# HG changeset patch # User Björn Ricks # Date 1352205540 -3600 # Node ID 687b7a6f09aa6652b4780c179422a30813f4d174 # Parent 95ffae40c8f201c923e53aa23efe0e450fdb1d2a Move GGInAFilter and NoCacheFilter to an own package diff -r 95ffae40c8f2 -r 687b7a6f09aa flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java --- a/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java Tue Nov 06 13:32:41 2012 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,179 +0,0 @@ -package de.intevation.flys.client.server; - -import java.io.IOException; -import java.util.Enumeration; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; - -import de.intevation.flys.client.server.auth.Authentication; -import de.intevation.flys.client.server.auth.AuthenticationException; -import de.intevation.flys.client.server.auth.AuthenticationFactory; -import de.intevation.flys.client.server.auth.User; -import de.intevation.flys.client.server.features.Features; - - -/** ServletFilter used for GGInA authentification and certain authorisation. */ -public class GGInAFilter implements Filter { - - /** Private logger. */ - private static Logger logger = Logger.getLogger(GGInAFilter.class); - - private boolean deactivate = false; - private String authmethod; - private String redirecturl; - private ServletContext sc; - - public static final String LOGIN_JSP = "/login.jsp"; - public static final String LOGIN_SERVLET = "/flys/login"; - public static final String FLYS_CSS = "/FLYS.css"; - - - /** - * Initialize. - * - * Read FilterConfig parameter deactivate - */ - @Override - public void init(FilterConfig config) - throws ServletException - { - String deactivate = config.getInitParameter("deactivate"); - this.sc = config.getServletContext(); - logger.debug("GGInAFilter context " + this.sc.getContextPath()); - this.authmethod = sc.getInitParameter("authentication"); - this.redirecturl = sc.getInitParameter("redirect-url"); - if (deactivate != null && deactivate.equalsIgnoreCase("true")) { - this.deactivate = true; - } - - } - - - /** - * Called when filter in chain invoked. - * @param req request to servlet - * @param resp response of servlet - * @param chain the filter chain - */ - @Override - public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) - throws IOException, ServletException - { - if (this.deactivate) { - logger.debug("GGinAFilter is deactivated"); - chain.doFilter(req, resp); - return; - } - - HttpServletRequest sreq = (HttpServletRequest) req; - - String requesturi = sreq.getRequestURI(); - for (Enumeration e = req.getAttributeNames() ; e.hasMoreElements() ;) { - logger.debug(e.nextElement()); - } - - logger.debug("Request for: " + requesturi); - - // Allow access to login pages - // TODO Maybe replace with Filter - String path = this.sc.getContextPath(); - if (requesturi.equals(path + "/login.jsp") || - requesturi.equals(path + "/flys/login") - || requesturi.equals(path + "/FLYS.css")) { - logger.debug("Request for login " + requesturi); - chain.doFilter(req, resp); - return; - } - - boolean redirect = false; - - HttpSession session = sreq.getSession(); - - String uri = path + "/" + this.redirecturl; - - /* Redirect if uri is root or redirecturl */ - if (requesturi.equals(uri) || requesturi.equals(path + "/")) { - redirect = true; - } - - if (sreq.getQueryString() != null) { - uri = uri + "?" + sreq.getQueryString(); - } - session.setAttribute("requesturi", uri); - - User user = (User)session.getAttribute("user"); - if (user == null) { - logger.debug("No user in session: " + requesturi); - this.handleResponse(resp, redirect); - return; - } - if (user.hasExpired()) { - // try to re-authenticate the user - logger.debug("User ticket has expired: " + requesturi); - String encoding = sreq.getCharacterEncoding(); - try { - Authentication auth = this.auth(user, encoding); - if (auth == null || !auth.isSuccess()) { - logger.debug("Re-athentication not successful"); - this.handleResponse(resp, redirect); - } - } - catch(AuthenticationException e) { - logger.error("Failure during re-authentication", e); - this.handleResponse(resp, redirect); - return; - } - } - - chain.doFilter(req, resp); - return; - } - - private void redirect(ServletResponse resp) throws IOException { - logger.debug("Redirect to login"); - ((HttpServletResponse) resp).sendRedirect(this.sc.getContextPath() + - "/login.jsp"); - } - - private void sendNotAuthenticated(ServletResponse resp) throws IOException { - logger.debug("Send not authenticated"); - ((HttpServletResponse)resp).sendError(HttpServletResponse.SC_FORBIDDEN, "User not authenticated"); - } - - private void handleResponse(ServletResponse resp, boolean redirect) throws IOException { - if (redirect) { - this.redirect(resp); - } - else { - this.sendNotAuthenticated(resp); - } - } - - - /** - * Do nothing at destruction. - */ - @Override - public void destroy() { - } - - private Authentication auth(User user, String encoding) - throws AuthenticationException, IOException { - Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); - return AuthenticationFactory.getInstance(this.authmethod).auth( - user.getName(), user.getPassword(), encoding, features); - } -} -// vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : diff -r 95ffae40c8f2 -r 687b7a6f09aa flys-client/src/main/java/de/intevation/flys/client/server/NoCacheFilter.java --- a/flys-client/src/main/java/de/intevation/flys/client/server/NoCacheFilter.java Tue Nov 06 13:32:41 2012 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,74 +0,0 @@ -package de.intevation.flys.client.server; - -import java.io.IOException; -import java.util.Enumeration; -import java.util.Date; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.log4j.Logger; - -/** ServletFilter to avoid caching for GWTs *.nocache.* files. */ -public class NoCacheFilter implements Filter { - - private static final long DAY = 86400000L; - - private static final String NO_CACHE = ".nocache."; - - private static Logger log = Logger.getLogger(NoCacheFilter.class); - - /** - * Initialize. - */ - @Override - public void init(FilterConfig config) - throws ServletException - { - } - - - /** - * Called when filter in chain invoked. - * @param req request to servlet - * @param resp response of servlet - * @param chain the filter chain - */ - @Override - public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) - throws IOException, ServletException - { - HttpServletRequest httpreq = (HttpServletRequest)req; - String uri = httpreq.getRequestURI(); - - if (uri.contains(NO_CACHE)) { - log.debug("Set no-cache for " + uri); - - Date now = new Date(); - HttpServletResponse httpresp = (HttpServletResponse)resp; - httpresp.setDateHeader("Date", now.getTime()); - httpresp.setDateHeader("Expires", now.getTime() - DAY); - httpresp.setHeader("Pragma", "no-cache"); - httpresp.setHeader("Cache-control", - "no-cache, no-store, must-revalidate"); - } - - chain.doFilter(req, resp); - } - - - /** - * Do nothing at destruction. - */ - @Override - public void destroy() { - } -} -// vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : diff -r 95ffae40c8f2 -r 687b7a6f09aa flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Tue Nov 06 13:39:00 2012 +0100 @@ -0,0 +1,179 @@ +package de.intevation.flys.client.server.filter; + +import java.io.IOException; +import java.util.Enumeration; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.log4j.Logger; + +import de.intevation.flys.client.server.auth.Authentication; +import de.intevation.flys.client.server.auth.AuthenticationException; +import de.intevation.flys.client.server.auth.AuthenticationFactory; +import de.intevation.flys.client.server.auth.User; +import de.intevation.flys.client.server.features.Features; + + +/** ServletFilter used for GGInA authentification and certain authorisation. */ +public class GGInAFilter implements Filter { + + /** Private logger. */ + private static Logger logger = Logger.getLogger(GGInAFilter.class); + + private boolean deactivate = false; + private String authmethod; + private String redirecturl; + private ServletContext sc; + + public static final String LOGIN_JSP = "/login.jsp"; + public static final String LOGIN_SERVLET = "/flys/login"; + public static final String FLYS_CSS = "/FLYS.css"; + + + /** + * Initialize. + * + * Read FilterConfig parameter deactivate + */ + @Override + public void init(FilterConfig config) + throws ServletException + { + String deactivate = config.getInitParameter("deactivate"); + this.sc = config.getServletContext(); + logger.debug("GGInAFilter context " + this.sc.getContextPath()); + this.authmethod = sc.getInitParameter("authentication"); + this.redirecturl = sc.getInitParameter("redirect-url"); + if (deactivate != null && deactivate.equalsIgnoreCase("true")) { + this.deactivate = true; + } + + } + + + /** + * Called when filter in chain invoked. + * @param req request to servlet + * @param resp response of servlet + * @param chain the filter chain + */ + @Override + public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) + throws IOException, ServletException + { + if (this.deactivate) { + logger.debug("GGinAFilter is deactivated"); + chain.doFilter(req, resp); + return; + } + + HttpServletRequest sreq = (HttpServletRequest) req; + + String requesturi = sreq.getRequestURI(); + for (Enumeration e = req.getAttributeNames() ; e.hasMoreElements() ;) { + logger.debug(e.nextElement()); + } + + logger.debug("Request for: " + requesturi); + + // Allow access to login pages + // TODO Maybe replace with Filter + String path = this.sc.getContextPath(); + if (requesturi.equals(path + "/login.jsp") || + requesturi.equals(path + "/flys/login") + || requesturi.equals(path + "/FLYS.css")) { + logger.debug("Request for login " + requesturi); + chain.doFilter(req, resp); + return; + } + + boolean redirect = false; + + HttpSession session = sreq.getSession(); + + String uri = path + "/" + this.redirecturl; + + /* Redirect if uri is root or redirecturl */ + if (requesturi.equals(uri) || requesturi.equals(path + "/")) { + redirect = true; + } + + if (sreq.getQueryString() != null) { + uri = uri + "?" + sreq.getQueryString(); + } + session.setAttribute("requesturi", uri); + + User user = (User)session.getAttribute("user"); + if (user == null) { + logger.debug("No user in session: " + requesturi); + this.handleResponse(resp, redirect); + return; + } + if (user.hasExpired()) { + // try to re-authenticate the user + logger.debug("User ticket has expired: " + requesturi); + String encoding = sreq.getCharacterEncoding(); + try { + Authentication auth = this.auth(user, encoding); + if (auth == null || !auth.isSuccess()) { + logger.debug("Re-athentication not successful"); + this.handleResponse(resp, redirect); + } + } + catch(AuthenticationException e) { + logger.error("Failure during re-authentication", e); + this.handleResponse(resp, redirect); + return; + } + } + + chain.doFilter(req, resp); + return; + } + + private void redirect(ServletResponse resp) throws IOException { + logger.debug("Redirect to login"); + ((HttpServletResponse) resp).sendRedirect(this.sc.getContextPath() + + "/login.jsp"); + } + + private void sendNotAuthenticated(ServletResponse resp) throws IOException { + logger.debug("Send not authenticated"); + ((HttpServletResponse)resp).sendError(HttpServletResponse.SC_FORBIDDEN, "User not authenticated"); + } + + private void handleResponse(ServletResponse resp, boolean redirect) throws IOException { + if (redirect) { + this.redirect(resp); + } + else { + this.sendNotAuthenticated(resp); + } + } + + + /** + * Do nothing at destruction. + */ + @Override + public void destroy() { + } + + private Authentication auth(User user, String encoding) + throws AuthenticationException, IOException { + Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); + return AuthenticationFactory.getInstance(this.authmethod).auth( + user.getName(), user.getPassword(), encoding, features); + } +} +// vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : diff -r 95ffae40c8f2 -r 687b7a6f09aa flys-client/src/main/java/de/intevation/flys/client/server/filter/NoCacheFilter.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/NoCacheFilter.java Tue Nov 06 13:39:00 2012 +0100 @@ -0,0 +1,74 @@ +package de.intevation.flys.client.server.filter; + +import java.io.IOException; +import java.util.Enumeration; +import java.util.Date; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.log4j.Logger; + +/** ServletFilter to avoid caching for GWTs *.nocache.* files. */ +public class NoCacheFilter implements Filter { + + private static final long DAY = 86400000L; + + private static final String NO_CACHE = ".nocache."; + + private static Logger log = Logger.getLogger(NoCacheFilter.class); + + /** + * Initialize. + */ + @Override + public void init(FilterConfig config) + throws ServletException + { + } + + + /** + * Called when filter in chain invoked. + * @param req request to servlet + * @param resp response of servlet + * @param chain the filter chain + */ + @Override + public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) + throws IOException, ServletException + { + HttpServletRequest httpreq = (HttpServletRequest)req; + String uri = httpreq.getRequestURI(); + + if (uri.contains(NO_CACHE)) { + log.debug("Set no-cache for " + uri); + + Date now = new Date(); + HttpServletResponse httpresp = (HttpServletResponse)resp; + httpresp.setDateHeader("Date", now.getTime()); + httpresp.setDateHeader("Expires", now.getTime() - DAY); + httpresp.setHeader("Pragma", "no-cache"); + httpresp.setHeader("Cache-control", + "no-cache, no-store, must-revalidate"); + } + + chain.doFilter(req, resp); + } + + + /** + * Do nothing at destruction. + */ + @Override + public void destroy() { + } +} +// vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 : diff -r 95ffae40c8f2 -r 687b7a6f09aa flys-client/src/main/webapp/WEB-INF/web.xml --- a/flys-client/src/main/webapp/WEB-INF/web.xml Tue Nov 06 13:32:41 2012 +0100 +++ b/flys-client/src/main/webapp/WEB-INF/web.xml Tue Nov 06 13:39:00 2012 +0100 @@ -564,7 +564,7 @@ GGInAFilter - de.intevation.flys.client.server.GGInAFilter + de.intevation.flys.client.server.filter.GGInAFilter deactivate false @@ -578,7 +578,7 @@ NoCacheFilter - de.intevation.flys.client.server.NoCacheFilter + de.intevation.flys.client.server.filter.NoCacheFilter