2 * AuthenticationFilter.java created on 04.09.2003
4 * Copyright (C) 2001, 2002, 2003 The Mir-coders group
6 * This file is part of Mir.
8 * Mir is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * Mir is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with Mir; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 * In addition, as a special exception, The Mir-coders gives permission to link
23 * the code of this program with any library licensed under the Apache Software License,
24 * The Sun (tm) Java Advanced Imaging library (JAI), The Sun JIMI library
25 * (or with modified versions of the above that use the same license as the above),
26 * and distribute linked combinations including the two. You must obey the
27 * GNU General Public License in all respects for all of the code used other than
28 * the above mentioned libraries. If you modify this file, you may extend this
29 * exception to your version of the file, but you are not obligated to do so.
30 * If you do not wish to do so, delete this exception statement from your version.
32 package mir.core.ui.filter;
34 import java.io.IOException;
36 import javax.servlet.Filter;
37 import javax.servlet.FilterChain;
38 import javax.servlet.FilterConfig;
39 import javax.servlet.ServletException;
40 import javax.servlet.ServletRequest;
41 import javax.servlet.ServletResponse;
42 import javax.servlet.http.HttpServletRequest;
43 import javax.servlet.http.HttpSession;
45 import mir.core.model.MirUser;
46 import mir.core.ui.servlet.*;
49 * AuthenticationFilter
51 * @version $Id: AuthenticationFilter.java,v 1.3 2003/09/18 21:42:17 idfx Exp $
53 public class AuthenticationFilter implements Filter {
54 private FilterConfig _filterConfig;
59 public AuthenticationFilter() {
64 * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
66 public void init(final FilterConfig filterConfig)
67 throws ServletException {
68 _filterConfig = filterConfig;
72 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
74 public void doFilter(ServletRequest servletRequest,
75 ServletResponse servletResponse, FilterChain filterChain)
76 throws IOException, ServletException {
78 HttpServletRequest request = (HttpServletRequest)servletRequest;
79 String requestUri = request.getRequestURI();
81 && requestUri.startsWith(request.getContextPath() + "/admin")
82 && requestUri.indexOf("logon") == -1){
83 //check if authenticated, only if in admin-module
84 HttpSession httpSession = request.getSession();
86 (MirUser)httpSession.getAttribute(ServletConstants.USER);
89 //user is not authorized to access
90 //set redirect attributes that the user comes to place he wants to be
91 httpSession.setAttribute(ServletConstants.REDIRECT_ACTION, requestUri);
92 httpSession.setAttribute(ServletConstants.REDIRECT_QUERY_STRING,
93 request.getQueryString());
95 //send user to logon-page
96 servletRequest.getRequestDispatcher("/admin/logon.do")
97 .forward(servletRequest, servletResponse);
99 filterChain.doFilter(servletRequest, servletResponse);
102 filterChain.doFilter(servletRequest, servletResponse);
107 * @see javax.servlet.Filter#destroy()
109 public void destroy() {
110 _filterConfig = null;