Package com.github.zhangkaitao.shiro.chapter23.client

Source Code of com.github.zhangkaitao.shiro.chapter23.client.ClientAuthenticationFilter

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package com.github.zhangkaitao.shiro.chapter23.client;

import com.github.zhangkaitao.shiro.chapter23.core.ClientSavedRequest;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.AuthenticationFilter;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/**
* <p>User: Zhang Kaitao
* <p>Date: 14-3-14
* <p>Version: 1.0
*/
public class ClientAuthenticationFilter extends AuthenticationFilter {

    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
        Subject subject = getSubject(request, response);
        return subject.isAuthenticated();
    }

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        String backUrl = request.getParameter("backUrl");
        saveRequest(request, backUrl, getDefaultBackUrl(WebUtils.toHttp(request)));
        redirectToLogin(request, response);
        return false;
    }
    protected void saveRequest(ServletRequest request, String backUrl, String fallbackUrl) {
        Subject subject = SecurityUtils.getSubject();
        Session session = subject.getSession();
        HttpServletRequest httpRequest = WebUtils.toHttp(request);
        session.setAttribute("authc.fallbackUrl", fallbackUrl);
        SavedRequest savedRequest = new ClientSavedRequest(httpRequest, backUrl);
        session.setAttribute(WebUtils.SAVED_REQUEST_KEY, savedRequest);
    }
    private String getDefaultBackUrl(HttpServletRequest request) {
        String scheme = request.getScheme();
        String domain = request.getServerName();
        int port = request.getServerPort();
        String contextPath = request.getContextPath();
        StringBuilder backUrl = new StringBuilder(scheme);
        backUrl.append("://");
        backUrl.append(domain);
        if("http".equalsIgnoreCase(scheme) && port != 80) {
            backUrl.append(":").append(String.valueOf(port));
        } else if("https".equalsIgnoreCase(scheme) && port != 443) {
            backUrl.append(":").append(String.valueOf(port));
        }
        backUrl.append(contextPath);
        backUrl.append(getSuccessUrl());
        return backUrl.toString();
    }

}
TOP

Related Classes of com.github.zhangkaitao.shiro.chapter23.client.ClientAuthenticationFilter

  • com.github.zhangkaitao.shiro.chapter23.client.ClientAuthenticationFilter
  • com.github.zhangkaitao.shiro.chapter23.client.ClientRealm
  • com.github.zhangkaitao.shiro.chapter23.core.ClientSavedRequest
  • com.github.zhangkaitao.shiro.chapter23.dao.OrganizationDaoImpl
  • com.github.zhangkaitao.shiro.chapter23.dao.ResourceDaoImpl
  • com.github.zhangkaitao.shiro.chapter23.entity.App
  • com.github.zhangkaitao.shiro.chapter23.entity.Authorization
  • com.github.zhangkaitao.shiro.chapter23.entity.Organization
  • com.github.zhangkaitao.shiro.chapter23.entity.Resource
  • com.github.zhangkaitao.shiro.chapter23.entity.Role
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.