# HG changeset patch # User Bjoern Ricks # Date 1342004244 0 # Node ID 3cacd42a0336c43c7cd7c8dc3fef077501bdf7c4 # Parent 20ae06d2eeffb823b7421cf6af29b88085458d6c Filter all requests to FLYS If a user is not authenticated redirect him to the login.jsp. The GGinAFilter can be deactivated via the web.xml file. flys-client/trunk@4931 c6561f87-3c4e-4783-a992-168aeb5c3f6f diff -r 20ae06d2eeff -r 3cacd42a0336 flys-client/ChangeLog --- a/flys-client/ChangeLog Wed Jul 11 10:38:11 2012 +0000 +++ b/flys-client/ChangeLog Wed Jul 11 10:57:24 2012 +0000 @@ -1,3 +1,8 @@ +2012-07-11 Björn Ricks + + * src/main/java/de/intevation/flys/client/server/GGInAFilter.java: + Redirect a user to the login page if he isn't authenticated. + 2012-07-11 Björn Ricks * src/main/java/de/intevation/flys/client/server/LoginServlet.java, diff -r 20ae06d2eeff -r 3cacd42a0336 flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java --- a/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java Wed Jul 11 10:38:11 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java Wed Jul 11 10:57:24 2012 +0000 @@ -1,6 +1,7 @@ package de.intevation.flys.client.server; import java.io.IOException; +import java.io.InputStream; import javax.servlet.Filter; import javax.servlet.FilterChain; @@ -9,14 +10,14 @@ import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; -/* -import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -*/ +import javax.servlet.http.HttpSession; import org.apache.log4j.Logger; +import de.intevation.flys.client.server.was.User; + /** ServletFilter used for GGInA authentification and certain authorisation. */ public class GGInAFilter implements Filter { @@ -24,17 +25,23 @@ /** Private logger. */ private static Logger logger = Logger.getLogger(GGInAFilter.class); - public static final String LOG4J_PROPERTIES = "FLYS_CLIENT_LOG4J_PROPERIES"; + private boolean deactivate = false; /** * Initialize. + * + * Read FilterConfig parameter deactivate */ @Override public void init(FilterConfig config) throws ServletException { - System.out.println("GGInAFilter.init"); + String deactivate = config.getInitParameter("deactivate"); + if (deactivate != null && deactivate.equals("1")) { + this.deactivate = true; + } + } @@ -48,17 +55,57 @@ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { - /* - String userAgent = ((HttpServletRequest) req).getHeader("User-Agent"); - // Redirect - ((HttpServletResponse) resp).sendRedirect(this.geh,gina); - */ - System.out.println("GGInAFilter.doFilter"); + if (this.deactivate) { + logger.debug("GGinAFilter is deactivated"); + chain.doFilter(req, resp); + return; + } + + HttpServletRequest sreq = (HttpServletRequest) req; + + String requesturi = sreq.getRequestURI(); + + logger.debug("Request for: " + requesturi); + + // Allow access to login pages + // TODO Maybe replace with Filter + if (requesturi.equals("/login.jsp") || requesturi.equals("/flys/login") + || requesturi.equals("/FLYS.css")) { + logger.debug("Request for login " + requesturi); + chain.doFilter(req, resp); + return; + } + + HttpSession session = sreq.getSession(); + + String uri = requesturi; + if (sreq.getQueryString() != null) { + uri = uri + "?" + sreq.getQueryString(); + } + session.setAttribute("requesturi", uri); + + User user = (User)session.getAttribute("user"); + if (user == null) { + logger.debug("No user in session: " + requesturi); + this.redirect(resp); + return; + } + if (user.hasExpired()) { + logger.debug("User ticket has expired: " + requesturi); + this.redirect(resp); + return; + } + logger.debug("GGInAFilter.doFilter"); chain.doFilter(req, resp); return; } + private void redirect(ServletResponse resp) throws IOException { + logger.debug("Redirect to login"); + ((HttpServletResponse) resp).sendRedirect("/login.jsp"); + } + /** * Do nothing at destruction.