Configuration Web-Application

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-07-26 17:07:15 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-07-26 17:07:15 +0200
commit: 99694b29f82f858f5b6163e6a3d6c11caaeb487e (patch)
tree: b46883533cd71c9f47047c38b5c43469a311a731 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
parent: cc2e2e4ecf5bd8c4bbe16edba5a7d63fa808adcb (diff)
download: moa-id-spss-99694b29f82f858f5b6163e6a3d6c11caaeb487e.tar.gz
moa-id-spss-99694b29f82f858f5b6163e6a3d6c11caaeb487e.tar.bz2
moa-id-spss-99694b29f82f858f5b6163e6a3d6c11caaeb487e.zip
1 files changed, 236 insertions, 0 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
new file mode 100644
index 000000000..517786d11
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -0,0 +1,236 @@
+package at.gv.egovernment.moa.id.configuration.filter;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.StringTokenizer;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
+import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.util.ToStringUtil;
+import at.gv.util.WebAppUtil;
+
+public class AuthenticationFilter implements Filter{
+
+	private final Logger log = Logger.getLogger(AuthenticationFilter.class);
+	
+	private static ConfigurationProvider config;
+	
+	public static final String STORED_REQUEST_URL_ID = String.class.getName() + ":" + "storedRequestURL";
+	public static final String WEB_XML_INIT_PARAM_LOGIN_PAGE = "loginPage";
+	public static final String WEB_XML_INIT_PARAM_ERROR_PAGE = "errorPage";
+	public static final String WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE = "authenticatedPage"; // optional
+	public static final String WEB_XML_INIT_PARAM_SESSION_LOST_PAGE = "sessionLostPage"; // optional
+	public static final String WEB_XML_INIT_PARAM_ALLOWED_LIST = "allowedList";
+	public static final String WEB_XML_INIT_PARAM_ALLOWED_REGEX = "allowed";
+
+	private static final String WEB_XML_INIT_PARAM_EXCLUDED_PAGES_DELIMITER = ",";
+
+	private static String loginPage = null;
+	private boolean loginPageForward = true;
+	private static String errorPage = null;
+	private static String authenticatedPage = null;
+	private static String sessionLostPage = null;
+	   
+	private static String[] excludedPages = null;
+	private static Pattern excludedRegEx = null;
+	
+	
+	
+	public AuthenticationFilter() throws ServletException {
+		try {
+			config = ConfigurationProvider.getInstance();
+			
+		} catch (ConfigurationException e) {
+			throw new ServletException(AuthenticationFilter.class  + ": Configuration can not be loaded!", e);
+		}
+	}
+	
+	public static String getErrorPage() {
+		return errorPage;
+	}
+		   
+	public static String getAuthenticatedPage() {
+		return authenticatedPage;
+	}
+
+   public static String getLoginPage() {
+	   	return loginPage;
+   }
+
+   public static String getSessionLostPage() {
+	   	return sessionLostPage;
+   }
+   
+   private boolean isExcluded(String url) {
+      boolean excluded = false;
+      if (MiscUtil.isNotEmpty(excludedPages)) {
+         for (String candidate : excludedPages) {
+            if (StringUtils.upperCase(url).endsWith(StringUtils.upperCase(candidate))) {
+               excluded = true;
+               break;
+            }
+         }
+      }
+      if (excludedRegEx != null && !excluded) {
+         // log.debug("Trying to match regex \"{}\" with \"{}\".",
+         // excludedRegEx.toString(), url);
+         if (excludedRegEx.matcher(url).matches()) {
+            excluded = true;
+         }
+      }
+      log.debug("URL \"" + url + "\" is " + (excluded ? "" : "NOT ") + "excluded from filter.");
+      return excluded;
+   }
+	
+	
+	public void destroy() {
+		log.trace("Shutting down" + this.getClass().getName() + "...");
+		
+	}
+
+	public void doFilter(ServletRequest req, ServletResponse resp,
+			FilterChain filterchain) throws IOException, ServletException {
+
+		HttpServletRequest httpServletRequest = (HttpServletRequest) req;
+		HttpServletResponse httpServletResponse = (HttpServletResponse) resp;
+		
+		HttpSession session = httpServletRequest.getSession();
+		
+		Object authuser = session.getAttribute(Constants.SESSION_AUTH);
+		
+        String requestURL = WebAppUtil.getRequestURLWithParameters(httpServletRequest, true);
+        
+		log.trace("Request URL: " + requestURL);
+		
+		if (authuser == null && !this.isExcluded(requestURL)) {
+			
+			if (config.isLoginDeaktivated()) {
+				//add dummy Daten
+				log.warn("Authentication is deaktivated. Dummy authentication-information are used!");
+							
+				if (authuser == null) {
+
+					authuser = new AuthenticatedUser(0000000, "Max", "TestUser", true, true);
+					httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
+				}
+				
+	            if (MiscUtil.isNotEmpty(getAuthenticatedPage())) {
+	             	 if (loginPageForward) {
+		                  log.debug("Authenticated page is set. Forwarding to \"" + getAuthenticatedPage() + "\".");
+		                  RequestDispatcher dispatcher = req.getRequestDispatcher(getAuthenticatedPage());
+		                  dispatcher.forward(httpServletRequest, httpServletResponse);
+	             	 } else {
+	             		 log.debug("Authenticated page is set. Redirecting to \"" + getAuthenticatedPage() + "\".");
+	             		 httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(getAuthenticatedPage()));
+	             	 }
+	                 return;
+	              }
+				
+			} else {
+				//check login Daten
+	            if (MiscUtil.isNotEmpty(getAuthenticatedPage())) {
+	                log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\".");
+	                
+	            } 
+	            else {
+	            	log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\".");
+	                   // TODO: save HttpServletRequest
+	                   // log.debug("new CustomHttpServletRequest(request).toString() =
+	                   // {}", new
+	                   // CustomHttpServletRequest(httpServletRequest).toString());
+	                   session.setAttribute(STORED_REQUEST_URL_ID, requestURL);
+	            }
+	            
+	            if (loginPageForward) {
+	            	RequestDispatcher dispatcher = req.getRequestDispatcher(loginPage);
+	                dispatcher.forward(httpServletRequest, httpServletResponse);
+	                   
+	            } else {
+	            	httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(loginPage));
+	                   
+	            }
+
+			}
+		}
+			
+		filterchain.doFilter(req, resp);
+		
+	}
+
+	public void init(FilterConfig filterConfig) throws ServletException {
+	      log.debug("Starting init of " + this.getClass().getName() + ".");
+	      	      
+	      // login page
+	      loginPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_LOGIN_PAGE));
+	      if (MiscUtil.isEmpty(loginPage)) {
+	         throw new ServletException("ServletInitParameter \"" + WEB_XML_INIT_PARAM_LOGIN_PAGE + "\" must not be empty.");
+	      }
+	      loginPageForward = false; //!WebAppUtil.isFullQualifiedURL(loginPage);
+	      
+	      // error page
+	      errorPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_ERROR_PAGE));
+	      if (MiscUtil.isEmpty(errorPage)) {
+	         throw new ServletException("ServletInitParameter \"" + WEB_XML_INIT_PARAM_ERROR_PAGE + "\" must not be empty.");
+	      }
+	      
+	      // session lost page
+	      sessionLostPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_SESSION_LOST_PAGE));
+	      if (MiscUtil.isEmpty(sessionLostPage)) {
+	         log.warn("ServletInitParameter \"" + WEB_XML_INIT_PARAM_SESSION_LOST_PAGE
+	               + "\" is empty. This parameter defines a failsafe url the browser is redirected to if the original url has been lost due to session timeout.");
+	      }
+	      
+	      // authenticated page
+	      authenticatedPage = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE));
+	      if (MiscUtil.isEmpty(authenticatedPage)) {
+	         log.debug("ServletInitParameter \"" + WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE
+	               + "\" is empty. This parameter defines the url the user is redirected to (instead of the original url) on successful authentication.");
+	      }
+	      String excluded = filterConfig.getInitParameter(WEB_XML_INIT_PARAM_ALLOWED_LIST);
+	      ArrayList<String> excludedList = new ArrayList<String>();
+	      if (MiscUtil.isNotEmpty(excluded)) {
+	         StringTokenizer tokenizer = new StringTokenizer(excluded, WEB_XML_INIT_PARAM_EXCLUDED_PAGES_DELIMITER);
+	         while (tokenizer.hasMoreTokens()) {
+	            String ex = StringUtils.trim(tokenizer.nextToken());
+	            if (MiscUtil.isNotEmpty(ex)) {
+	               excludedList.add(ex);
+	            }
+	         }
+	      }
+	      excludedList.add(loginPage);
+	      excludedList.add(errorPage);
+	      excludedPages = new String[excludedList.size()];
+	      excludedPages = excludedList.toArray(excludedPages);
+
+	      String excludedRegExString = StringUtils.trim(filterConfig.getInitParameter(WEB_XML_INIT_PARAM_ALLOWED_REGEX));
+	      if (MiscUtil.isNotEmpty(excludedRegExString)) {
+	         excludedRegEx = Pattern.compile(excludedRegExString);
+	      }
+
+	      log.debug(WEB_XML_INIT_PARAM_LOGIN_PAGE + " [" + (loginPageForward ? "forward" : "redirect") + "] = \"" + loginPage + "\"");
+	      log.debug(WEB_XML_INIT_PARAM_AUTHENTICATED_PAGE + " = \"" + (MiscUtil.isNotEmpty(authenticatedPage) ? authenticatedPage : "<n/a>") + "\"");
+	      log.debug(WEB_XML_INIT_PARAM_ERROR_PAGE + " = \"" + errorPage + "\"");
+	      log.debug(WEB_XML_INIT_PARAM_SESSION_LOST_PAGE + " = \"" + (MiscUtil.isNotEmpty(sessionLostPage) ? sessionLostPage : "<n/a>") + "\"");
+	      log.debug(WEB_XML_INIT_PARAM_ALLOWED_LIST + " = " + ToStringUtil.toString(excludedPages, ", ", "\""));
+	      log.debug(WEB_XML_INIT_PARAM_ALLOWED_REGEX + " = \"" + (excludedRegEx != null ? excludedRegEx.pattern() : "<n/a>") + "\"");
+	}
+
+}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-07-26 17:07:15 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-07-26 17:07:15 +0200
commit	99694b29f82f858f5b6163e6a3d6c11caaeb487e (patch)
tree	b46883533cd71c9f47047c38b5c43469a311a731 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
parent	cc2e2e4ecf5bd8c4bbe16edba5a7d63fa808adcb (diff)
download	moa-id-spss-99694b29f82f858f5b6163e6a3d6c11caaeb487e.tar.gz moa-id-spss-99694b29f82f858f5b6163e6a3d6c11caaeb487e.tar.bz2 moa-id-spss-99694b29f82f858f5b6163e6a3d6c11caaeb487e.zip