0,0 → 1,169 |
package ak.hostadmiral.core.servlet; |
|
import java.util.List; |
import java.util.ArrayList; |
import java.util.StringTokenizer; |
import java.io.IOException; |
import java.net.URLEncoder; |
import java.security.Principal; |
import java.security.AccessControlException; |
|
import javax.servlet.Filter; |
import javax.servlet.FilterChain; |
import javax.servlet.FilterConfig; |
import javax.servlet.ServletException; |
import javax.servlet.ServletRequest; |
import javax.servlet.ServletResponse; |
import javax.servlet.http.HttpSession; |
import javax.servlet.http.HttpServletRequest; |
import javax.servlet.http.HttpServletResponse; |
|
import org.apache.log4j.Logger; |
|
import ak.backpath.BackPath; |
|
import ak.hostadmiral.core.model.User; |
|
/** |
* Ensures that user is logged in to the system to process its request. |
*/ |
public class LoginFilter |
implements Filter |
{ |
private static final Logger logger = Logger.getLogger(LoginFilter.class); |
|
private FilterConfig filterConfig; |
private String loginUrl; |
private String loginServlet; |
private List passUrls = new ArrayList(); |
private List passMasks = new ArrayList(); |
|
public void init(FilterConfig filterConfig) |
throws ServletException |
{ |
// get config |
this.filterConfig = filterConfig; |
|
if(filterConfig == null) |
throw new ServletException("No configuration for the filter"); |
|
// get login url |
loginUrl = filterConfig.getInitParameter("loginUrl"); |
|
if(loginUrl == null) |
throw new ServletException("No login URL specified"); |
|
// ensure it's absolute path |
if(!loginUrl.startsWith("/")) |
loginUrl = "/" + loginUrl; |
|
// get servlet part ot the url |
int qPos = loginUrl.indexOf("?"); |
|
if(qPos < 0) |
loginServlet = loginUrl; |
else |
loginServlet = loginUrl.substring(0, qPos); |
|
// get pass through URLs |
String passUrlsStr = filterConfig.getInitParameter("passUrls"); |
if(passUrlsStr != null) { |
String[] urls = passUrlsStr.split("\\s*;\\s*"); |
|
for(int i = 0; i < urls.length; i++) { |
if(urls[i].endsWith("*")) { |
passMasks.add(urls[i].substring(0, urls[i].length()-1)); |
} |
else { |
passUrls.add(urls[i]); |
} |
} |
} |
|
// avoid loop |
if(!isPassThrough(loginServlet)) { |
passUrls.add(loginServlet); |
} |
} |
|
private boolean isPassThrough(String url) |
{ |
for(int i = 0; i < passUrls.size(); i++) { |
if(url.equals((String)passUrls.get(i))) return true; |
} |
|
for(int i = 0; i < passMasks.size(); i++) { |
if(url.startsWith((String)passMasks.get(i))) return true; |
} |
|
return false; |
} |
|
public void doFilter(ServletRequest request, ServletResponse response, |
FilterChain chain) |
throws IOException, ServletException |
{ |
boolean processNext; |
|
if(!(request instanceof HttpServletRequest)) |
throw new ServletException("Do not know how to handle non-HTTP requests"); |
if(!(response instanceof HttpServletResponse)) |
throw new ServletException("Do not know how to handle non-HTTP response"); |
|
HttpServletRequest httpRequest = (HttpServletRequest)request; |
HttpServletResponse httpResponse = (HttpServletResponse)response; |
|
logger.debug("Requested " + httpRequest.getServletPath()); |
|
if(isPassThrough(httpRequest.getServletPath())) { |
processNext = true; |
logger.debug("pass through"); |
} |
else { |
try { |
HttpSession session = httpRequest.getSession(false); |
|
if(session == null) |
throw new AccessControlException("No session"); |
|
Object userObj = session.getAttribute("user"); |
if(userObj == null) |
throw new AccessControlException("No user"); |
|
if(!(userObj instanceof User)) |
throw new ServletException( |
"Wrong type of user information: " + userObj.getClass().getName()); |
|
processNext = true; |
logger.debug("User found - OK"); |
} |
catch(AccessControlException ex) { |
String origin = httpRequest.getRequestURI(); |
String originParams = httpRequest.getQueryString(); |
|
String redirectUrl; |
try { |
redirectUrl = httpRequest.getContextPath() + loginUrl |
+ BackPath.findBackPath(httpRequest).getForwardParams(); |
} |
catch(Exception ex2) { |
logger.error("Cannot get forward redirect", ex2); |
redirectUrl = httpRequest.getContextPath() + loginUrl; |
} |
|
logger.info("Redirect because of '" + ex.getMessage() + "' to " + redirectUrl); |
httpResponse.sendRedirect(httpResponse.encodeRedirectURL(redirectUrl)); |
|
processNext = false; |
} |
} |
|
if(processNext) { // no problems found |
chain.doFilter(request, response); |
} |
} |
|
public void destroy() |
{ |
} |
} |