KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > alfresco > web > app > servlet > AuthenticationFilter


1 /*
2  * Copyright (C) 2005 Alfresco, Inc.
3  *
4  * Licensed under the Mozilla Public License version 1.1
5  * with a permitted attribution clause. You may obtain a
6  * copy of the License at
7  *
8  * http://www.alfresco.org/legal/license.txt
9  *
10  * Unless required by applicable law or agreed to in writing,
11  * software distributed under the License is distributed on an
12  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
13  * either express or implied. See the License for the specific
14  * language governing permissions and limitations under the
15  * License.
16  */
17 package org.alfresco.web.app.servlet;
18
19 import java.io.IOException JavaDoc;
20
21 import javax.servlet.Filter JavaDoc;
22 import javax.servlet.FilterChain JavaDoc;
23 import javax.servlet.FilterConfig JavaDoc;
24 import javax.servlet.ServletContext JavaDoc;
25 import javax.servlet.ServletException JavaDoc;
26 import javax.servlet.ServletRequest JavaDoc;
27 import javax.servlet.ServletResponse JavaDoc;
28 import javax.servlet.http.HttpServletRequest JavaDoc;
29 import javax.servlet.http.HttpServletResponse JavaDoc;
30
31 import org.alfresco.web.app.Application;
32
33 /**
34  * @author Kevin Roast
35  *
36  * Servlet filter responsible for redirecting to the login page for the Web Client if the user
37  * does not have a valid ticket.
38  * <p>
39  * The current ticker is validated for each page request and the login page is shown if the
40  * ticker has expired.
41  * <p>
42  * Note that this filter is only active when the system is running in a servlet container -
43  * the AlfrescoFacesPortlet will be used for a JSR-168 Portal environment.
44  */
45 public class AuthenticationFilter implements Filter JavaDoc
46 {
47    /**
48     * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
49     */
50    public void init(FilterConfig JavaDoc config) throws ServletException JavaDoc
51    {
52       this.context = config.getServletContext();
53    }
54
55    /**
56     * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
57     */
58    public void doFilter(ServletRequest JavaDoc req, ServletResponse JavaDoc res, FilterChain JavaDoc chain)
59          throws IOException JavaDoc, ServletException JavaDoc
60    {
61       HttpServletRequest JavaDoc httpReq = (HttpServletRequest JavaDoc)req;
62       HttpServletResponse JavaDoc httpRes = (HttpServletResponse JavaDoc)res;
63       
64       // allow the login page to proceed
65 if (httpReq.getRequestURI().endsWith(getLoginPage()) == false)
66       {
67          AuthenticationStatus status =
68                AuthenticationHelper.authenticate(this.context, httpReq, httpRes, false);
69          
70          if (status == AuthenticationStatus.Success || status == AuthenticationStatus.Guest)
71          {
72             // continue filter chaining
73 chain.doFilter(req, res);
74          }
75          else
76          {
77             
78             // authentication failed - so end servlet execution and redirect to login page
79 // also save the requested URL so the login page knows where to redirect too later
80 BaseServlet.redirectToLoginPage(httpReq, httpRes, context);
81          }
82       }
83       else
84       {
85          // continue filter chaining
86 chain.doFilter(req, res);
87       }
88    }
89
90    /**
91     * @see javax.servlet.Filter#destroy()
92     */
93    public void destroy()
94    {
95       // nothing to do
96 }
97    
98    /**
99     * @return The login page url
100     */
101    private String JavaDoc getLoginPage()
102    {
103       if (this.loginPage == null)
104       {
105          this.loginPage = Application.getLoginPage(this.context);
106       }
107       
108       return this.loginPage;
109    }
110    
111    
112    private String JavaDoc loginPage = null;
113    
114    private ServletContext JavaDoc context;
115 }
116
Popular Tags