1 16 package com.blandware.atleap.webapp.acegi; 17 18 import org.acegisecurity.AuthenticationException; 19 import org.acegisecurity.context.SecurityContextHolder; 20 import org.acegisecurity.intercept.web.FilterInvocation; 21 import org.acegisecurity.ui.ExceptionTranslationFilter; 22 import org.apache.commons.logging.Log; 23 import org.apache.commons.logging.LogFactory; 24 25 import javax.servlet.FilterChain ; 26 import javax.servlet.ServletException ; 27 import javax.servlet.ServletRequest ; 28 import javax.servlet.ServletResponse ; 29 import javax.servlet.http.HttpServletRequest ; 30 import javax.servlet.http.HttpServletResponse ; 31 import java.io.IOException ; 32 33 41 public class CustomExceptionTranslationFilter extends ExceptionTranslationFilter { 42 43 public static final String SAVED_REQUEST_SESSION_ATTRIBUTE = "com.blandware.atleap.webapp.acegi.SAVED_REQUEST_SESSION_ATTRIBUTE"; 44 protected boolean createSessionAllowed = true; 45 46 55 protected void sendStartAuthentication(ServletRequest request, 56 ServletResponse response, FilterChain chain, 57 AuthenticationException reason) throws ServletException , IOException { 58 HttpServletRequest httpRequest = (HttpServletRequest ) request; 59 60 if (createSessionAllowed) { 61 httpRequest.getSession().setAttribute(SAVED_REQUEST_SESSION_ATTRIBUTE, SavedRequest.saveRequest(httpRequest)); 62 } 63 64 SecurityContextHolder.getContext().setAuthentication(null); 67 68 getAuthenticationEntryPoint().commence(httpRequest, 69 (HttpServletResponse ) response, reason); 70 } 71 72 88 public boolean isCreateSessionAllowed() { 89 return createSessionAllowed; 90 } 91 92 public void setCreateSessionAllowed(boolean createSessionAllowed) { 93 this.createSessionAllowed = createSessionAllowed; 94 } 95 96 } 97 | Popular Tags |