KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > riotfamily > riot > security > session > AccessControlInterceptor


1 /* ***** BEGIN LICENSE BLOCK *****
2  * Version: MPL 1.1
3  * The contents of this file are subject to the Mozilla Public License Version
4  * 1.1 (the "License"); you may not use this file except in compliance with
5  * the License. You may obtain a copy of the License at
6  * http://www.mozilla.org/MPL/
7  *
8  * Software distributed under the License is distributed on an "AS IS" basis,
9  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
10  * for the specific language governing rights and limitations under the
11  * License.
12  *
13  * The Original Code is Riot.
14  *
15  * The Initial Developer of the Original Code is
16  * Neteye GmbH.
17  * Portions created by the Initial Developer are Copyright (C) 2006
18  * the Initial Developer. All Rights Reserved.
19  *
20  * Contributor(s):
21  * Felix Gnass [fgnass at neteye dot de]
22  *
23  * ***** END LICENSE BLOCK ***** */
24 package org.riotfamily.riot.security.session;
25
26 import javax.servlet.http.HttpServletRequest JavaDoc;
27 import javax.servlet.http.HttpServletResponse JavaDoc;
28
29 import org.riotfamily.common.web.util.OncePerRequestInterceptor;
30 import org.riotfamily.riot.security.auth.RiotUser;
31
32 /**
33  * HandlerInterceptor that binds the authenticated user (if present) to the
34  * current thread.
35  *
36  * @see AccessController
37  */
38 public class AccessControlInterceptor extends OncePerRequestInterceptor {
39
40     public boolean preHandleOnce(HttpServletRequest JavaDoc request,
41             HttpServletResponse JavaDoc response, Object JavaDoc handler) throws Exception JavaDoc {
42         
43         RiotUser user = LoginManager.getUser(request);
44         SecurityContext.bindUserToCurrentThread(user);
45         return isAuthorized(request, response, user);
46     }
47
48     protected boolean isAuthorized(HttpServletRequest JavaDoc request,
49             HttpServletResponse JavaDoc response, RiotUser user) throws Exception JavaDoc {
50         
51         return true;
52     }
53     
54     public final void afterLastCompletion(HttpServletRequest JavaDoc request,
55             HttpServletResponse JavaDoc response, Object JavaDoc handler, Exception JavaDoc ex)
56             throws Exception JavaDoc {
57
58         SecurityContext.resetUser();
59     }
60
61 }
62
Popular Tags