📄 securityfilter.java
字号:
/*
* JCatalog Project
*/
package com.pegasus.framework.filter;
import javax.servlet.Filter;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* This Filter class handle the security of the application.
* <p>
* It should be configured inside the web.xml.
*
* @author franco.wong
*/
public abstract class SecurityFilter implements Filter {
//the logger object
private Log logger = LogFactory.getLog(this.getClass());
/* //the login page uri
public static final String ACL_CONTEXT_PATH = "/AccessControlWeb";
public static final String ACL_LOGIN_PAGE_URI = ACL_CONTEXT_PATH + "/login.jsf";
public static final String ACL_HOME_PAGE_URI = ACL_CONTEXT_PATH + "/front.jsf";
private static final String LOGIN_PAGE_URI = "login.jsf";
private static final String INDEX_PAGE_URI = "index.jsf";
private static final String ALERT_PAGE_URI = "alert.jsf";
private static final String ERROR_PAGE_URI = "error.jsf";
//a set of restricted resources
protected Set permittedResources;
private BaseAclBean aclBean;
private ServletContext servletContext;
public SecurityFilter()
{
this.permittedResources = new HashSet();
}
public abstract BaseAclBean createAclBean();
public void init(FilterConfig filterConfig) throws ServletException {
servletContext = filterConfig.getServletContext();
this.permittedResources.add('/'+ALERT_PAGE_URI);
this.permittedResources.add('/'+INDEX_PAGE_URI);
this.permittedResources.add('/'+ERROR_PAGE_URI);
}
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
HttpSession session = request.getSession();
String contextPath = request.getContextPath();
String requestUri = request.getRequestURI();
String requestUriExcludeContext = requestUri.replaceAll(contextPath,"");
logger.debug("contextPath = " + contextPath);
if(!this.contains(requestUri, contextPath))
{
this.logger.debug("Not Permitted Resource: " + requestUriExcludeContext);
String sid = request.getParameter("sid");
aclBean = (BaseAclBean) session.getAttribute(BaseBeanNames.ACL_BEAN);
if (aclBean == null || !aclBean.isLoggedIn() || !isEmpty(sid))
{
Long aclUserId = null;
try {
if (request.getParameter("aclUserId") != null)
aclUserId = new Long(Long.parseLong(request.getParameter("aclUserId")));
} catch (NumberFormatException e) {
}
logger.debug("Param aclUserId = " + aclUserId);
if (isEmpty(sid) || aclUserId == null)
{
if (contextPath.equals(ACL_CONTEXT_PATH)) {
request.getRequestDispatcher(LOGIN_PAGE_URI).forward(req, res);
} else {
response.reset();
response.sendRedirect(ACL_LOGIN_PAGE_URI);
}
return;
}
if (aclBean == null)
{
aclBean = this.createAclBean();
}
else
{
// clean up the session if aclUserId is diff
if (aclUserId == null || aclBean.getAclUser() == null ||
!aclUserId.equals(aclBean.getAclUser().getId()))
{
cleanSession(session);
}
}
if (!aclBean.loginAction(sid, aclUserId, servletContext))
{
if (contextPath.equals(ACL_CONTEXT_PATH)) {
request.getRequestDispatcher(LOGIN_PAGE_URI).forward(req, res);
} else {
response.reset();
response.sendRedirect(ACL_LOGIN_PAGE_URI);
}
return;
}
else
{
// set back the aclBean if login success
session.setAttribute(BaseBeanNames.ACL_BEAN, aclBean);
}
}
if (!contextPath.equals(ACL_CONTEXT_PATH)
&& !aclBean.hasPerm(requestUriExcludeContext))
{
aclBean.logout();
logger.debug("Access Denied for page " + requestUriExcludeContext);
response.reset();
response.sendRedirect(ACL_LOGIN_PAGE_URI);
return;
}
req = new HttpServletRequestWrapper((HttpServletRequest)req)
{
public boolean isUserInRole(String roleName)
{
if (aclBean==null || !aclBean.isLoggedIn()) return false;
else return aclBean.hasRole(roleName);
}
};
}
else
{
this.logger.debug("Permitted Resource: " + requestUriExcludeContext);
// Force Logout
aclBean = (BaseAclBean) session.getAttribute(BaseBeanNames.ACL_BEAN);
if (aclBean != null && aclBean.isLoggedIn() &&
requestUriExcludeContext.equals('/'+LOGIN_PAGE_URI))
{
cleanSession(session);
this.logger.debug("Force logout for " + aclBean.getAclUser().getCode());
aclBean.logout();
}
req = new HttpServletRequestWrapper((HttpServletRequest)req)
{
public boolean isUserInRole(String roleName)
{
return true;
}
};
}
String localeString = request.getParameter("localeString");
if (!isEmpty(localeString))
{
logger.debug("Param localeString = " + localeString);
LocaleBean localeBean = (LocaleBean) session.getAttribute(BaseBeanNames.LOCALE_BEAN);
if (localeBean == null)
{
localeBean = new LocaleBean(servletContext, localeString);
session.setAttribute(BaseBeanNames.LOCALE_BEAN, localeBean);
} else {
localeBean.setCurrentLocaleString(localeString);
}
}
chain.doFilter(req, res);
}
private boolean contains(String value, String contextPath) {
Iterator ite = this.permittedResources.iterator();
while (ite.hasNext()) {
String permittedResources = (String)ite.next();
if ((contextPath + permittedResources).equalsIgnoreCase(value)) {
return true;
}
}
return false;
}
private void cleanSession(HttpSession session)
{
Enumeration enum = session.getAttributeNames();
while (enum.hasMoreElements())
{
String attName = (String) enum.nextElement();
if (!attName.equals(BaseBeanNames.ACL_BEAN) &&
!attName.equals(BaseBeanNames.LOCALE_BEAN))
session.removeAttribute(attName);
}
}
private boolean isEmpty(String s)
{
return (s == null || s.equals(""));
}
public void destroy() {}
*/
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -