1 19 20 package org.efs.openreports.interceptors; 21 22 import javax.servlet.http.HttpServletRequest ; 23 24 import org.apache.log4j.Logger; 25 import org.efs.openreports.ORStatics; 26 import org.efs.openreports.objects.ReportUser; 27 import org.efs.openreports.providers.UserProvider; 28 import org.efs.openreports.providers.UserProviderAware; 29 import org.efs.openreports.util.LocalStrings; 30 31 import com.opensymphony.webwork.ServletActionContext; 32 import com.opensymphony.xwork.Action; 33 import com.opensymphony.xwork.ActionContext; 34 import com.opensymphony.xwork.ActionInvocation; 35 import com.opensymphony.xwork.ActionSupport; 36 import com.opensymphony.xwork.interceptor.Interceptor; 37 import com.opensymphony.xwork.interceptor.component.ComponentManager; 38 39 public class WebAppSecurityInterceptor implements Interceptor, UserProviderAware 40 { 41 protected static Logger log = Logger.getLogger(WebAppSecurityInterceptor.class); 42 43 private UserProvider userProvider; 44 45 public String intercept(ActionInvocation actionInvocation) throws Exception 46 { 47 ComponentManager container = (ComponentManager) ActionContext.getContext().get( 48 49 "com.opensymphony.xwork.interceptor.component.ComponentManager"); 50 51 if (container != null) 52 { 53 container.initializeObject(this); 54 } 55 56 ReportUser user = (ReportUser) actionInvocation.getInvocationContext().getSession().get("user"); 57 58 if (user == null) 59 { 60 HttpServletRequest httpServletRequest = ServletActionContext.getRequest(); 61 if (httpServletRequest != null) 62 { 63 String userName = httpServletRequest.getRemoteUser(); 64 65 user = userProvider.getUser(userName); 66 if (user != null && httpServletRequest.isUserInRole(ORStatics.OPENREPORTS_ROLE)) 67 { 68 actionInvocation.getInvocationContext().getSession().put("user", user); 69 } 70 else 71 { 72 ActionSupport action = (ActionSupport) actionInvocation.getAction(); 73 action.addActionError(LocalStrings.getString(LocalStrings.ERROR_INVALID_USER)); 74 75 return Action.ERROR; 76 } 77 } 78 } 79 80 ActionContext.getContext().getValueStack().push(this); 81 82 return actionInvocation.invoke(); 83 } 84 85 public void destroy() 86 { 87 } 88 89 public void init() 90 { 91 } 92 93 public void setUserProvider(UserProvider userProvider) 94 { 95 this.userProvider = userProvider; 96 } 97 } | Popular Tags |