1 package com.blandware.atleap.webapp.filter; 2 3 import com.blandware.atleap.common.Constants; 4 import com.blandware.atleap.common.util.StringUtil; 5 import com.blandware.atleap.model.core.User; 6 import com.blandware.atleap.service.core.UserManager; 7 import com.blandware.atleap.webapp.util.core.RequestUtil; 8 import org.acegisecurity.context.SecurityContextHolder; 9 import org.acegisecurity.context.SecurityContextImpl; 10 import org.acegisecurity.providers.dao.UserCache; 11 import org.apache.commons.lang.StringUtils; 12 import org.apache.commons.logging.Log; 13 import org.apache.commons.logging.LogFactory; 14 import org.springframework.web.context.WebApplicationContext; 15 16 import javax.servlet.Filter ; 17 import javax.servlet.FilterChain ; 18 import javax.servlet.FilterConfig ; 19 import javax.servlet.RequestDispatcher ; 20 import javax.servlet.ServletException ; 21 import javax.servlet.ServletRequest ; 22 import javax.servlet.ServletResponse ; 23 import javax.servlet.http.Cookie ; 24 import javax.servlet.http.HttpServletRequest ; 25 import javax.servlet.http.HttpServletResponse ; 26 import java.io.IOException ; 27 28 29 39 public final class LoginFilter implements Filter { 40 42 protected transient final Log log = LogFactory.getLog(LoginFilter.class); 43 protected FilterConfig config = null; 44 protected boolean enabled = true; 45 46 48 57 public void doFilter(ServletRequest req, ServletResponse resp, 58 FilterChain chain) 59 throws IOException , ServletException { 60 61 HttpServletRequest request = (HttpServletRequest ) req; 62 HttpServletResponse response = (HttpServletResponse ) resp; 63 String username = request.getRemoteUser(); 64 65 Cookie c = RequestUtil.getCookie(request, Constants.LOGIN_COOKIE); 67 68 WebApplicationContext context = 69 (WebApplicationContext) config.getServletContext().getAttribute 70 (WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE); 71 UserManager mgr = (UserManager) context.getBean(Constants.USER_MANAGER_BEAN); 72 73 if ( request.getRequestURL().indexOf("logout") != -1 && 76 username != null ) { 77 if ( username != null ) { 79 if ( log.isDebugEnabled() ) { 80 log.debug("logging out '" + request.getRemoteUser() + "'"); 81 } 82 mgr.deleteUserCookies(username); 83 RequestUtil.deleteCookie(response, c, request.getContextPath()); 84 85 UserCache userCache = (UserCache) context.getBean(Constants.ACEGI_USER_CACHE_BEAN); 87 if (userCache != null) 88 userCache.removeUserFromCache(username); 89 90 SecurityContextHolder.setContext(new SecurityContextImpl()); 91 request.getSession().invalidate(); 92 } 93 } else if ( c != null && enabled ) { 94 try { 95 96 String loginCookie = mgr.checkUserCookie(c.getValue()); 97 98 if ( loginCookie != null ) { 99 RequestUtil.setCookie(response, Constants.LOGIN_COOKIE, 100 loginCookie, 101 request.getContextPath()); 102 loginCookie = StringUtil.decodeString(loginCookie); 103 104 String [] value = StringUtils.split(loginCookie, '|'); 105 106 User user = mgr.retrieveUser(value[0]); 107 108 String route = "/servlet/authorize?j_username=" + 110 user.getName() + "&j_password=" + 111 user.getPassword(); 112 113 request.setAttribute("encrypt", "false"); 114 request.getSession(true).setAttribute("cookieLogin", 115 "true"); 116 117 if ( log.isDebugEnabled() ) { 118 log.debug("I remember you '" + user.getName() + 119 "', attempting to authenticate..."); 120 } 121 122 RequestDispatcher dispatcher = 123 request.getRequestDispatcher(route); 124 dispatcher.forward(request, response); 125 126 return; 127 } 128 } catch ( Exception e ) { 129 if ( log.isDebugEnabled() ) { 130 log.error(e); 131 } 132 throw new ServletException (e); 133 } 134 } 135 136 chain.doFilter(req, resp); 137 } 138 139 142 public void init(FilterConfig config) { 143 this.config = config; 144 145 String param = config.getInitParameter("enabled"); 146 enabled = Boolean.valueOf(param).booleanValue(); 147 148 if ( log.isDebugEnabled() ) { 149 log.debug("Remember Me enabled: " + enabled); 150 } 151 152 config.getServletContext() 153 .setAttribute("rememberMeEnabled", 154 config.getInitParameter("enabled")); 155 } 156 157 160 public void destroy() { 161 } 162 } 163 | Popular Tags |