KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jivesoftware > admin > AuthCheckFilter


1 /**
2  * $RCSfile: AuthCheckFilter.java,v $
3  * $Revision: 1.4 $
4  * $Date: 2005/07/26 18:55:27 $
5  *
6  * Copyright (C) 2004 Jive Software. All rights reserved.
7  *
8  * This software is published under the terms of the GNU Public License (GPL),
9  * a copy of which is included in this distribution.
10  */
11
12 package org.jivesoftware.admin;
13
14 import org.jivesoftware.util.ConcurrentHashSet;
15 import org.jivesoftware.util.Log;
16 import org.jivesoftware.util.WebManager;
17
18 import javax.servlet.*;
19 import javax.servlet.http.HttpServletRequest JavaDoc;
20 import javax.servlet.http.HttpServletResponse JavaDoc;
21 import java.io.IOException JavaDoc;
22 import java.net.URLEncoder JavaDoc;
23 import java.util.Set JavaDoc;
24 import java.util.StringTokenizer JavaDoc;
25
26 /**
27  * A simple filter which checks for the auth token in the user's session. If it's not there
28  * the filter will redirect to the login page.
29  */
30 public class AuthCheckFilter implements Filter {
31
32     private static Set<String JavaDoc> excludes = new ConcurrentHashSet<String JavaDoc>();
33
34     private ServletContext context;
35     private String JavaDoc defaultLoginPage;
36
37     /**
38      * Adds a new string that when present in the requested URL will skip
39      * the "is logged" checking.
40      *
41      * @param exclude the string to exclude.
42      */
43     public static void addExclude(String JavaDoc exclude) {
44         excludes.add(exclude);
45     }
46
47     /**
48      * Removes a string that when present in the requested URL will skip
49      * the "is logged" checking.
50      *
51      * @param exclude the string that was being excluded.
52      */
53     public static void removeExclude(String JavaDoc exclude) {
54         excludes.remove(exclude);
55     }
56
57     public void init(FilterConfig config) throws ServletException {
58         context = config.getServletContext();
59         defaultLoginPage = config.getInitParameter("defaultLoginPage");
60         String JavaDoc excludesProp = config.getInitParameter("excludes");
61         if (excludesProp != null) {
62             StringTokenizer JavaDoc tokenizer = new StringTokenizer JavaDoc(excludesProp, ",");
63             while (tokenizer.hasMoreTokens()) {
64                 String JavaDoc tok = tokenizer.nextToken().trim();
65                 excludes.add(tok);
66             }
67         }
68     }
69
70     public void doFilter(ServletRequest JavaDoc req, ServletResponse JavaDoc res, FilterChain chain)
71             throws IOException JavaDoc, ServletException
72     {
73         HttpServletRequest JavaDoc request = (HttpServletRequest JavaDoc)req;
74         HttpServletResponse JavaDoc response = (HttpServletResponse JavaDoc)res;
75         // Reset the defaultLoginPage variable
76 String JavaDoc loginPage = defaultLoginPage;
77         if (loginPage == null) {
78             loginPage = request.getContextPath() + "/login.jsp";
79         }
80         // Get the page we're on:
81 String JavaDoc url = request.getRequestURL().toString();
82         // See if it's contained in the exclude list. If so, skip filter execution
83 boolean doExclude = false;
84         for (String JavaDoc exclude : excludes) {
85             if (url.indexOf(exclude) > -1) {
86                 doExclude = true;
87                 break;
88             }
89         }
90         if (!doExclude) {
91             WebManager manager = new WebManager();
92             manager.init(request, response, request.getSession(), context);
93             if (manager.getUser() == null) {
94                 response.sendRedirect(getRedirectURL(request, loginPage, null));
95                 return;
96             }
97         }
98         chain.doFilter(req, res);
99     }
100
101     public void destroy() {
102     }
103
104     private String JavaDoc getRedirectURL(HttpServletRequest JavaDoc request, String JavaDoc loginPage,
105             String JavaDoc optionalParams)
106     {
107         StringBuilder JavaDoc buf = new StringBuilder JavaDoc();
108         try {
109             buf.append(request.getRequestURI());
110             String JavaDoc qs = request.getQueryString();
111             if (qs != null) {
112                 buf.append("?").append(qs);
113             }
114         }
115         catch (Exception JavaDoc e) {
116             Log.error(e);
117         }
118         try {
119             String JavaDoc url= loginPage + "?url=" + URLEncoder.encode(buf.toString(), "ISO-8859-1")
120                     + (optionalParams != null ? "&"+optionalParams : "");
121             return url;
122         }
123         catch (Exception JavaDoc e) {
124             Log.error(e);
125             return null;
126         }
127     }
128 }
129
Popular Tags