Mercurial > dive4elements > river

diff flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java @ 4424:6ef48927df38

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Remove authentication from MapPrintServiceImpl. Printing maps was broken because the called service required user authentication. The /flys/mapfish-print/print.pdf URI is now whitelisted in GGInAFilter. TODO: Support user authentication in MapPrintServiceImpl.
author Christian Lins <christian.lins@intevation.de>
date Tue, 06 Nov 2012 14:50:26 +0100
parents 687b7a6f09aa
children
line wrap: on
line diff
--- a/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java	Tue Nov 06 13:39:00 2012 +0100
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java	Tue Nov 06 14:50:26 2012 +0100
@@ -1,5 +1,11 @@
 package de.intevation.flys.client.server.filter;
 
+import de.intevation.flys.client.server.auth.Authentication;
+import de.intevation.flys.client.server.auth.AuthenticationException;
+import de.intevation.flys.client.server.auth.AuthenticationFactory;
+import de.intevation.flys.client.server.auth.User;
+import de.intevation.flys.client.server.features.Features;
+
 import java.io.IOException;
 import java.util.Enumeration;
 
@@ -10,19 +16,12 @@
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
 
-import de.intevation.flys.client.server.auth.Authentication;
-import de.intevation.flys.client.server.auth.AuthenticationException;
-import de.intevation.flys.client.server.auth.AuthenticationFactory;
-import de.intevation.flys.client.server.auth.User;
-import de.intevation.flys.client.server.features.Features;
-
 
 /** ServletFilter used for GGInA authentification and certain authorisation. */
 public class GGInAFilter implements Filter {
@@ -38,6 +37,8 @@
     public static final String LOGIN_JSP     = "/login.jsp";
     public static final String LOGIN_SERVLET = "/flys/login";
     public static final String FLYS_CSS      = "/FLYS.css";
+    public static final String MAP_PRINT     = "/flys/map-print";
+    public static final String MAPFISH_PRINT = "/flys/mapfish-print/print.pdf";
 
 
     /**
@@ -89,9 +90,11 @@
         // Allow access to login pages
         // TODO Maybe replace with Filter <url-pattern>
         String path = this.sc.getContextPath();
-        if (requesturi.equals(path + "/login.jsp") ||
-                requesturi.equals(path + "/flys/login")
-                || requesturi.equals(path + "/FLYS.css")) {
+        if (requesturi.equals(path + LOGIN_JSP)
+                || requesturi.equals(path + LOGIN_SERVLET)
+                || requesturi.equals(path + FLYS_CSS)
+                || requesturi.equals(path + MAP_PRINT)
+                || requesturi.equals(path + MAPFISH_PRINT)) {
             logger.debug("Request for login " + requesturi);
             chain.doFilter(req, resp);
             return;
http://dive4elements.wald.intevation.org