KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > jaspersoft > jasperserver > api > metadata > user > service > impl > RequestAuthenticationProcessingFilter


1 package com.jaspersoft.jasperserver.api.metadata.user.service.impl;
2
3 import java.io.IOException JavaDoc;
4 import java.util.Enumeration JavaDoc;
5 import java.util.HashMap JavaDoc;
6 import java.util.Map JavaDoc;
7
8 import javax.servlet.http.HttpServletRequest JavaDoc;
9 import javax.servlet.http.HttpServletResponse JavaDoc;
10
11 import org.acegisecurity.Authentication;
12 import org.acegisecurity.AuthenticationException;
13 import org.acegisecurity.context.SecurityContextHolder;
14 import org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent;
15 import org.acegisecurity.ui.AbstractProcessingFilter;
16 import org.acegisecurity.ui.savedrequest.SavedRequest;
17 import org.acegisecurity.util.PortResolver;
18 import org.acegisecurity.util.PortResolverImpl;
19 import org.apache.commons.logging.Log;
20 import org.apache.commons.logging.LogFactory;
21 import org.springframework.util.Assert;
22
23 public class RequestAuthenticationProcessingFilter extends AbstractProcessingFilter {
24     
25     private static final Log log = LogFactory.getLog(RequestAuthenticationProcessingFilter.class);
26     
27     public static final String JavaDoc REQUEST_AUTHENTICATION_ID = "REQUEST_AUTHENTICATION_ID";
28
29     private PortResolver portResolver = new PortResolverImpl();
30     
31     public RequestAuthenticationProcessingFilter() {
32         super();
33     }
34
35     public void afterPropertiesSet() throws Exception JavaDoc {
36        Assert.hasLength(getDefaultTargetUrl(), "defaultTargetUrl must be specified");
37         Assert.hasLength(getAuthenticationFailureUrl(),
38             "authenticationFailureUrl must be specified");
39         Assert.notNull(getAuthenticationManager(),
40             "authenticationManager must be specified");
41         Assert.notNull(getRememberMeServices());
42     }
43
44     /* (non-Javadoc)
45      * @see org.acegisecurity.ui.AbstractProcessingFilter#attemptAuthentication(javax.servlet.http.HttpServletRequest)
46      */
47     public Authentication attemptAuthentication(HttpServletRequest JavaDoc request) throws AuthenticationException {
48         Map JavaDoc requestParameters = obtainRequestParameters(request);
49         String JavaDoc targetUrl = (String JavaDoc) request.getSession().getAttribute(ACEGI_SAVED_REQUEST_KEY);
50
51         if (log.isDebugEnabled()) {
52             
53             targetUrl = (String JavaDoc) request.getSession().getAttribute(ACEGI_SAVED_REQUEST_KEY);
54             log.debug("Authenticating with values: '" + requestParameters + "'");
55             log.debug("from URL: " + targetUrl);
56         }
57         
58         Authentication authRequest = new RequestAuthenticationToken(requestParameters);
59
60         // This call to getSession().setAttribute needs to happen, otherwise you get into an
61 // infinite loop. Maybe just a getAttribute will work?
62 request.getSession().setAttribute(REQUEST_AUTHENTICATION_ID, targetUrl);
63
64         return this.getAuthenticationManager().authenticate(authRequest);
65     }
66
67     protected boolean requiresAuthentication(HttpServletRequest JavaDoc request,
68             HttpServletResponse JavaDoc response) {
69         return SecurityContextHolder.getContext().getAuthentication() == null;
70         //return obtainRequestParameters(request) != null && obtainRequestParameters(request).size() > 0;
71 }
72
73
74     protected void successfulAuthentication(HttpServletRequest JavaDoc request,
75         HttpServletResponse JavaDoc response, Authentication authResult)
76         throws IOException JavaDoc {
77         if (logger.isDebugEnabled()) {
78             logger.debug("Authentication success: " + authResult.toString());
79         }
80
81         SecurityContextHolder.getContext().setAuthentication(authResult);
82
83         if (logger.isDebugEnabled()) {
84             logger.debug(
85                 "Updated SecurityContextHolder to contain the following Authentication: '"
86                 + authResult + "'");
87         }
88
89         String JavaDoc targetUrl = (new SavedRequest(request, portResolver)).getFullRequestUrl();
90
91         if (logger.isDebugEnabled()) {
92             logger.debug("Redirecting to target URL from HTTP Session (or default): " + targetUrl);
93         }
94
95         onSuccessfulAuthentication(request, response, authResult);
96
97         getRememberMeServices().loginSuccess(request, response, authResult);
98
99         // Fire event
100 if (this.eventPublisher != null) {
101             eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(
102                     authResult, this.getClass()));
103         }
104
105         response.sendRedirect(response.encodeRedirectURL(targetUrl));
106     }
107
108     
109     protected Map JavaDoc obtainRequestParameters(HttpServletRequest JavaDoc request) {
110         
111         Map JavaDoc result = new HashMap JavaDoc();
112         result.putAll(request.getParameterMap());
113         
114         Enumeration JavaDoc attrs = request.getAttributeNames();
115         while (attrs.hasMoreElements()) {
116             String JavaDoc attrName = (String JavaDoc) attrs.nextElement();
117             result.put(attrName, request.getAttribute(attrName));
118         }
119         
120         return result;
121     }
122     
123     /* (non-Javadoc)
124      * @see org.acegisecurity.ui.AbstractProcessingFilter#getDefaultFilterProcessesUrl()
125      */
126     public String JavaDoc getDefaultFilterProcessesUrl() {
127         return "/requestAuthentication";
128     }
129
130 }
131
Popular Tags