Mercurial > dive4elements > river
view flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java @ 2955:f1030909eeb6
Check filter config in web.xml for String false to deactivate the GGInAFilter instead of "1".
flys-client/trunk@4935 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author | Bjoern Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Wed, 11 Jul 2012 12:34:26 +0000 |
parents | 3cacd42a0336 |
children | d7f76f197d89 |
line wrap: on
line source
package de.intevation.flys.client.server; import java.io.IOException; import java.io.InputStream; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; import de.intevation.flys.client.server.was.User; /** ServletFilter used for GGInA authentification and certain authorisation. */ public class GGInAFilter implements Filter { /** Private logger. */ private static Logger logger = Logger.getLogger(GGInAFilter.class); private boolean deactivate = false; /** * Initialize. * * Read FilterConfig parameter deactivate */ @Override public void init(FilterConfig config) throws ServletException { String deactivate = config.getInitParameter("deactivate"); if (deactivate != null && deactivate.equalsIgnoreCase("true")) { this.deactivate = true; } } /** * Called when filter in chain invoked. * @param req request to servlet * @param resp response of servlet * @param chain the filter chain */ @Override public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { if (this.deactivate) { logger.debug("GGinAFilter is deactivated"); chain.doFilter(req, resp); return; } HttpServletRequest sreq = (HttpServletRequest) req; String requesturi = sreq.getRequestURI(); logger.debug("Request for: " + requesturi); // Allow access to login pages // TODO Maybe replace with Filter <url-pattern> if (requesturi.equals("/login.jsp") || requesturi.equals("/flys/login") || requesturi.equals("/FLYS.css")) { logger.debug("Request for login " + requesturi); chain.doFilter(req, resp); return; } HttpSession session = sreq.getSession(); String uri = requesturi; if (sreq.getQueryString() != null) { uri = uri + "?" + sreq.getQueryString(); } session.setAttribute("requesturi", uri); User user = (User)session.getAttribute("user"); if (user == null) { logger.debug("No user in session: " + requesturi); this.redirect(resp); return; } if (user.hasExpired()) { logger.debug("User ticket has expired: " + requesturi); this.redirect(resp); return; } logger.debug("GGInAFilter.doFilter"); chain.doFilter(req, resp); return; } private void redirect(ServletResponse resp) throws IOException { logger.debug("Redirect to login"); ((HttpServletResponse) resp).sendRedirect("/login.jsp"); } /** * Do nothing at destruction. */ @Override public void destroy() { } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :