SecurityFilter.java example

Explorer

OpenDashboard-master
- odbserver-master
  - src
    - main
      - java
        com
        odb
        collector
        CollectorService.java
        CollectorServiceImpl.java
        InquiryService.java
        InquiryServiceImpl.java
        RegisterService.java
        RegisterServiceImpl.java
        UserDataWrapper.java
        core
        SubscriberDataSource.java
        dao
        ODBDAO.java
        ODBDAOJDBCImpl.java
        dto
        DataSourceAxisDetailInfo.java
        DataSourceAxisInfo.java
        DataSourceInfo.java
        DataSourceSeries.java
        GraphInfo.java
        PublisherInfo.java
        SubscriberDataSource.java
        SubscriberInfo.java
        SubscriberViewConfiguration.java
        rowmappers
        DataSourceAxisDetailInfoRowMapper.java
        DataSourceAxisInfoRowMapper.java
        DataSourceInfoResultSetExtractor.java
        DataSourceInfoRowMapper.java
        DataSourceSeriesResultSetExtractor.java
        DataSourceSeriesRowMapper.java
        PublisherInfoResultSetExtractor.java
        PublisherInfoRowMapper.java
        SubscriberDataSourceRowMapper.java
        SubscriberInfoResultSetExtractor.java
        service
        AxisInfo.java
        DataSourceConfiguration.java
        OpenDashBoard.java
        exceptions
        InvalidAuthenticationException.java
        view
        core
        ActionProcessor.java
        DashboardController.java
        SecurityFilter.java
        dashboard
        client
        ChartFactory.java
        ClientCommons.java
        ClientUI.java
        Dashboard.java
        DashboardService.java
        DashboardServiceAsync.java
        DashboardServiceAsyncImpl.java
        DataVO.java
        DebugWindow.java
        TimeSeriesDataVO.java
        charts
        ChartType.java
        ChartUI.java
        DynamicBarChart.java
        DynamicLineChart.java
        MapTimeProvider.java
        MapValueProvider.java
        ODBChart.java
        dto
        DataSourceAxisDetailInfo.java
        DataSourceAxisInfo.java
        DataSourceInfo.java
        GraphInfo.java
        LiveChartVO.java
        PublisherInfo.java
        SubscriberInfo.java
        SubscriberSubscription.java
        SubscriberViewConfiguration.java
        ViewConfig.java
        ViewSettings.java
        exceptions
        ChartSettingsNotValidException.java
        FetchDataSourceException.java
        GraphNotAvailableException.java
        ViewSettingNotConsistentException.java
        server
        DashboardServiceImpl.java
        util
        Utilities.java
    - test
      - java
        com
        odb
        core
        service
        OpenDashBoardTest.java

/*******************************************************************************
 * Copyright (c) 2012, Nabeel Shaheen	
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without modification, are permitted
 ******************************************************************************/
package com.odb.view.core;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/**
 * The Class SecurityFilter.
 *
 * this class acts as a simple security guard for the Dashboard view module. it passes all the 
 * request that has a session attribute with the key subscriberInfo. plus, all the anonymous URLs like login page. 
 *   
 * if the request is not authenticated it will be directed to the login page.
 *  
 */
public class SecurityFilter implements Filter {

	/* (non-Javadoc)
	 * @see javax.servlet.Filter#destroy()
	 */
	public void destroy() {
	}

	/* (non-Javadoc)
	 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
	 */
	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain filterChain) throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest)req;
		String reqURL=((HttpServletRequest)request).getRequestURL().toString();
		if(request.getSession().getAttribute("subscriberInfo")!=null || isAnonymousURL(reqURL) ){
			filterChain.doFilter(req, res);
		}else{
			request.getRequestDispatcher("/login.html").forward(req, res);
		}
	}

	private boolean isAnonymousURL(String reqURL) {
		if(reqURL.endsWith("login.html") || reqURL.endsWith("loginError.html") || reqURL.endsWith("login.action") || reqURL.endsWith("publish.action") || reqURL.endsWith("error.html") ){
			return true;
		}
		return false;
	}

	/* (non-Javadoc)
	 * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
	 */
	public void init(FilterConfig arg0) throws ServletException {
	}

}