requestutils.java

用于JAVA的Web的权限过滤器

package dev.trade.common.securityfilter.util;

import javax.servlet.http.*;
import dev.trade.common.securityfilter.filter.*;

/**
 * <p>Title: 权限过滤器</p>
 *
 * <p>Description: 请求工具类</p>
 *
 * <p>Copyright: Copyright (c) 2006</p>
 *
 * <p>Company: </p>
 *
 * @author Zheng YanNan
 * @version 1.0
 */
public class RequestUtils{

  public static final String ALREADY_PROCESSED = RequestUtils.class.getName() + ".ALREADY_PROCESSED";
  public static final String SAVED_REQUEST_URL = RequestUtils.class.getName() + ".SAVED_REQUEST_URL";
  public static final String SAVED_REQUEST = RequestUtils.class.getName() + ".SAVED_REQUEST";

  public RequestUtils(){
  }

  /**
   * 请求匹配置
   * @param requestURL String       请求URL
   * @param pattern URLPattern      匹配范式
   * @param patternMatcher URLPatternMatcher  匹配器
   * @return boolean
   * @throws Exception
   */
  public static boolean matchesPattern(String requestURL, URLPattern pattern,
      URLPatternMatcher patternMatcher) throws Exception{
    if(pattern != null){
      return patternMatcher.match(requestURL, pattern);
    } else
      return false;
  }

  /**
   * 去除请求中的查询串
   * @param uri
   * @return uri with query string removed (if it had one)
   */
  public static String stripQueryString(String uri){
    if(uri != null){
      int queryStart = uri.indexOf('?');
      if(queryStart != -1){
        uri = uri.substring(0, queryStart);
      }
    }
    return uri;
  }


  /**
   * 保存请求信息，以便用户验证通过后使用
   * @param request the current request
   */
  public static void saveRequestInformation(HttpServletRequest request){
    HttpSession session = request.getSession();
    session.setAttribute(SAVED_REQUEST_URL, getSaveableURL(request));
    session.setAttribute(SAVED_REQUEST, new SavedRequest(request));
  }

  /**
   * 获取保存的请求信息
   * @param request HttpServletRequest
   * @return SavedRequest
   */
  public static SavedRequest getSavedRequest(HttpServletRequest request){
    HttpSession session = request.getSession();
    String savedURL = (String)session.getAttribute(SAVED_REQUEST_URL);
    if(savedURL != null && savedURL.equals(RequestUtils.getSaveableURL(request))){
      // this is a request for the request that caused the login,
      // get the SavedRequest from the session
      SavedRequest saved = (SavedRequest)session.getAttribute(SAVED_REQUEST);
      // remove the saved request info from the session
      session.removeAttribute(SAVED_REQUEST_URL);
      session.removeAttribute(SAVED_REQUEST);
      // and return the SavedRequest
      return saved;
    } else{
      return null;
    }
  }

  /**
   * 获取继续转向的URL（用于登录成功后返回原URL）
   * @param request the current request
   */
  public static String getContinueToURL(HttpServletRequest request){
    return (String)request.getSession().getAttribute(SAVED_REQUEST_URL);
  }

  /**
   * 获取继续转向的URL（用于登录成功后返回原URL）
   * @param request
   * @return a URL to send the user to after logging in
   */
  public static String getContinueToURL(HttpServletRequest request, String defaultPage){
    String savedURL = RequestUtils.getContinueToURL(request);
    if(savedURL != null){
      return savedURL;
    } else{
      return request.getContextPath() + (defaultPage == null ? "" : defaultPage);
    }
  }

  /**
   * 获取请求的绝对URL
   * This method is called when the app server fails to implement HttpServletRequest.getRequestURL().
   * Orion 1.5.2 is one such server.
   */
  public static StringBuffer getRequestURL(HttpServletRequest request){
    String protocol = request.getProtocol();
    int port = request.getServerPort();
    String portString = ":" + port;

    if(protocol.equals("HTTP/1.1")){
      if(!request.isSecure()){
        if(port == 80){
          portString = "";
        }
      } else{
        if(port == 443){
          portString = "";
        }
      }
    }
    // construct the saveable URL string
    return new StringBuffer(protocol + request.getServerName() + portString + request.getRequestURI());
  }

  /**
   * 获取一个可保存的URL串(包含参数)
   * @param request the request to construct a saveable URL for
   */
  public static String getSaveableURL(HttpServletRequest request){
    StringBuffer saveableURL = null;
    try{
      saveableURL = request.getRequestURL();
    } catch(NoSuchMethodError e){
      saveableURL = getRequestURL(request);
    }
    // fix the protocol
    fixProtocol(saveableURL, request);
    // add the query string, if any
    String queryString = request.getQueryString();
    if(queryString != null){
      saveableURL.append("?" + queryString);
    }
    return saveableURL.toString();
  }

  /**
   * 补充绝对URL的HTTP协议部分
   * todo: needs testing to make sure this is proper in all circumstances
   * @param url
   * @param request
   */
  public static void fixProtocol(StringBuffer url, HttpServletRequest request){
    // fix protocol, if needed (since HTTP is the same regardless of whether it runs on TCP or on SSL/TCP)
    if(
        request.getProtocol().equals("HTTP/1.1")
        && request.isSecure()
        && url.toString().startsWith("http://")
        ){
      url.replace(0, 4, "https");
    }
  }

}