just before adding authorization service.

[photos] / src / main / java / org / wamblee / photos / security / AuthenticationFilter.java

diff --git a/src/main/java/org/wamblee/photos/security/AuthenticationFilter.java b/src/main/java/org/wamblee/photos/security/AuthenticationFilter.java
new file mode 100644 (file)
index 0000000..04442f2
--- /dev/null
+++ b/src/main/java/org/wamblee/photos/security/AuthenticationFilter.java
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2005-2011 the original author or authors.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wamblee.photos.security;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+public class AuthenticationFilter implements Filter {
+    private static final String LOGINPAGE = "loginpage";
+    private static final String REQUIRED_ROLE = "role";
+    private static final String RESOURCES = "resources";
+
+    private String loginPage;
+    private String role;
+    private String resources;
+
+    public AuthenticationFilter() {
+        // Empty.
+    }
+
+    @Override
+    public void init(FilterConfig aFilterConfig) throws ServletException {
+        loginPage = aFilterConfig.getInitParameter(LOGINPAGE);
+        if (loginPage == null) {
+            throw new ServletException("No login page defined! Must specify '" +
+                LOGINPAGE + "' filter init parameter.");
+        }
+        role = aFilterConfig.getInitParameter(REQUIRED_ROLE);
+        if (role == null) {
+            throw new ServletException("No role name defined! Must specify '" +
+                REQUIRED_ROLE + "' filter init parameter.");
+        }
+        resources = aFilterConfig.getInitParameter(RESOURCES);
+    }
+
+    @Override
+    public void doFilter(ServletRequest aRequest, ServletResponse aResponse,
+        FilterChain aChain) throws IOException, ServletException {
+
+        HttpServletRequest request = (HttpServletRequest) aRequest;
+        String fullPath = request.getRequestURI();
+        String contextPath = request.getContextPath();
+        String relpath = null;
+        if (fullPath.startsWith(contextPath)) {
+            relpath = fullPath.substring(contextPath.length());
+        }
+
+        if (request.isUserInRole(role) ||
+            (resources != null && relpath != null && relpath
+                .startsWith(resources))) {
+            aChain.doFilter(aRequest, aResponse);
+        } else {
+            request.getSession().invalidate();
+            request.getRequestDispatcher(loginPage)
+                .forward(aRequest, aResponse);
+        }
+    }
+
+    @Override
+    public void destroy() {
+        // Empty.
+    }
+
+}