UrlBasedAutomaticLoginStrategy.java

/*
 * JOSSO: Java Open Single Sign-On
 *
 * Copyright 2004-2009, Atricore, Inc.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 *
 */

package org.josso.agent.http;

import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/**
 * This strategy returns false if the accessed URL matches any of the configured URL patterns.
 * The patterns are regular expressions.
 *
 * @org.apache.xbean.XBean element="urlbased-automaticlogin-strategy"
 * 
 * @author <a href="mailto:sgonzaelz@atricore.org">Sebastian Gonzalez Oyuela</a>
 * @version $Id$
 */
public class UrlBasedAutomaticLoginStrategy extends AbstractAutomaticLoginStrategy {

	private static final Log log = LogFactory.getLog(UrlBasedAutomaticLoginStrategy.class);

	private List<String> urlPatterns;
	
    public UrlBasedAutomaticLoginStrategy() {
        super();
    }

    public UrlBasedAutomaticLoginStrategy(String mode) {
        super(mode);
    }
    
    /**
     * Components must evaluate if automatic login is required for the received request.
     *
     * @return
     */
    @Override
    public boolean isAutomaticLoginRequired(HttpServletRequest hreq, HttpServletResponse hres) {
    	boolean autoLoginRequired = true;
    	if (urlPatterns != null && urlPatterns.size() > 0) {
    		String requestURL = getRequestURL(hreq);
    		for (String urlPattern : urlPatterns) {
    			Pattern p = Pattern.compile(urlPattern);
    			Matcher m = p.matcher(requestURL);
    			if (m.matches()) {
    				if (log.isDebugEnabled())
                        log.debug("Autologin is not required! Ignored url pattern: " + urlPattern);
    				autoLoginRequired = false;
    				break;
    			}
    		}
    	}
    	return autoLoginRequired;
    }

    /**
     * Gets request url from the given request.
     * 
     * @param hreq http request
     * @return request url
     */
    private String getRequestURL(HttpServletRequest hreq) {
    	StringBuffer sb = new StringBuffer(hreq.getRequestURI());
        if (hreq.getQueryString() != null) {
            String q = hreq.getQueryString();
            if (!q.startsWith("?"))
                sb.append('?');
            sb.append(q);
        }
        return sb.toString();
    }
    
	/**
	 * @return the urlPatterns
	 */
	public List<String> getUrlPatterns() {
		return urlPatterns;
	}

	/**
	 * @param urlPatterns the urlPatterns to set
	 */
	public void setIgnoredUrlPatterns(List<String> urlPatterns) {
		this.urlPatterns = urlPatterns;
	}
}