KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > blandware > atleap > webapp > filter > LoginFilter


1 package com.blandware.atleap.webapp.filter;
2
3 import com.blandware.atleap.common.Constants;
4 import com.blandware.atleap.common.util.StringUtil;
5 import com.blandware.atleap.model.core.User;
6 import com.blandware.atleap.service.core.UserManager;
7 import com.blandware.atleap.webapp.util.core.RequestUtil;
8 import org.acegisecurity.context.SecurityContextHolder;
9 import org.acegisecurity.context.SecurityContextImpl;
10 import org.acegisecurity.providers.dao.UserCache;
11 import org.apache.commons.lang.StringUtils;
12 import org.apache.commons.logging.Log;
13 import org.apache.commons.logging.LogFactory;
14 import org.springframework.web.context.WebApplicationContext;
15
16 import javax.servlet.Filter JavaDoc;
17 import javax.servlet.FilterChain JavaDoc;
18 import javax.servlet.FilterConfig JavaDoc;
19 import javax.servlet.RequestDispatcher JavaDoc;
20 import javax.servlet.ServletException JavaDoc;
21 import javax.servlet.ServletRequest JavaDoc;
22 import javax.servlet.ServletResponse JavaDoc;
23 import javax.servlet.http.Cookie JavaDoc;
24 import javax.servlet.http.HttpServletRequest JavaDoc;
25 import javax.servlet.http.HttpServletResponse JavaDoc;
26 import java.io.IOException JavaDoc;
27
28
29 /**
30  * <p>Intercepts Login requests for "Remember Me" functionality.</p>
31  * <p><a HREF="LoginFilter.java.htm"><i>View Source</i></a>
32  * </p>
33  *
34  * @author Matt Raible <a HREF="mailto:matt@raibledesigns.com">&lt;matt@raibledesigns.com&gt;</a>
35  * @version $Revision: 1.13 $ $Date: 2006/03/09 16:46:05 $
36  * @web.filter name="loginFilter"
37  * @web.filter-init-param name="enabled" value="${rememberMe.enabled}"
38  */
39 public final class LoginFilter implements Filter JavaDoc {
40     //~ Instance fields ========================================================
41
42     protected transient final Log log = LogFactory.getLog(LoginFilter.class);
43     protected FilterConfig JavaDoc config = null;
44     protected boolean enabled = true;
45
46     //~ Methods ================================================================
47
48     /**
49      * Filters a request
50      *
51      * @param req Filtered request
52      * @param resp Response that will be result of filtering
53      * @param chain Chain of following filters
54      * @throws IOException
55      * @throws ServletException
56      */
57     public void doFilter(ServletRequest JavaDoc req, ServletResponse JavaDoc resp,
58                          FilterChain JavaDoc chain)
59             throws IOException JavaDoc, ServletException JavaDoc {
60
61         HttpServletRequest JavaDoc request = (HttpServletRequest JavaDoc) req;
62         HttpServletResponse JavaDoc response = (HttpServletResponse JavaDoc) resp;
63         String JavaDoc username = request.getRemoteUser();
64
65         // See if the user has a remember me cookie
66 Cookie JavaDoc c = RequestUtil.getCookie(request, Constants.LOGIN_COOKIE);
67
68         WebApplicationContext context =
69                 (WebApplicationContext) config.getServletContext().getAttribute
70                 (WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE);
71         UserManager mgr = (UserManager) context.getBean(Constants.USER_MANAGER_BEAN);
72
73         // Check to see if the user is logging out, if so, remove all
74 // login cookies
75 if ( request.getRequestURL().indexOf("logout") != -1 &&
76                 username != null ) {
77             // make sure user's session hasn't timed out
78 if ( username != null ) {
79                 if ( log.isDebugEnabled() ) {
80                     log.debug("logging out '" + request.getRemoteUser() + "'");
81                 }
82                 mgr.deleteUserCookies(username);
83                 RequestUtil.deleteCookie(response, c, request.getContextPath());
84
85                 //logout
86 UserCache userCache = (UserCache) context.getBean(Constants.ACEGI_USER_CACHE_BEAN);
87                 if (userCache != null)
88                     userCache.removeUserFromCache(username);
89
90                 SecurityContextHolder.setContext(new SecurityContextImpl());
91                 request.getSession().invalidate();
92             }
93         } else if ( c != null && enabled ) {
94             try {
95
96                 String JavaDoc loginCookie = mgr.checkUserCookie(c.getValue());
97
98                 if ( loginCookie != null ) {
99                     RequestUtil.setCookie(response, Constants.LOGIN_COOKIE,
100                             loginCookie,
101                             request.getContextPath());
102                     loginCookie = StringUtil.decodeString(loginCookie);
103
104                     String JavaDoc[] value = StringUtils.split(loginCookie, '|');
105
106                     User user = mgr.retrieveUser(value[0]);
107
108                     // authenticate user without displaying login page
109 String JavaDoc route = "/servlet/authorize?j_username=" +
110                             user.getName() + "&j_password=" +
111                             user.getPassword();
112
113                     request.setAttribute("encrypt", "false");
114                     request.getSession(true).setAttribute("cookieLogin",
115                             "true");
116
117                     if ( log.isDebugEnabled() ) {
118                         log.debug("I remember you '" + user.getName() +
119                                 "', attempting to authenticate...");
120                     }
121
122                     RequestDispatcher JavaDoc dispatcher =
123                             request.getRequestDispatcher(route);
124                     dispatcher.forward(request, response);
125
126                     return;
127                 }
128             } catch ( Exception JavaDoc e ) {
129                 if ( log.isDebugEnabled() ) {
130                     log.error(e);
131                 }
132                 throw new ServletException JavaDoc(e);
133             }
134         }
135
136         chain.doFilter(req, resp);
137     }
138
139     /**
140      * Initializes controller values of filter.
141      */
142     public void init(FilterConfig JavaDoc config) {
143         this.config = config;
144
145         String JavaDoc param = config.getInitParameter("enabled");
146         enabled = Boolean.valueOf(param).booleanValue();
147
148         if ( log.isDebugEnabled() ) {
149             log.debug("Remember Me enabled: " + enabled);
150         }
151
152         config.getServletContext()
153                 .setAttribute("rememberMeEnabled",
154                         config.getInitParameter("enabled"));
155     }
156
157     /**
158      * Destroys any instance values other than config *
159      */
160     public void destroy() {
161     }
162 }
163
Popular Tags