# HG changeset patch
# User Bjoern Ricks <bjoern.ricks@intevation.de>
# Date 1342166170 0
# Node ID 8255247da645e92371d705878e461d23607f158b
# Parent  b732258fd546e74de2154a225bf8c0c56a03ebac
Implement re-authentication if the user (ticket) has expired.

Every "ticket" in GGInA has an end date. Therefore send a new
authentication request if the current date is after the end date.


flys-client/trunk@4970 c6561f87-3c4e-4783-a992-168aeb5c3f6f

diff -r b732258fd546 -r 8255247da645 flys-client/ChangeLog
--- a/flys-client/ChangeLog	Fri Jul 13 07:51:38 2012 +0000
+++ b/flys-client/ChangeLog	Fri Jul 13 07:56:10 2012 +0000
@@ -1,3 +1,10 @@
+2012-07-13	Björn Ricks	<bjoern.ricks@intevation.de>
+
+	* src/main/java/de/intevation/flys/client/server/GGInAFilter.java:
+	  Implement re-authentication if the user (ticket) has expired.
+	  Every "ticket" in GGInA has an end date. Therefore send a new
+	  authentication request if the current date is after the end date.
+
 2012-07-13	Björn Ricks	<bjoern.ricks@intevation.de>
 
 	* src/main/java/de/intevation/flys/client/server/LoginServlet.java,
diff -r b732258fd546 -r 8255247da645 flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java
--- a/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java	Fri Jul 13 07:51:38 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java	Fri Jul 13 07:56:10 2012 +0000
@@ -15,6 +15,9 @@
 
 import org.apache.log4j.Logger;
 
+import de.intevation.flys.client.server.auth.Authentication;
+import de.intevation.flys.client.server.auth.AuthenticationException;
+import de.intevation.flys.client.server.auth.AuthenticationFactory;
 import de.intevation.flys.client.server.auth.User;
 
 
@@ -25,6 +28,7 @@
     private static Logger logger = Logger.getLogger(GGInAFilter.class);
 
     private boolean deactivate = false;
+    private String authmethod;
 
 
     /**
@@ -37,6 +41,8 @@
     throws ServletException
     {
         String deactivate = config.getInitParameter("deactivate");
+        this.authmethod = config.getServletContext().getInitParameter(
+                "authentication");
         if (deactivate != null && deactivate.equalsIgnoreCase("true")) {
             this.deactivate = true;
         }
@@ -90,9 +96,21 @@
             return;
         }
         if (user.hasExpired()) {
+            // try to re-authenticate the user
             logger.debug("User ticket has expired: " + requesturi);
-            this.redirect(resp);
-            return;
+            String encoding = sreq.getCharacterEncoding();
+            try {
+                Authentication auth = this.auth(user, encoding);
+                if (auth == null || !auth.isSuccess()) {
+                    logger.debug("Re-athentication not successful");
+                    this.redirect(resp);
+                }
+            }
+            catch(AuthenticationException e) {
+                logger.error("Failure during re-authentication", e);
+                this.redirect(resp);
+                return;
+            }
         }
 
         logger.debug("GGInAFilter.doFilter");
@@ -112,5 +130,11 @@
     @Override
     public void destroy() {
     }
+
+    private Authentication auth(User user, String encoding)
+        throws AuthenticationException, IOException {
+        return AuthenticationFactory.getInstance(this.authmethod).auth(
+                user.getName(), user.getPassword(), encoding);
+    }
 }
 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :