| 0,0 → 1,166 |
|---|
| package ak.hostadmiral.core.servlet; |
| |
| import java.util.List; |
| import java.util.ArrayList; |
| import java.util.StringTokenizer; |
| import java.io.IOException; |
| import java.net.URLEncoder; |
| import java.security.Principal; |
| import java.security.AccessControlException; |
| |
| import javax.servlet.Filter; |
| import javax.servlet.FilterChain; |
| import javax.servlet.FilterConfig; |
| import javax.servlet.ServletException; |
| import javax.servlet.ServletRequest; |
| import javax.servlet.ServletResponse; |
| import javax.servlet.http.HttpSession; |
| import javax.servlet.http.HttpServletRequest; |
| import javax.servlet.http.HttpServletResponse; |
| |
| import org.apache.log4j.Logger; |
| |
| import ak.backpath.BackPath; |
| |
| import ak.hostadmiral.core.model.User; |
| |
| /** |
| * Ensures that user is logged in to the system to process its request. |
| */ |
| public class LoginFilter |
| implements Filter |
| { |
| private static final Logger logger = Logger.getLogger(LoginFilter.class); |
| |
| private FilterConfig filterConfig; |
| private String loginUrl; |
| private String loginServlet; |
| private List passUrls = new ArrayList(); |
| private List passMasks = new ArrayList(); |
| |
| public void init(FilterConfig filterConfig) |
| throws ServletException |
| { |
| // get config |
| this.filterConfig = filterConfig; |
| |
| if(filterConfig == null) |
| throw new ServletException("No configuration for the filter"); |
| |
| // get login url |
| loginUrl = filterConfig.getInitParameter("loginUrl"); |
| |
| if(loginUrl == null) |
| throw new ServletException("No login URL specified"); |
| |
| // ensure it's absolute path |
| if(!loginUrl.startsWith("/")) |
| loginUrl = "/" + loginUrl; |
| |
| // get servlet part ot the url |
| int qPos = loginUrl.indexOf("?"); |
| |
| if(qPos < 0) |
| loginServlet = loginUrl; |
| else |
| loginServlet = loginUrl.substring(0, qPos); |
| |
| // get pass through URLs |
| String passUrlsStr = filterConfig.getInitParameter("passUrls"); |
| if(passUrlsStr != null) { |
| String[] urls = passUrlsStr.split("\\s*;\\s*"); |
| |
| for(int i = 0; i < urls.length; i++) { |
| if(urls[i].endsWith("*")) { |
| passMasks.add(urls[i].substring(0, urls[i].length()-1)); |
| } |
| else { |
| passUrls.add(urls[i]); |
| } |
| } |
| } |
| |
| // avoid loop |
| if(!isPassThrough(loginServlet)) { |
| passUrls.add(loginServlet); |
| } |
| } |
| |
| private boolean isPassThrough(String url) |
| { |
| for(int i = 0; i < passUrls.size(); i++) { |
| if(url.equals((String)passUrls.get(i))) return true; |
| } |
| |
| for(int i = 0; i < passMasks.size(); i++) { |
| if(url.startsWith((String)passMasks.get(i))) return true; |
| } |
| |
| return false; |
| } |
| |
| public void doFilter(ServletRequest request, ServletResponse response, |
| FilterChain chain) |
| throws IOException, ServletException |
| { |
| boolean processNext; |
| |
| if(!(request instanceof HttpServletRequest)) |
| throw new ServletException("Do not know how to handle non-HTTP requests"); |
| if(!(response instanceof HttpServletResponse)) |
| throw new ServletException("Do not know how to handle non-HTTP response"); |
| |
| HttpServletRequest httpRequest = (HttpServletRequest)request; |
| HttpServletResponse httpResponse = (HttpServletResponse)response; |
| |
| logger.debug("Requested " + httpRequest.getServletPath()); |
| |
| if(isPassThrough(httpRequest.getServletPath())) { |
| processNext = true; |
| logger.debug("pass through"); |
| } |
| else { |
| try { |
| HttpSession session = httpRequest.getSession(false); |
| |
| if(session == null) |
| throw new AccessControlException("No session"); |
| |
| Object userObj = session.getAttribute("user"); |
| if(userObj == null) |
| throw new AccessControlException("No user"); |
| |
| if(!(userObj instanceof User)) |
| throw new ServletException( |
| "Wrong type of user information: " + userObj.getClass().getName()); |
| |
| processNext = true; |
| logger.debug("User found - OK"); |
| } |
| catch(AccessControlException ex) { |
| String redirectUrl; |
| try { |
| redirectUrl = httpRequest.getContextPath() + loginUrl |
| + BackPath.findBackPath(httpRequest).getForwardParams(); |
| } |
| catch(Exception ex2) { |
| logger.error("Cannot get forward redirect", ex2); |
| redirectUrl = httpRequest.getContextPath() + loginUrl; |
| } |
| |
| logger.info("Redirect because of '" + ex.getMessage() + "' to " + redirectUrl); |
| httpResponse.sendRedirect(httpResponse.encodeRedirectURL(redirectUrl)); |
| |
| processNext = false; |
| } |
| } |
| |
| if(processNext) { // no problems found |
| chain.doFilter(request, response); |
| } |
| } |
| |
| public void destroy() |
| { |
| } |
| } |