Mercurial > dive4elements > river
view flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java @ 4284:7a94d5e7fc3d
Write the "hidden" attribute of a style into the collection's attribute when using the theme editor.
Otherwise, the next time using the theme editor, the hidden attributes that should not be changed
by the user are visible.
| author | Ingo Weinzierl <ingo.weinzierl@intevation.de> |
|---|---|
| date | Mon, 29 Oct 2012 07:18:42 +0100 |
| parents | fcdc0d2fdf8f |
| children | e96f2a6e4c3e |
line wrap: on
line source
package de.intevation.flys.client.server; import java.io.IOException; import java.util.Enumeration; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; import de.intevation.flys.client.server.auth.Authentication; import de.intevation.flys.client.server.auth.AuthenticationException; import de.intevation.flys.client.server.auth.AuthenticationFactory; import de.intevation.flys.client.server.auth.User; import de.intevation.flys.client.server.features.Features; /** ServletFilter used for GGInA authentification and certain authorisation. */ public class GGInAFilter implements Filter { /** Private logger. */ private static Logger logger = Logger.getLogger(GGInAFilter.class); private boolean deactivate = false; private String authmethod; private String redirecturl; private ServletContext sc; public static final String LOGIN_JSP = "/login.jsp"; public static final String LOGIN_SERVLET = "/flys/login"; public static final String FLYS_CSS = "/FLYS.css"; /** * Initialize. * * Read FilterConfig parameter deactivate */ @Override public void init(FilterConfig config) throws ServletException { String deactivate = config.getInitParameter("deactivate"); this.sc = config.getServletContext(); logger.debug("GGInAFilter context " + this.sc.getContextPath()); this.authmethod = sc.getInitParameter("authentication"); this.redirecturl = sc.getInitParameter("redirect-url"); if (deactivate != null && deactivate.equalsIgnoreCase("true")) { this.deactivate = true; } } /** * Called when filter in chain invoked. * @param req request to servlet * @param resp response of servlet * @param chain the filter chain */ @Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { if (this.deactivate) { logger.debug("GGinAFilter is deactivated"); chain.doFilter(req, resp); return; } HttpServletRequest sreq = (HttpServletRequest) req; String requesturi = sreq.getRequestURI(); for (Enumeration e = req.getAttributeNames() ; e.hasMoreElements() ;) { logger.debug(e.nextElement()); } logger.debug("Request for: " + requesturi); // Allow access to login pages // TODO Maybe replace with Filter <url-pattern> String path = this.sc.getContextPath(); if (requesturi.equals(path + "/login.jsp") || requesturi.equals(path + "/flys/login") || requesturi.equals(path + "/FLYS.css")) { logger.debug("Request for login " + requesturi); chain.doFilter(req, resp); return; } boolean redirect = false; HttpSession session = sreq.getSession(); String uri = path + "/" + this.redirecturl; /* Redirect if uri is root or redirecturl */ if (requesturi.equals(uri) || requesturi.equals(path + "/")) { redirect = true; } if (sreq.getQueryString() != null) { uri = uri + "?" + sreq.getQueryString(); } session.setAttribute("requesturi", uri); User user = (User)session.getAttribute("user"); if (user == null) { logger.debug("No user in session: " + requesturi); this.handleResponse(resp, redirect); return; } if (user.hasExpired()) { // try to re-authenticate the user logger.debug("User ticket has expired: " + requesturi); String encoding = sreq.getCharacterEncoding(); try { Authentication auth = this.auth(user, encoding); if (auth == null || !auth.isSuccess()) { logger.debug("Re-athentication not successful"); this.handleResponse(resp, redirect); } } catch(AuthenticationException e) { logger.error("Failure during re-authentication", e); this.handleResponse(resp, redirect); return; } } logger.debug("GGInAFilter.doFilter"); chain.doFilter(req, resp); return; } private void redirect(ServletResponse resp) throws IOException { logger.debug("Redirect to login"); ((HttpServletResponse) resp).sendRedirect(this.sc.getContextPath() + "/login.jsp"); } private void sendNotAuthenticated(ServletResponse resp) throws IOException { logger.debug("Send not authenticated"); ((HttpServletResponse)resp).sendError(HttpServletResponse.SC_FORBIDDEN, "User not authenticated"); } private void handleResponse(ServletResponse resp, boolean redirect) throws IOException { if (redirect) { this.redirect(resp); } else { this.sendNotAuthenticated(resp); } } /** * Do nothing at destruction. */ @Override public void destroy() { } private Authentication auth(User user, String encoding) throws AuthenticationException, IOException { Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); return AuthenticationFactory.getInstance(this.authmethod).auth( user.getName(), user.getPassword(), encoding, features); } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :