KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > atlassian > seraph > util > RedirectUtils


1 package com.atlassian.seraph.util;
2
3 import com.atlassian.seraph.config.SecurityConfig;
4 import com.atlassian.seraph.config.SecurityConfigFactory;
5 import com.atlassian.seraph.filter.SecurityFilter;
6
7 import javax.servlet.http.HttpServletRequest JavaDoc;
8 import java.net.URLEncoder JavaDoc;
9
10 /**
11  * Utilities for login link redirection.
12  */
13 public class RedirectUtils
14 {
15
16     /**
17      * Returns a login URL that would log the user in to access resource indicated by <code>request</code>.
18      * <p>
19      * For instance, if <code>request</code> is for protected path "/browse/JRA-123" and the user must login before
20      * accessing this resource, this method might return "/login.jsp?os_destination=%2Fbrowse%2FJRA-123". Presumably the
21      * login.jsp page will redirect back to 'os_destination' once logged in.
22      * <p>
23      * The returned path is derived from the <code>login.url</code> parameter in seraph-config.xml, which in the example above would be
24      * "/login.jsp?os_destination={originalurl}". The '${originalurl}' token is replaced at runtime with a relative
25      * or absolute path to the original resource requested by <code>request</code> ('/browse/JRA-123').
26      * <p>
27      * Both the returned URL and the ${originalurl} replacement URL may be absolute or root-relative, depending on whether
28      * the seraph-config.xml <code>login.url</code> parameter is. This allows for redirection to external <acronym title="Single Sign-on">SSO</acronym>
29      * apps, which are passed an absolute path to the originally requested resource.
30      * <p>
31      * No actual permission checks are performed to determine whether the user needs to log in to access the resource. The
32      * caller is assumed to have done this before calling this method.
33      *
34      * @param request The original request made by the user for a resource.
35      * @return A root-relative or absolute URL of a login link that would log the user in to access the resource.
36      */
37     public static String JavaDoc getLoginUrl(HttpServletRequest JavaDoc request)
38     {
39         SecurityConfig securityConfig = SecurityConfigFactory.getInstance();
40         String JavaDoc loginURL = securityConfig.getLoginURL();
41         return getLoginURL(loginURL, request);
42     }
43
44     /**
45      * Returns a login URL that would log the user in to access resource indicated by <code>request</code>.
46      * Identical to {@link #getLoginUrl(javax.servlet.http.HttpServletRequest)}, except uses the 'link.login.url'
47      * parameter in seraph-config.xml instead of 'login.url', which allows for different login pages depending on whether
48      * invoked from a link ("link.login.url") or from a servlet filter that intercepted a request ("login.url").
49      * @see #getLoginUrl(javax.servlet.http.HttpServletRequest) for parameters, etc
50      */
51     public static String JavaDoc getLinkLoginURL(HttpServletRequest JavaDoc request)
52     {
53         SecurityConfig securityConfig = SecurityConfigFactory.getInstance();
54         String JavaDoc loginURL = securityConfig.getLinkLoginURL();
55         return getLoginURL(loginURL, request);
56     }
57
58
59     private static String JavaDoc getLoginURL(String JavaDoc loginURL, HttpServletRequest JavaDoc request)
60     {
61         boolean externalLoginLink = isExternalLoginLink(loginURL);
62         loginURL = replaceOriginalURL(loginURL, request, externalLoginLink);
63         if (externalLoginLink)
64         {
65             return loginURL;
66         }
67         else
68         {
69             return request.getContextPath() + loginURL;
70         }
71     }
72
73     private static boolean isExternalLoginLink(String JavaDoc loginURL)
74     {
75         return (loginURL.indexOf("://") != -1);
76     }
77
78     /**
79      * Replace ${originalurl} token in a string with a URL for a Request.
80      */
81     private static String JavaDoc replaceOriginalURL(final String JavaDoc loginURL, final HttpServletRequest JavaDoc request, boolean external)
82     {
83         final int i = loginURL.indexOf("${originalurl}");
84         if (i != -1)
85         {
86             final String JavaDoc originalURL = getOriginalURL(request, external);
87             return loginURL.substring(0, i) + URLEncoder.encode(originalURL) + loginURL.substring(i + "${originalurl}".length());
88         }
89         else
90             return loginURL;
91     }
92
93     /**
94      * Recreate a URL from a Request.
95      */
96     private static String JavaDoc getOriginalURL(HttpServletRequest JavaDoc request, boolean external)
97     {
98         String JavaDoc originalURL = (String JavaDoc) request.getAttribute(SecurityFilter.ORIGINAL_URL);
99         if (originalURL != null)
100         {
101             if (external)
102                 return getServerNameAndPath(request) + originalURL;
103             else
104                 return originalURL;
105         }
106
107         if (external)
108             return request.getRequestURL() + (request.getQueryString() == null ? "" : "?" + request.getQueryString());
109         else
110             return request.getServletPath() +
111                 (request.getPathInfo() == null ? "" : request.getPathInfo()) +
112                 (request.getQueryString() == null ? "" : "?" + request.getQueryString());
113
114     }
115
116     public static String JavaDoc getServerNameAndPath(HttpServletRequest JavaDoc request)
117     {
118         return request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
119     }
120 }
121
Popular Tags