Mercurial > dive4elements > river
comparison gwt-client/src/main/java/org/dive4elements/river/client/server/filter/GGInAFilter.java @ 8505:b1580e4d342a
(issue1777) Add options to change login redirect and disable login
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Tue, 16 Dec 2014 14:16:10 +0100 |
parents | 238fc722f87a |
children | 5e38e2924c07 |
comparison
equal
deleted
inserted
replaced
8504:a3bc62722239 | 8505:b1580e4d342a |
---|---|
38 | 38 |
39 /** Private log. */ | 39 /** Private log. */ |
40 private static Logger log = Logger.getLogger(GGInAFilter.class); | 40 private static Logger log = Logger.getLogger(GGInAFilter.class); |
41 | 41 |
42 private boolean deactivate = false; | 42 private boolean deactivate = false; |
43 private boolean loginDisabled = false; | |
43 private String authmethod; | 44 private String authmethod; |
44 private String redirecturl; | 45 private String redirecturl; |
46 private String noAuthRedir; | |
45 private ServletContext sc; | 47 private ServletContext sc; |
46 | 48 |
47 private static final String LOGIN_JSP = "/login.jsp"; | 49 private static final String LOGIN_JSP = "/login.jsp"; |
48 private static final String LOGIN_SERVLET = "/flys/login"; | 50 private static final String LOGIN_SERVLET = "/flys/login"; |
49 private static final String SAML_SERVLET = "/flys/saml"; | 51 private static final String SAML_SERVLET = "/flys/saml"; |
62 String deactivate = config.getInitParameter("deactivate"); | 64 String deactivate = config.getInitParameter("deactivate"); |
63 this.sc = config.getServletContext(); | 65 this.sc = config.getServletContext(); |
64 log.debug("GGInAFilter context " + this.sc.getContextPath()); | 66 log.debug("GGInAFilter context " + this.sc.getContextPath()); |
65 this.authmethod = sc.getInitParameter("authentication"); | 67 this.authmethod = sc.getInitParameter("authentication"); |
66 this.redirecturl = sc.getInitParameter("redirect-url"); | 68 this.redirecturl = sc.getInitParameter("redirect-url"); |
69 | |
70 noAuthRedir = sc.getInitParameter("unauth-redirect-url"); | |
71 if (noAuthRedir == null) { | |
72 noAuthRedir = LOGIN_JSP; | |
73 } | |
74 | |
75 String disableLogin = sc.getInitParameter("disable-login"); | |
76 if (disableLogin != null && disableLogin.equalsIgnoreCase("true")) { | |
77 loginDisabled = true; | |
78 } | |
79 | |
67 if (deactivate != null && deactivate.equalsIgnoreCase("true")) { | 80 if (deactivate != null && deactivate.equalsIgnoreCase("true")) { |
68 this.deactivate = true; | 81 this.deactivate = true; |
69 } | 82 } |
70 | 83 |
71 } | 84 } |
113 if (requesturi.equals(path + LOGIN_JSP) | 126 if (requesturi.equals(path + LOGIN_JSP) |
114 || requesturi.equals(path + LOGIN_SERVLET) | 127 || requesturi.equals(path + LOGIN_SERVLET) |
115 || requesturi.equals(path + SAML_SERVLET) | 128 || requesturi.equals(path + SAML_SERVLET) |
116 || requesturi.equals(path + FLYS_CSS)) { | 129 || requesturi.equals(path + FLYS_CSS)) { |
117 log.debug("Request for login " + requesturi); | 130 log.debug("Request for login " + requesturi); |
131 if (loginDisabled && requesturi.equals(path + LOGIN_JSP)) { | |
132 log.debug("Login disabled. Redirecting."); | |
133 if (noAuthRedir.equals(LOGIN_JSP) || noAuthRedir.equals(path + LOGIN_JSP)) { | |
134 handleResponse(resp, false); /* Dont redirect to the same page */ | |
135 } else { | |
136 handleResponse(resp, true); | |
137 } | |
138 return; | |
139 } | |
118 chain.doFilter(req, resp); | 140 chain.doFilter(req, resp); |
119 return; | 141 return; |
120 } | 142 } |
121 | 143 |
122 boolean redirect = false; | 144 boolean redirect = false; |
164 chain.doFilter(req, resp); | 186 chain.doFilter(req, resp); |
165 return; | 187 return; |
166 } | 188 } |
167 | 189 |
168 private void redirect(ServletResponse resp) throws IOException { | 190 private void redirect(ServletResponse resp) throws IOException { |
169 log.debug("Redirect to login"); | 191 if (noAuthRedir.startsWith("http")) { |
170 ((HttpServletResponse) resp).sendRedirect(this.sc.getContextPath() + | 192 log.debug("Redirect to external page: " + noAuthRedir); |
171 "/login.jsp"); | 193 ((HttpServletResponse) resp).sendRedirect(noAuthRedir); |
194 } else { | |
195 log.debug("Redirect to: " + noAuthRedir); | |
196 ((HttpServletResponse) resp).sendRedirect(this.sc.getContextPath() + | |
197 noAuthRedir); | |
198 | |
199 } | |
172 } | 200 } |
173 | 201 |
174 private void sendNotAuthenticated(ServletResponse resp) throws IOException { | 202 private void sendNotAuthenticated(ServletResponse resp) throws IOException { |
175 log.debug("Send not authenticated"); | 203 log.debug("Send not authenticated"); |
176 ((HttpServletResponse)resp).sendError(HttpServletResponse.SC_FORBIDDEN, "User not authenticated"); | 204 ((HttpServletResponse)resp).sendError(HttpServletResponse.SC_FORBIDDEN, "User not authenticated"); |