1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
|
public class AuthentificationFilter implements Filter {
/**
* Represents the list of exceptions url.
*/
private static List<String> exceptionsURL = new ArrayList();
private static List<String> foldersURL = new ArrayList();
private static String defaultURL = "login.faces";
private static String endSessionURL = "/error.faces";
public static final String DEFAULT_EXCEPTION_URL_PREFIX = "EXCEPTION_URL";
public static final String DEFAULT_FOLDER_EXCEPTION_URL_PREFIX = "FOLDER_EXCEPTION_URL";
public static final String DEFAULT_AUTORISATIONFAILED_URL = "AUTORISATIONFAILED_URL";
private static Log log = LogHelper.getLog(AuthentificationFilter.class);
/*
* (non-Javadoc)
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/
public void init(FilterConfig filterConfig) throws ServletException {
Enumeration enumeration = filterConfig.getInitParameterNames();
log.info("Read Exception URL : ");
while (enumeration.hasMoreElements()){
String parameterName = (String) enumeration.nextElement();
String parameterValue = filterConfig.getInitParameter(parameterName);
if(parameterName.startsWith(DEFAULT_EXCEPTION_URL_PREFIX)){
parameterValue = formatURL(parameterValue);
exceptionsURL.add(parameterValue);
log.info("Exception URL :" + parameterValue);
}
if(parameterName.startsWith(DEFAULT_FOLDER_EXCEPTION_URL_PREFIX)){
parameterValue = formatURL(parameterValue);
foldersURL.add(parameterValue);
log.info("Exception folders URL :" + parameterValue);
}
}
String value = filterConfig.getInitParameter(DEFAULT_AUTORISATIONFAILED_URL);
if(value!=null && value.length() > 0) {
defaultURL = value;
}
defaultURL = formatURL(defaultURL);
exceptionsURL.add(defaultURL);
log.debug("Default URL :" + defaultURL);
}
/*
* (non-Javadoc)
* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
*/
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
doFilter((HttpServletRequest)servletRequest, (HttpServletResponse) servletResponse, filterChain);
}
private String formatURL(String URL) {
String result = URL;
if(URL.startsWith("./")) {
result = URL.substring(1);
} else {
if(!URL.startsWith("/")){
result = "/"+URL;
}
}
return result;
}
/**
* This method is used in order to check the user authentification.
* @param servletRequest HttpServletRequest
* @param servletResponse HttpServletResponse
*/
private void doFilter(HttpServletRequest servletRequest, HttpServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
String currentURL = formatURL(servletRequest.getServletPath());
boolean redirect = false;
log.info("Current Request URL :" + currentURL);
if(exceptionsURL.contains(currentURL)){
redirect = true;
} else {
log.debug("Check folder exception");
int index;
if( (index = currentURL.indexOf("/",1)) != -1 ){
String folder = currentURL.substring(0,index);
log.debug("Current folder :"+folder);
if(foldersURL.contains(folder)){
redirect = true;
}
}
log.debug("Get the current session");
HttpSession session = servletRequest.getSession(true);
if(!session.isNew() && session.getAttribute("visit") != null) {
log.debug("The current session have a connected user");
redirect = true;
} else {
log.debug("The current session is new or have not a connected user");
}
}
if(redirect){
log.info("redirect");
filterChain.doFilter(servletRequest, servletResponse);
} else {
log.debug("Redirect : "+servletRequest.getContextPath()+endSessionURL);
servletResponse.sendRedirect(servletRequest.getContextPath()+endSessionURL);
}
}
/*
* (non-Javadoc)
* @see javax.servlet.Filter#destroy()
*/
public void destroy() {
exceptionsURL.clear();
} |
Partager