myauthenticationprocessingfilter.java

评分系统,acegi+JSF+spring+hibernate,可上传附件

package com.sgm.partybranch.common.filters;

import java.io.IOException;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.sgm.partybranch.common.constants.SessionKey;
import com.sgm.partybranch.persistence.sysadmin.PermissionDAO;
import com.sgm.partybranch.persistence.sysadmin.UserDAO;
import com.sgm.partybranch.vo.sysadmin.Permission;
import com.sgm.partybranch.vo.sysadmin.User;

public class MyAuthenticationProcessingFilter extends
		AuthenticationProcessingFilter {
	
	
	private PermissionDAO permissionDAO;
	
	private UserDAO userDAO;
	
	
	
	
	
	public PermissionDAO getPermissionDAO() {
		return permissionDAO;
	}

	public void setPermissionDAO(PermissionDAO permissionDAO) {
		this.permissionDAO = permissionDAO;
	}

	

	public UserDAO getUserDAO() {
		return userDAO;
	}

	public void setUserDAO(UserDAO userDAO) {
		this.userDAO = userDAO;
	}



	protected final Log logger = LogFactory.getLog(this.getClass());
	
	protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
			Authentication authResult) throws IOException {
		if (logger.isDebugEnabled()) {
			logger.debug("Authentication success: " + authResult.toString());
		}

		SecurityContextHolder.getContext().setAuthentication(authResult);

		if (logger.isDebugEnabled()) {
			logger.debug("Updated SecurityContextHolder to contain the following Authentication: '" + authResult + "'");
		}

		String targetUrl = determineTargetUrl(request);

		if (logger.isDebugEnabled()) {
			logger.debug("Redirecting to target URL from HTTP Session (or default): " + targetUrl);
		}

		onSuccessfulAuthentication(request, response, authResult);

		getRememberMeServices().loginSuccess(request, response, authResult);
		
		
		// Fire event
		if (this.eventPublisher != null) {
			eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
		}
		
		initSession(request);

		sendRedirect(request, response, targetUrl);
	}
	
	private void initSession(HttpServletRequest request){
		String userId=null;
		String username=null;
		List<Permission> permissions=null;
		//取用户名
		String account=(String) request.getSession().getAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY);
		List<User> users=userDAO.getUserByAccount(username, null, null);
		
		if(users!=null){
			User user=users.get(0);
			userId=user.getUserId();
			permissions=permissionDAO.getPermissionsByUser(userId);
			username=user.getUsername();
		}
		
		request.getSession().setAttribute(SessionKey.PERMISSION_KEY, permissions);
		request.getSession().setAttribute(SessionKey.USERNAME_KEY,username);
		request.getSession().setAttribute(SessionKey.USER_PRIMARY_KEY_ID,userId);
	}
	

}