rebuilding head

[mir.git] / source / mir / core / ui / filter / AuthenticationFilter.java
diff --git a/source/mir/core/ui/filter/AuthenticationFilter.java b/source/mir/core/ui/filter/AuthenticationFilter.java

index f83eea5..a47589d 100755 (executable)
--- a/source/mir/core/ui/filter/AuthenticationFilter.java
+++ b/source/mir/core/ui/filter/AuthenticationFilter.java
@@ -48,10 +48,11 @@ import mir.core.ui.servlet.*;
  /**
   * AuthenticationFilter
   * @author idefix
- * @version $Id: AuthenticationFilter.java,v 1.1 2003/09/05 20:23:59 idfx Exp $
+ * @version $Id: AuthenticationFilter.java,v 1.3 2003/09/18 21:42:17 idfx Exp $
   */
  public class AuthenticationFilter implements Filter {
         private FilterConfig _filterConfig;
+       
         /**
          * 
          */
@@ -62,34 +63,51 @@ public class AuthenticationFilter implements Filter {
         /**
          * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
          */
-       public void init(final FilterConfig filterConfig) throws ServletException {
+       public void init(final FilterConfig filterConfig) 
+               throws ServletException {
                 _filterConfig = filterConfig;
         }
  
         /**
          * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
          */
-       public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
+       public void doFilter(ServletRequest servletRequest, 
+               ServletResponse servletResponse, FilterChain filterChain)
                 throws IOException, ServletException {
+               
                 HttpServletRequest request = (HttpServletRequest)servletRequest;        
                 String requestUri = request.getRequestURI();
-               System.out.println(requestUri);
-               System.out.println(request.getContextPath());
-               if(requestUri != null && requestUri.startsWith(request.getContextPath() + "/admin")){
+               if(requestUri != null 
+                       && requestUri.startsWith(request.getContextPath() + "/admin")
+                       && requestUri.indexOf("logon") == -1){
                         //check if authenticated, only if in admin-module
                         HttpSession httpSession = request.getSession();
-                       MirUser mirUser = (MirUser)httpSession.getAttribute(ServletConstants.USER);
+                       MirUser mirUser = 
+                               (MirUser)httpSession.getAttribute(ServletConstants.USER);
+                       
                         if(mirUser == null){
-                               servletRequest.getRequestDispatcher("/admin/login.shtml").forward(servletRequest, servletResponse);
+                               //user is not authorized to access
+                               //set redirect attributes that the user comes to place he wants to be
+                               httpSession.setAttribute(ServletConstants.REDIRECT_ACTION, requestUri);
+                               httpSession.setAttribute(ServletConstants.REDIRECT_QUERY_STRING, 
+                                       request.getQueryString());
+                               
+                               //send user to logon-page
+                               servletRequest.getRequestDispatcher("/admin/logon.do")
+                                       .forward(servletRequest, servletResponse);
+                       } else {
+                               filterChain.doFilter(servletRequest, servletResponse);          
                         }
+               } else {
+                       filterChain.doFilter(servletRequest, servletResponse);
                 }
-               filterChain.doFilter(servletRequest, servletResponse);
         }
  
         /**
          * @see javax.servlet.Filter#destroy()
          */
         public void destroy() {
+               _filterConfig = null;
         }
  
  }