📄 authenticatedaction.java
字号:
* Make sure the current navigation context is
* correct. If not, then check the user can switch
* to the correct and switch it.
*/
CoreUtil.checkNavigationContext(this, mapping, form, request, response);
// Check the user has the permissions to access this
// page
if (resourceType != null) {
if (!CoreServlet.getServlet().getPolicyDatabase().isResourcePermissionAllowed(resourceType,
permissions, currentUser, false)) {
throw new ActionDeniedException(mapping, "You do not have permission to perform this action.",
currentUser, resourceType);
}
}
if (request.getSession().getAttribute(Constants.SESSION_LOCKED) == null || isIgnoreSessionLock()) {
if (requiresProfile()) {
PropertyProfile profile = (PropertyProfile) request.getSession().getAttribute(
Constants.SELECTED_PROFILE);
if (profile == null) {
request.getSession().setAttribute(Constants.ORIGINAL_REQUEST,
Util.getOriginalRequest(request));
return mapping.findForward("selectPropertyProfile");
}
}
sessionInfo = CoreServlet.getServlet().getLogonController().getSessionInfo(request);
return onExecute(mapping, form, request, response);
}
}
}
}
} catch (ActionDeniedException npgpe) {
if (log.isDebugEnabled())
log.debug("User " + npgpe.getPrincipal().getPrincipalName()
+ " attempted to access page they do have have permission for. Resource type = "
+ npgpe.getResourceType()
+ ". Now attempting to find the first valid item in the current menu tree to display.", npgpe);
MenuTree menuTree = NavigationManager.getMenuTree(CoreMenuTree.MENU_ITEM_MENU_TREE);
ActionForward fwd = menuTree.getFirstAvailableActionForward(menuTree.rebuildMenus(request));
if (fwd == null) {
// If we are in the management console, try the user
// console,
SessionInfo info = this.getSessionInfo();
if (info.getNavigationContext() == SessionInfo.MANAGEMENT_CONSOLE_CONTEXT) {
info.setNavigationContext(SessionInfo.USER_CONSOLE_CONTEXT);
CoreUtil.resetMainNavigation(request.getSession());
menuTree = NavigationManager.getMenuTree(CoreMenuTree.MENU_ITEM_MENU_TREE);
fwd = menuTree.getFirstAvailableActionForward(menuTree.rebuildMenus(request));
if (fwd != null) {
if (log.isDebugEnabled())
log.debug("Redirecting / Forwarding to " + fwd);
return fwd;
}
} else if (info.getNavigationContext() == SessionInfo.USER_CONSOLE_CONTEXT) {
info.setNavigationContext(SessionInfo.MANAGEMENT_CONSOLE_CONTEXT);
CoreUtil.resetMainNavigation(request.getSession());
menuTree = NavigationManager.getMenuTree(CoreMenuTree.MENU_ITEM_MENU_TREE);
fwd = menuTree.getFirstAvailableActionForward(menuTree.rebuildMenus(request));
if (fwd != null) {
if (log.isDebugEnabled())
log.debug("Redirecting / Forwarding to " + fwd);
return fwd;
}
}
throw new Exception("Use does not have any permission for using any navigation context.");
}
if (log.isDebugEnabled())
log.debug("Redirecting / Forwarding to " + fwd);
return fwd;
} catch (InvalidTicketException ex) {
// Not logged in or expired
} catch (ServletException ex) {
throw ex;
}
// catch (Exception ex) {
// log.error("An unexpected error has occured.", ex);
// throw new ServletException(ex);
// }
return gotoLogon(mapping, form, request, response);
} catch (Throwable t) {
log.error("Failed to process authenticated request.", t);
throw t instanceof Exception ? (Exception) t : new Exception(t);
}
}
/**
* Logon is required. By default this will direct to the logon page.
* Subclasses may overide this method to go somewhere different.
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception
*/
protected ActionForward gotoLogon(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
request.getSession().setAttribute(Constants.ORIGINAL_REQUEST, Util.getOriginalRequest(request));
return mapping.findForward("logon");
}
/**
* Get the resource type that was passed in on the constructor. The resource
* type will be supplied if this particular action implementation deals with
* resources controlled by the policy framework. This is used to check
* permissions
*
* @return resource type
*/
public ResourceType getResourceType() {
return resourceType;
}
/**
* Get if this action requires a profile to be selected. Some actions may
* not require a profile to be present (the main one being the profile
* selection page!). If no profile is found in the session and this method
* returned <code>true</code> then the user will be directed to the
* 'selectPropertyProfile' page.
*
* @return requires a profile
*/
protected boolean requiresProfile() {
return true;
}
/**
* Get if this action requires authentication to operator.
*
* @return authentication
*/
protected boolean requiresAuthentication() {
return true;
}
/**
* Get if this action should ignore any session locks
*
* @return ignore session locks
*/
protected boolean isIgnoreSessionLock() {
return false;
}
/*
* Send SC_AUTHORIZED to the client browser forcing HTTP authentication with
* the realm "SSL-Explorer".
*
* @param response response to write authentication request to.
*/
void sendAuthorizationError(HttpServletResponse response) throws IOException {
response.setHeader("WWW-Authenticate", "Basic realm=\"SSL-Explorer\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}
/**
* This method is called when all the default checks have take place.
* Subclass would do their actual processing here.
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return forward
* @throws Exception on any error
*/
protected ActionForward onExecute(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response) throws Exception {
return mapping.findForward("success");
}
/**
* Return the navigation context this action may be used in as a mask. If
* the user is not in the appropriate navigation then they will be
* automatically redirected to the action that switches contexts.
*
* @param mapping mapping
* @param form form
* @param request request
* @param response response
* @return navigation context
* @see SessionInfo#MANAGEMENT_CONSOLE_CONTEXT
* @see SessionInfo#USER_CONSOLE_CONTEXT
* @see SessionInfo#getNavigationContext()
*/
public abstract int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest request,
HttpServletResponse response);
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -