(req)) { | |
92 logger.debug("Request to localhost"); | |
93 chain.doFilter(req, resp); | |
94 return; | |
95 } | |
96 | |
90 // Allow access to login pages | 97 // Allow access to login pages |
91 // TODO Maybe replace with Filter <url-pattern> | |
92 String path = this.sc.getContextPath(); | 98 String path = this.sc.getContextPath(); |
93 if (requesturi.equals(path + LOGIN_JSP) | 99 if (requesturi.equals(path + LOGIN_JSP) |
94 || requesturi.equals(path + LOGIN_SERVLET) | 100 || requesturi.equals(path + LOGIN_SERVLET) |
95 || requesturi.equals(path + FLYS_CSS) | 101 || requesturi.equals(path + FLYS_CSS)) { |
96 || requesturi.equals(path + MAP_PRINT) | |
97 || requesturi.equals(path + MAPFISH_PRINT)) { | |
98 logger.debug("Request for login " + requesturi); | 102 logger.debug("Request for login " + requesturi); |
99 chain.doFilter(req, resp); | 103 chain.doFilter(req, resp); |
100 return; | 104 return; |
101 } | 105 } |
102 | 106 |
176 throws AuthenticationException, IOException { | 180 throws AuthenticationException, IOException { |
177 Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); | 181 Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); |
178 return AuthenticationFactory.getInstance(this.authmethod).auth( | 182 return AuthenticationFactory.getInstance(this.authmethod).auth( |
179 user.getName(), user.getPassword(), encoding, features); | 183 user.getName(), user.getPassword(), encoding, features); |
180 } | 184 } |
185 | |
186 /** | |
187 * Returns true if the request is from our machine | |
188 * @param req The ServletRequest | |
189 * @return true if the request is from a loopback interface or from one of | |
190 * the interface addresses of the machine | |
191 */ | |
192 private boolean isLocalAddress(ServletRequest req) { | |
193 try { | |
194 InetAddress addr = InetAddress.getByName(req.getRemoteAddr()); | |
195 return addr.isAnyLocalAddress() || addr.isLoopbackAddress(); | |
196 } catch (UnknownHostException e) { | |
197 logger.error(e, e); | |
198 return false; | |
199 } | |
200 } | |
181 } | 201 } |
182 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : | 202 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : |