changeset 3851:a4c9296f6efa

Use the Context PATH servlet variable when using URLs in the GGInAFilter flys-client/trunk@5591 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author Bjoern Ricks <bjoern.ricks@intevation.de>
date Mon, 24 Sep 2012 13:04:53 +0000 (2012-09-24)
parents 8d0ababa2db7
children 4aa7216b329a
files flys-client/ChangeLog flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java flys-client/src/main/webapp/login.jsp
diffstat 4 files changed, 41 insertions(+), 18 deletions(-) [+]
line wrap: on
line diff
--- a/flys-client/ChangeLog	Mon Sep 24 11:53:29 2012 +0000
+++ b/flys-client/ChangeLog	Mon Sep 24 13:04:53 2012 +0000
@@ -1,3 +1,12 @@
+2012-09-24	Bj�rn Ricks	<bjoern.ricks@intevation.de>
+
+	issue846 (GGInA: Auth mechanism ignores URL prefix)
+
+	* src/main/java/de/intevation/flys/client/server/LoginServlet.java,
+	  src/main/java/de/intevation/flys/client/server/GGInAFilter.java,
+	  src/main/webapp/login.jsp:
+	  Consider the Context Path variable when using urls in the GGInAFilter.
+
 2012-09-24	Felix Wolfsteller	<felix.wolfsteller@intevation.de>
 
 	issue871 (parameterization of flowvelocity loo�s a tiny bit messy).
--- a/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java	Mon Sep 24 11:53:29 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java	Mon Sep 24 13:04:53 2012 +0000
@@ -34,6 +34,10 @@
     private String authmethod;
     private ServletContext sc;
 
+    public static final String LOGIN_JSP     = "/login.jsp";
+    public static final String LOGIN_SERVLET = "/flys/login";
+    public static final String FLYS_CSS      = "/FLYS.css";
+
 
     /**
      * Initialize.
@@ -46,6 +50,7 @@
     {
         String deactivate = config.getInitParameter("deactivate");
         this.sc = config.getServletContext();
+        logger.debug("GGInAFilter context " + this.sc.getContextPath());
         this.authmethod = sc.getInitParameter("authentication");
         if (deactivate != null && deactivate.equalsIgnoreCase("true")) {
             this.deactivate = true;
@@ -81,8 +86,10 @@
 
         // Allow access to login pages
         // TODO Maybe replace with Filter <url-pattern>
-        if (requesturi.equals("/login.jsp") || requesturi.equals("/flys/login")
-                || requesturi.equals("/FLYS.css")) {
+        String path = this.sc.getContextPath();
+        if (requesturi.equals(path + "/login.jsp") ||
+                requesturi.equals(path + "/flys/login")
+                || requesturi.equals(path + "/FLYS.css")) {
             logger.debug("Request for login " + requesturi);
             chain.doFilter(req, resp);
             return;
@@ -127,7 +134,8 @@
 
     private void redirect(ServletResponse resp) throws IOException {
         logger.debug("Redirect to login");
-        ((HttpServletResponse) resp).sendRedirect("/login.jsp");
+        ((HttpServletResponse) resp).sendRedirect(this.sc.getContextPath() +
+            "/login.jsp");
     }
 
 
--- a/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java	Mon Sep 24 11:53:29 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java	Mon Sep 24 13:04:53 2012 +0000
@@ -22,20 +22,25 @@
 
     private static Logger logger = Logger.getLogger(LoginServlet.class);
 
-    private void redirectFailure(HttpServletResponse resp) throws IOException {
-        resp.sendRedirect("/login.jsp");
+    private void redirectFailure(HttpServletResponse resp, String path)
+        throws IOException {
+        resp.sendRedirect(path + "/login.jsp");
     }
 
-    private void redirectFailure(HttpServletResponse resp, Exception e) throws IOException {
-        this.redirectFailure(resp, e.getMessage());
+    private void redirectFailure(HttpServletResponse resp, String path,
+            Exception e) throws IOException {
+        this.redirectFailure(resp, path, e.getMessage());
     }
 
-    private void redirectFailure(HttpServletResponse resp, String message) throws IOException {
-        resp.sendRedirect("/login.jsp?error=" + message);
+    private void redirectFailure(HttpServletResponse resp, String path,
+            String message) throws IOException {
+        resp.sendRedirect(path + "/login.jsp?error=" + message);
     }
-    private void redirectSuccess(HttpServletResponse resp, String uri) throws IOException {
+
+    private void redirectSuccess(HttpServletResponse resp, String path,
+            String uri) throws IOException {
         if (uri == null) {
-            uri = "/FLYS.html";
+            uri = path + "/FLYS.html";
         }
         resp.sendRedirect(uri);
     }
@@ -44,7 +49,7 @@
     protected void doGet(HttpServletRequest req, HttpServletResponse resp)
     throws ServletException, IOException {
         logger.debug("Processing get request");
-        this.redirectFailure(resp);
+        this.redirectFailure(resp, req.getContextPath());
     }
 
     @Override
@@ -59,7 +64,7 @@
 
         if (username == null || password == null) {
             logger.debug("No username or password provided");
-            this.redirectFailure(resp);
+            this.redirectFailure(resp, req.getContextPath());
             return;
         }
 
@@ -67,7 +72,7 @@
             Authentication aresp = this.auth(username, password, encoding);
             if (aresp == null || !aresp.isSuccess()) {
                 logger.debug("Authentication not successful");
-                this.redirectFailure(resp);
+                this.redirectFailure(resp, req.getContextPath());
             }
             User user = aresp.getUser();
 
@@ -76,7 +81,8 @@
             if (!client.userExists(user)) {
                 logger.debug("Creating db user");
                 if (!client.createUser(user)) {
-                    this.redirectFailure(resp, "Could not create new user");
+                    this.redirectFailure(resp, req.getContextPath(),
+                            "Could not create new user");
                 }
             }
 
@@ -85,11 +91,11 @@
 
             String uri = (String)session.getAttribute("requesturi");
 
-            this.redirectSuccess(resp, uri);
+            this.redirectSuccess(resp, req.getContextPath(), uri);
         }
         catch(AuthenticationException e) {
             logger.error(e);
-            this.redirectFailure(resp, e);
+            this.redirectFailure(resp, req.getContextPath(), e);
         }
     }
 
--- a/flys-client/src/main/webapp/login.jsp	Mon Sep 24 11:53:29 2012 +0000
+++ b/flys-client/src/main/webapp/login.jsp	Mon Sep 24 13:04:53 2012 +0000
@@ -6,7 +6,7 @@
     </head>
 
     <body>
-        <form method="POST" action="/flys/login" id="authentication">
+        <form method="POST" action="<%= request.getContextPath() + "/flys/login" %>" id="authentication">
             <h1>FLYS Anmeldung</h1>
             <% String error = request.getParameter("error"); %>
             <% if (error != null) { %>

http://dive4elements.wald.intevation.org