KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > roller > presentation > filters > LoginFilter


1 package org.roller.presentation.filters;
2
3 import java.io.IOException JavaDoc;
4
5 import javax.servlet.Filter JavaDoc;
6 import javax.servlet.FilterChain JavaDoc;
7 import javax.servlet.FilterConfig JavaDoc;
8 import javax.servlet.RequestDispatcher JavaDoc;
9 import javax.servlet.ServletException JavaDoc;
10 import javax.servlet.ServletRequest JavaDoc;
11 import javax.servlet.ServletResponse JavaDoc;
12 import javax.servlet.http.Cookie JavaDoc;
13 import javax.servlet.http.HttpServletRequest JavaDoc;
14 import javax.servlet.http.HttpServletResponse JavaDoc;
15
16 import org.apache.commons.lang.StringUtils;
17 import org.apache.commons.logging.Log;
18 import org.apache.commons.logging.LogFactory;
19 import org.roller.config.RollerConfig;
20 import org.roller.model.UserManager;
21 import org.roller.pojos.UserData;
22 import org.roller.presentation.util.RequestUtil;
23 import org.roller.presentation.RollerRequest;
24 import org.roller.util.Utilities;
25
26
27 /**
28  * <p>Intercepts Login requests for "Remember Me" functionality.</p>
29  *
30  * @author Matt Raible
31  * @version $Revision: 1.4 $ $Date: 2005/05/17 20:30:16 $
32  *
33  * @web.filter display-name="Login Filter" name="loginFilter"
34  * @web.filter-init-param name="enabled" value="true"
35  */
36 public final class LoginFilter implements Filter JavaDoc
37 {
38     //~ Instance fields ========================================================
39
40     private Log mLogger = LogFactory.getLog(LoginFilter.class);
41     private boolean enabled = true;
42
43     //~ Methods ================================================================
44
45     public void doFilter(ServletRequest JavaDoc req, ServletResponse JavaDoc resp,
46                          FilterChain JavaDoc chain)
47                   throws IOException JavaDoc, ServletException JavaDoc
48     {
49
50         HttpServletRequest JavaDoc request = (HttpServletRequest JavaDoc) req;
51         HttpServletResponse JavaDoc response = (HttpServletResponse JavaDoc) resp;
52
53         // See if the user has a remember me cookie
54 Cookie JavaDoc c = RequestUtil.getCookie(request, RollerRequest.LOGIN_COOKIE);
55
56         try
57         {
58             RollerRequest rreq = RollerRequest.getRollerRequest(request);
59             UserManager mgr = rreq.getRoller().getUserManager();
60                 
61             // Check to see if the user is logging out, if so, remove all
62 // login cookies
63 if (request.getRequestURL().indexOf("logout") != -1)
64             {
65                 if (mLogger.isDebugEnabled())
66                 {
67                     mLogger.debug("logging out '" + request.getRemoteUser() + "'");
68                 }
69     
70                 mgr.removeLoginCookies(request.getRemoteUser());
71                 rreq.getRoller().commit();
72                 RequestUtil.deleteCookie(response, c, request.getContextPath());
73             }
74             else if (c != null && enabled)
75             {
76                 String JavaDoc loginCookie = mgr.checkLoginCookie(c.getValue());
77                 rreq.getRoller().commit();
78
79                 if (loginCookie != null)
80                 {
81                     RequestUtil.setCookie(response, RollerRequest.LOGIN_COOKIE,
82                                           loginCookie,
83                                           request.getContextPath());
84                     loginCookie = Utilities.decodeString(loginCookie);
85
86                     String JavaDoc[] value = StringUtils.split(loginCookie, '|');
87
88                     UserData user = mgr.getUser( value[0] );
89
90                     // authenticate user without displaying login page
91 String JavaDoc route = "/auth?j_username=" +
92                                    user.getUserName() + "&j_password=" +
93                                    user.getPassword();
94
95                     request.setAttribute("encrypt", "false");
96                     request.getSession().setAttribute("cookieLogin", "true");
97
98                     if (mLogger.isDebugEnabled())
99                     {
100                         mLogger.debug("I remember you '" + user.getUserName() +
101                                   "', attempting to authenticate...");
102                     }
103
104                     RequestDispatcher JavaDoc dispatcher =
105                         request.getRequestDispatcher(route);
106                     dispatcher.forward(request, response);
107
108                     return;
109                 }
110             }
111                 
112         } catch (Exception JavaDoc e)
113         {
114             // no big deal if cookie-based authentication fails
115 mLogger.warn(e.getMessage());
116         }
117
118         chain.doFilter(req, resp);
119     }
120
121     /**
122      * Initialize controller values of filter.
123      */
124     public void init(FilterConfig JavaDoc config)
125     {
126         mLogger.debug("Initializing Login Filter");
127         
128         String JavaDoc param = RollerConfig.getProperty("loginfilter.rememberme.enabled");
129         enabled = Boolean.valueOf(param).booleanValue();
130
131         mLogger.info("Remember Me enabled: " + enabled);
132
133         config.getServletContext().setAttribute("rememberMeEnabled", param);
134     }
135
136     /**
137      * destroy any instance values other than config *
138      */
139     public void destroy() {
140     }
141 }
142
Popular Tags