WebSVN - bacoAlunos - Diff - Rev 1814 and 1830 - /branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/AuthenticationAllFilter.java

 package pt.estgp.estgweb.web.filters;
 import org.apache.log4j.Logger;
-import pt.estgp.estgweb.utils.Globals;
 import pt.estgp.estgweb.domain.UserSessionImpl;
+import pt.estgp.estgweb.utils.Globals;
+import pt.estgp.estgweb.web.UserSessionProxy;
 import javax.servlet.*;
 import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 /**
+ *
  * @author  Jorge Machado
  */
-public class UserFilter implements 1.5.0/docs/api/java/util/logging/Filter.html">Filter {
+public class AuthenticationAllFilter extends UserFilter {
-    private static final 1.5.0/docs/api/java/util/logging/Logger.html">Logger logger = 1.5.0/docs/api/java/util/logging/Logger.html">Logger.getLogger(UserFilter.class);
+    private static final 1.5.0/docs/api/java/util/logging/Logger.html">Logger logger = 1.5.0/docs/api/java/util/logging/Logger.html">Logger.getLogger(AuthenticationAllFilter.class);
-    public UserFilter()
+    public AuthenticationAllFilter()
+    {
+    }
+    static 1.5.0/docs/api/java/lang/String.html">String[] allowedPatternsContains;
+    static 1.5.0/docs/api/java/lang/String.html">String[] allowedPatternsStartsWith;
+    static 1.5.0/docs/api/java/lang/String.html">String[] allowedPatternsEqual;
     public void init(FilterConfig config)
+    {
+        allowedPatternsContains = config.getInitParameter("allowedPatternsContains").replaceAll(" ","").replaceAll("\t","").replaceAll("\r","").replaceAll("\n","").trim().split(",");
+        allowedPatternsStartsWith = config.getInitParameter("allowedPatternsStartsWith").replaceAll(" ","").replaceAll("\t","").replaceAll("\r","").replaceAll("\n","").trim().split(",");
+        allowedPatternsEqual = config.getInitParameter("allowedPatternsEqual").replaceAll(" ","").replaceAll("\t","").replaceAll("\r","").replaceAll("\n","").trim().split(",");;
+    }
+    static 1.5.0/docs/api/java/lang/String.html">String linkSubmitLogin = Globals.SYSTEM_REDIRECTIONS_POLICY_AUTHENTICATION_ACTION;
     /**
+     *
      * @param request The servlet request we are processing
      * @param chain The filter chain we are processing
+     *
      * @exception javax.servlet.ServletException if a servlet error occurs
      */
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws 1.5.0/docs/api/java/io/IOException.html">IOException, ServletException
+    {
+        //String linkLogin = Globals.SYSTEM_REDIRECTIONS_POLICY_INDEX_WELCOME;
         HttpServletRequest hrequest = (HttpServletRequest) request;
-        if(((HttpServletRequest)request).getServletPath().indexOf("errorNoCookies.do")>=0 || !hrequest.isRequestedSessionIdFromCookie())
+        UserSessionImpl userSession = (UserSessionImpl) UserSessionProxy.loadUserSessionFromRequest(hrequest);
+        if(userSession != null && userSession.isAuthenticated())
+        {
             chain.doFilter(request,response);
+            return;
+        }
-        UserSessionImpl userSession = (UserSessionImpl) request.getAttribute(Globals.USER_SESSION_KEY);
-        if(userSession != null && userSession.getUser() != null)
+        if(hrequest.getServletPath().equals("")
+                || hrequest.getServletPath().equals("/")
+                || hrequest.getServletPath().startsWith(linkSubmitLogin))
+        {
             chain.doFilter(request,response);
-        else if(userSession == null)
+            return;
+        }
+        if(FilterUtils.checkIfIsIgnoredExtension(request, hrequest))
+        {
-             logger.info("User lost Session");
+            chain.doFilter(request, response);
+            return;
+        }
-        else
+        for(1.5.0/docs/api/java/lang/String.html">String patternEqual : allowedPatternsEqual)
+        {
+            if(hrequest.getServletPath().equals(patternEqual))
-            try{
+            {
+                chain.doFilter(request,response);
+                return;
+            }
+        }
+        for(1.5.0/docs/api/java/lang/String.html">String patternEqual : allowedPatternsContains)
+        {
+            if(hrequest.getServletPath().contains(patternEqual))
+            {
+                chain.doFilter(request,response);
+                return;
+            }
+        }
-            // ((HttpServletResponse)response).setStatus(401);
+        for(1.5.0/docs/api/java/lang/String.html">String patternEqual : allowedPatternsStartsWith)
+        {
-             ((HttpServletResponse)response).sendError(401);
+            if(hrequest.getServletPath().startsWith(patternEqual))
-            }catch(1.5.0/docs/api/java/lang/Throwable.html">Throwable e)
+            {
-                logger.error("Error don't sending error, probably already sent: " + e);
+                chain.doFilter(request,response);
+                return;
+            }
+        }
+        logger.warn("URL nao permitido, enviando filtragem para a Super Classe UserFilter");
+        super.doFilter(request,response,chain);
+    }
     public void destroy()
+    {
         // Nothing
+    }

Subversion Repositories bacoAlunos

(root)/branches/v3/impl/src/java/pt/estgp/estgweb/web/filters/AuthenticationAllFilter.java @ 1847 - Rev 1814 → 1830