path = request.getContextPath() + "/";
response.sendRedirect(response.encodeRedirectURL(path));
return;
}
WebApp webApp = _webApp;
String uri = request.getRequestURI();
if (path.endsWith("/j_security_check")) {
// server/12d8, server/12bs
if (response instanceof CauchoResponse) {
((CauchoResponse) response).setNoCache(true);
}
else {
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
}
RequestDispatcher disp = webApp.getRequestDispatcher(_errorPage);
disp.forward(request, response);
return;
}
else if (uri.equals(_loginPage) || uri.equals(_errorPage)) {
request.getRequestDispatcher(path).forward(request, response);
return;
}
HttpSession session = request.getSession();
session.setAttribute(LOGIN_SAVED_PATH, path);
session.setAttribute(LOGIN_SAVED_QUERY, request.getQueryString());
if (response instanceof CauchoResponse) {
((CauchoResponse) response).killCache();
((CauchoResponse) response).setNoCache(true);
}
else {
response.setHeader("Cache-Control", "no-cache");
}
// In case where the authenticator is something like https:/
if (! _loginPage.startsWith("/")) {
response.sendRedirect(response.encodeRedirectURL(_loginPage));
return;
}
// Forwards to the loginPage, never redirects according to the spec.
request.setAttribute(LOGIN_CHECK, "login");
//RequestDispatcher disp = app.getLoginDispatcher(loginPage);
RequestDispatcher disp = webApp.getRequestDispatcher(_loginPage);
disp.forward(request, response);
if (log.isLoggable(Level.FINE))
log.fine(this + " request '" + uri + "' has no authenticated user");
}