aclfilter.java

Chinaxp 论坛源代码

/*
 * XP Forum
 *	
 * Copyright (c) 2002-2003 RedSoft Group.  All rights reserved.
 *
 */
package org.redsoft.forum.filters;

import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.security.auth.Subject;
import org.redsoft.forum.ForumConstants;
import org.redsoft.forum.dao.AclDAO;
import org.redsoft.forum.dao.xml.AclDAOxml;

/**
 * <p>Filter that guarantee the protected web resources can only accessed
 * by a logined user.
 * 
 * When a user requests a protected page, filter checks whether the user is
 * logined on. If the user is logined on, the protected resource is served.
 * If the user is not logined, filter save the requested URL(for use after
 * logined on) and then redirects the request to the logon page.
 * 
 * The protected web resources configuration are stored in 
 * /WEB-INF/acl-config.xml</p>
 * 
 * @@author <a href="mailto:chjxm@msn.com">cinc</a>
 *
 * @@version $Id: AclFilter.java,v 1.1.1.1 2004/02/04 03:52:12 mustang Exp $
 */

public class AclFilter implements Filter {
    /**
     * The filter configuration object we are associated with.  If this value
     * is null, this filter instance is not currently configured.
     */
    FilterConfig config;

    /**
     * Acl DAO, responsible for reading acl configuration from file
     */
    AclDAO aclDAO;

    
    /**
     * Use acl-config.xml to store web pages that can only be viewed by 
     * logined user.
     * For every web resource, if it is a protected resource, check if
     * the user has been logined, if not, save corrent page to session,
     * forward to logon page
     *
     * @param request The servlet request we are processing
     * @param result The servlet response we are creating
     * @param chain The filter chain we are processing
     *
     * @exception IOException if an input/output error occurs
     * @exception ServletException if a servlet error occurs
     */
    public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain)
	throws IOException, ServletException {
        // get Request URI
        HttpServletRequest hreq = (HttpServletRequest)request;
		String requestUri = hreq.getRequestURI();
        String uri = null;
        int secondSlash = requestUri.indexOf("/", 1);
        if (secondSlash != -1){
            uri = requestUri.substring(secondSlash+1, requestUri.length());

            if (aclDAO.isProtectedResource(uri)){
        		// Get the user from session
	        	final Subject subject
		        	=(Subject)hreq.getSession().getAttribute( ForumConstants.USER_KEY );
                // if user is null, user is not loged in, forward to logon page
                if (subject == null){
                    //System.out.println ("not loged on, will redirect to logon page");
                    String url = "/" + uri + "?" + hreq.getQueryString();
    		    	hreq.setAttribute( ForumConstants.DEST_URL, url );
                    config.getServletContext().getRequestDispatcher("/logon.jsp").forward(request, response);
                    return;
                }
            }
        }
    	// Pass control on to the next filter
        chain.doFilter(request, response);
    }

    /**
     * Place this filter into service.
     * Read acl configuration from file
     *
     * @param filterConfig The filter configuration object
     */
    public void init(FilterConfig filterConfig) throws ServletException {
        config = filterConfig;
        ServletContext context = filterConfig.getServletContext();
        aclDAO = new AclDAOxml(context.getRealPath(ForumConstants.ACL_CONFIG_FILE));
    }

    /**
     * Take this filter out of service.
     */
    public void destroy() {
        config = null;
        aclDAO = null;
    }
}