1 package com.jaspersoft.jasperserver.api.metadata.user.service.impl; 2 3 import java.io.IOException ; 4 import java.util.Enumeration ; 5 import java.util.HashMap ; 6 import java.util.Map ; 7 8 import javax.servlet.http.HttpServletRequest ; 9 import javax.servlet.http.HttpServletResponse ; 10 11 import org.acegisecurity.Authentication; 12 import org.acegisecurity.AuthenticationException; 13 import org.acegisecurity.context.SecurityContextHolder; 14 import org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent; 15 import org.acegisecurity.ui.AbstractProcessingFilter; 16 import org.acegisecurity.ui.savedrequest.SavedRequest; 17 import org.acegisecurity.util.PortResolver; 18 import org.acegisecurity.util.PortResolverImpl; 19 import org.apache.commons.logging.Log; 20 import org.apache.commons.logging.LogFactory; 21 import org.springframework.util.Assert; 22 23 public class RequestAuthenticationProcessingFilter extends AbstractProcessingFilter { 24 25 private static final Log log = LogFactory.getLog(RequestAuthenticationProcessingFilter.class); 26 27 public static final String REQUEST_AUTHENTICATION_ID = "REQUEST_AUTHENTICATION_ID"; 28 29 private PortResolver portResolver = new PortResolverImpl(); 30 31 public RequestAuthenticationProcessingFilter() { 32 super(); 33 } 34 35 public void afterPropertiesSet() throws Exception { 36 Assert.hasLength(getDefaultTargetUrl(), "defaultTargetUrl must be specified"); 37 Assert.hasLength(getAuthenticationFailureUrl(), 38 "authenticationFailureUrl must be specified"); 39 Assert.notNull(getAuthenticationManager(), 40 "authenticationManager must be specified"); 41 Assert.notNull(getRememberMeServices()); 42 } 43 44 47 public Authentication attemptAuthentication(HttpServletRequest request) throws AuthenticationException { 48 Map requestParameters = obtainRequestParameters(request); 49 String targetUrl = (String ) request.getSession().getAttribute(ACEGI_SAVED_REQUEST_KEY); 50 51 if (log.isDebugEnabled()) { 52 53 targetUrl = (String ) request.getSession().getAttribute(ACEGI_SAVED_REQUEST_KEY); 54 log.debug("Authenticating with values: '" + requestParameters + "'"); 55 log.debug("from URL: " + targetUrl); 56 } 57 58 Authentication authRequest = new RequestAuthenticationToken(requestParameters); 59 60 request.getSession().setAttribute(REQUEST_AUTHENTICATION_ID, targetUrl); 63 64 return this.getAuthenticationManager().authenticate(authRequest); 65 } 66 67 protected boolean requiresAuthentication(HttpServletRequest request, 68 HttpServletResponse response) { 69 return SecurityContextHolder.getContext().getAuthentication() == null; 70 } 72 73 74 protected void successfulAuthentication(HttpServletRequest request, 75 HttpServletResponse response, Authentication authResult) 76 throws IOException { 77 if (logger.isDebugEnabled()) { 78 logger.debug("Authentication success: " + authResult.toString()); 79 } 80 81 SecurityContextHolder.getContext().setAuthentication(authResult); 82 83 if (logger.isDebugEnabled()) { 84 logger.debug( 85 "Updated SecurityContextHolder to contain the following Authentication: '" 86 + authResult + "'"); 87 } 88 89 String targetUrl = (new SavedRequest(request, portResolver)).getFullRequestUrl(); 90 91 if (logger.isDebugEnabled()) { 92 logger.debug("Redirecting to target URL from HTTP Session (or default): " + targetUrl); 93 } 94 95 onSuccessfulAuthentication(request, response, authResult); 96 97 getRememberMeServices().loginSuccess(request, response, authResult); 98 99 if (this.eventPublisher != null) { 101 eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent( 102 authResult, this.getClass())); 103 } 104 105 response.sendRedirect(response.encodeRedirectURL(targetUrl)); 106 } 107 108 109 protected Map obtainRequestParameters(HttpServletRequest request) { 110 111 Map result = new HashMap (); 112 result.putAll(request.getParameterMap()); 113 114 Enumeration attrs = request.getAttributeNames(); 115 while (attrs.hasMoreElements()) { 116 String attrName = (String ) attrs.nextElement(); 117 result.put(attrName, request.getAttribute(attrName)); 118 } 119 120 return result; 121 } 122 123 126 public String getDefaultFilterProcessesUrl() { 127 return "/requestAuthentication"; 128 } 129 130 } 131 | Popular Tags |