From 4e6a4742bda68eaba22f72aae5f6e36f6d23a746 Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Fri, 4 Feb 2005 07:36:46 +0000 Subject: [PATCH] Tapestry integration improvements, as per http://forum.springframework.org/viewtopic.php?p=13327 --- .../ui/AbstractProcessingFilter.java | 47 +++++++++++++++++-- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java index e89a7a1c40..ac7c69c404 100644 --- a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java +++ b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java @@ -1,4 +1,4 @@ -/* Copyright 2004 Acegi Technology Pty Limited +/* Copyright 2004, 2005 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -158,6 +158,14 @@ public abstract class AbstractProcessingFilter implements Filter, */ private boolean alwaysUseDefaultTargetUrl = false; + /** + * Indicates if the filter chain should be continued prior to delegation to + * {@link #successfulAuthentication(HttpServletRequest, + * HttpServletResponse, Authentication)}, which may be useful in certain + * environment (eg Tapestry). Defaults to false. + */ + private boolean continueChainBeforeSuccessfulAuthentication = false; + //~ Methods ================================================================ public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl) { @@ -168,6 +176,15 @@ public abstract class AbstractProcessingFilter implements Filter, return alwaysUseDefaultTargetUrl; } + public void setContinueChainBeforeSuccessfulAuthentication( + boolean continueChainBeforeSuccessfulAuthentication) { + this.continueChainBeforeSuccessfulAuthentication = continueChainBeforeSuccessfulAuthentication; + } + + public boolean isContinueChainBeforeSuccessfulAuthentication() { + return continueChainBeforeSuccessfulAuthentication; + } + /** * Specifies the default filterProcessesUrl for the * implementation. @@ -305,8 +322,7 @@ public abstract class AbstractProcessingFilter implements Filter, HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; - if (httpRequest.getRequestURL().toString().endsWith(httpRequest - .getContextPath() + filterProcessesUrl)) { + if (requiresAuthentication(httpRequest, httpResponse)) { if (logger.isDebugEnabled()) { logger.debug("Request is to process authentication"); } @@ -325,6 +341,10 @@ public abstract class AbstractProcessingFilter implements Filter, } // Authentication success + if (continueChainBeforeSuccessfulAuthentication) { + chain.doFilter(request, response); + } + successfulAuthentication(httpRequest, httpResponse, authResult); return; @@ -342,6 +362,27 @@ public abstract class AbstractProcessingFilter implements Filter, protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response) throws IOException {} + /** + * Indicates whether this filter should attempt to process a login request + * for the current invocation. + * + *

+ * Subclasses may override for special requirements, such as Tapestry + * integration. + *

+ * + * @param request as received from the filter chain + * @param response as received from the filter chain + * + * @return true if the filter should attempt authentication, + * false otherwise + */ + protected boolean requiresAuthentication(HttpServletRequest request, + HttpServletResponse response) { + return request.getRequestURL().toString().endsWith(request + .getContextPath() + filterProcessesUrl); + } + protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException {