1 11 12 package org.jivesoftware.admin; 13 14 import org.jivesoftware.util.ConcurrentHashSet; 15 import org.jivesoftware.util.Log; 16 import org.jivesoftware.util.WebManager; 17 18 import javax.servlet.*; 19 import javax.servlet.http.HttpServletRequest ; 20 import javax.servlet.http.HttpServletResponse ; 21 import java.io.IOException ; 22 import java.net.URLEncoder ; 23 import java.util.Set ; 24 import java.util.StringTokenizer ; 25 26 30 public class AuthCheckFilter implements Filter { 31 32 private static Set<String > excludes = new ConcurrentHashSet<String >(); 33 34 private ServletContext context; 35 private String defaultLoginPage; 36 37 43 public static void addExclude(String exclude) { 44 excludes.add(exclude); 45 } 46 47 53 public static void removeExclude(String exclude) { 54 excludes.remove(exclude); 55 } 56 57 public void init(FilterConfig config) throws ServletException { 58 context = config.getServletContext(); 59 defaultLoginPage = config.getInitParameter("defaultLoginPage"); 60 String excludesProp = config.getInitParameter("excludes"); 61 if (excludesProp != null) { 62 StringTokenizer tokenizer = new StringTokenizer (excludesProp, ","); 63 while (tokenizer.hasMoreTokens()) { 64 String tok = tokenizer.nextToken().trim(); 65 excludes.add(tok); 66 } 67 } 68 } 69 70 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) 71 throws IOException , ServletException 72 { 73 HttpServletRequest request = (HttpServletRequest )req; 74 HttpServletResponse response = (HttpServletResponse )res; 75 String loginPage = defaultLoginPage; 77 if (loginPage == null) { 78 loginPage = request.getContextPath() + "/login.jsp"; 79 } 80 String url = request.getRequestURL().toString(); 82 boolean doExclude = false; 84 for (String exclude : excludes) { 85 if (url.indexOf(exclude) > -1) { 86 doExclude = true; 87 break; 88 } 89 } 90 if (!doExclude) { 91 WebManager manager = new WebManager(); 92 manager.init(request, response, request.getSession(), context); 93 if (manager.getUser() == null) { 94 response.sendRedirect(getRedirectURL(request, loginPage, null)); 95 return; 96 } 97 } 98 chain.doFilter(req, res); 99 } 100 101 public void destroy() { 102 } 103 104 private String getRedirectURL(HttpServletRequest request, String loginPage, 105 String optionalParams) 106 { 107 StringBuilder buf = new StringBuilder (); 108 try { 109 buf.append(request.getRequestURI()); 110 String qs = request.getQueryString(); 111 if (qs != null) { 112 buf.append("?").append(qs); 113 } 114 } 115 catch (Exception e) { 116 Log.error(e); 117 } 118 try { 119 String url= loginPage + "?url=" + URLEncoder.encode(buf.toString(), "ISO-8859-1") 120 + (optionalParams != null ? "&"+optionalParams : ""); 121 return url; 122 } 123 catch (Exception e) { 124 Log.error(e); 125 return null; 126 } 127 } 128 } 129 | Popular Tags |