Changeset 30112
- Timestamp:
- 02/12/08 23:12:11 (9 months ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
org.nuxeo.ecm.platform/trunk/nuxeo-platform-ui-web/src/main/java/org/nuxeo/ecm/platform/ui/web/auth/NuxeoAuthenticationFilter.java
r30021 r30112 91 91 protected List<String> unAuthenticatedURLPrefix; 92 92 93 protected List<String> validStartURLs; 94 93 protected static List<String> validStartURLs; 95 94 96 95 public void destroy() { … … 98 97 } 99 98 100 protected static DocumentMessageProducer getMessageProducer() throws Exception { 99 protected static DocumentMessageProducer getMessageProducer() 100 throws Exception { 101 101 return Framework.getService(DocumentMessageProducer.class); 102 102 } 103 103 104 protected static Boolean sendAuthenticationEvent( UserIdentificationInfo userInfo,105 String eventId, String comment) {104 protected static Boolean sendAuthenticationEvent( 105 UserIdentificationInfo userInfo, String eventId, String comment) { 106 106 SystemSession ss = new SystemSession(); 107 107 // login … … 234 234 } 235 235 236 private Boolean switchUser(ServletRequest request, ServletResponse response,237 FilterChain chain) throws IOException, ServletException238 {236 private Boolean switchUser(ServletRequest request, 237 ServletResponse response, FilterChain chain) throws IOException, 238 ServletException { 239 239 HttpServletRequest httpRequest = (HttpServletRequest) request; 240 240 … … 249 249 cachableUserIdent.getLoginContext().logout(); 250 250 } catch (LoginException e1) { 251 log.error("Error while logout from main identity :" + e1.getMessage()); 251 log.error("Error while logout from main identity :" 252 + e1.getMessage()); 252 253 } 253 254 … … 258 259 if (session != null) { 259 260 Manager.instance().endConversation(true); 260 Manager.instance().endRequest( ContextAdaptor.getSession(session));261 Manager.instance().endRequest(ContextAdaptor.getSession(session)); 261 262 Lifecycle.endRequest(session); 262 263 Lifecycle.setServletRequest(null); … … 264 265 265 266 session = httpRequest.getSession(false); 266 if (session!=null) 267 { 267 if (session != null) { 268 268 session.invalidate(); 269 269 } … … 272 272 session = httpRequest.getSession(true); 273 273 274 CachableUserIdentificationInfo newCachableUserIdent = new CachableUserIdentificationInfo(deputy_login,deputy_login); 274 CachableUserIdentificationInfo newCachableUserIdent = new CachableUserIdentificationInfo( 275 deputyLogin, deputyLogin); 275 276 276 277 newCachableUserIdent.getUserInfo().setLoginPluginName("Trusting_LM"); 277 newCachableUserIdent.getUserInfo().setAuthPluginName(cachableUserIdent.getUserInfo().getAuthPluginName()); 278 newCachableUserIdent.getUserInfo().setAuthPluginName( 279 cachableUserIdent.getUserInfo().getAuthPluginName()); 278 280 279 281 Principal principal = doAuthenticate(newCachableUserIdent, httpRequest); … … 286 288 287 289 // reinit Seam so the afterResponseComplete does not crash 288 Lifecycle.beginRequest(session.getServletContext(), session, httpRequest); 290 Lifecycle.beginRequest(session.getServletContext(), session, 291 httpRequest); 289 292 290 293 // flag redirect to not be catched by URLPolicy 291 request.setAttribute(URLPolicyService.DISABLE_REDIRECT_REQUEST_KEY,true); 294 request.setAttribute(URLPolicyService.DISABLE_REDIRECT_REQUEST_KEY, 295 true); 292 296 String baseURL = BaseURL.getBaseURL(request); 293 ((HttpServletResponse) response).sendRedirect(baseURL + DEFAULT_START_PAGE); 297 ((HttpServletResponse) response).sendRedirect(baseURL 298 + DEFAULT_START_PAGE); 294 299 295 300 return true; … … 440 445 HttpSession session = httpRequest.getSession(false); 441 446 if (session != null) { 442 CachableUserIdentificationInfo cachableUserInfo 443 = (CachableUserIdentificationInfo) session.getAttribute(NXAuthContants.USERIDENT_KEY); 447 CachableUserIdentificationInfo cachableUserInfo = (CachableUserIdentificationInfo) session.getAttribute(NXAuthContants.USERIDENT_KEY); 444 448 if (cachableUserInfo != null) { 445 449 return cachableUserInfo; … … 473 477 } 474 478 475 protected void saveRequestedURLBeforeRedirect( 479 /** 480 * Save requested URL before redirecting to login form. 481 * 482 * Returns true if target url is a valid startup page. 483 */ 484 public static boolean saveRequestedURLBeforeRedirect( 476 485 HttpServletRequest httpRequest, HttpServletResponse httpResponse) { 477 486 … … 484 493 485 494 if (session == null) { 486 return ;495 return false; 487 496 } 488 497 … … 501 510 // avoid redirect if not usefull 502 511 if (requestPage.equals(DEFAULT_START_PAGE)) { 503 return ;512 return true; 504 513 } 505 514 506 515 if (isStartPageValid(requestPage)) { 507 516 session.setAttribute(START_PAGE_SAVE_KEY, requestPage); 508 } 517 return true; 518 } 519 520 return false; 509 521 } 510 522 … … 525 537 } 526 538 527 protected Boolean isStartPageValid(String startPage) {539 protected static Boolean isStartPageValid(String startPage) { 528 540 for (String prefix : validStartURLs) { 529 541 if (startPage.startsWith(prefix)) {
