Package com.jalios.jcms.servlet

Class InitFilter

    • Field Detail

      • logger

        protected static final org.apache.log4j.Logger logger

      • channel

        protected static Channel channel

      • context

        protected javax.servlet.ServletContext context

      • authorizedServlets

        protected java.lang.String[] authorizedServlets

    • Constructor Detail

      • InitFilter

        public InitFilter()

    • Method Detail

      • init

        public void init​(javax.servlet.FilterConfig config)
        Specified by:
        init in interface javax.servlet.Filter

      • destroy

        public void destroy()
        Specified by:
        destroy in interface javax.servlet.Filter

      • isRest

        public static final boolean isRest​(javax.servlet.http.HttpServletRequest request)

      • doFilter

        public void doFilter​(javax.servlet.ServletRequest req,
                     javax.servlet.ServletResponse res,
                     javax.servlet.FilterChain chain)
              throws java.io.IOException,
                     javax.servlet.ServletException
        Specified by:
        doFilter in interface javax.servlet.Filter
        Throws:
        java.io.IOException
        javax.servlet.ServletException

      • endRequest

        protected void endRequest​(javax.servlet.http.HttpServletRequest request,
                          javax.servlet.http.HttpServletResponse response)

      • invalidateSessionOnRequestEnd

        public static void invalidateSessionOnRequestEnd​(javax.servlet.http.HttpServletRequest request)
        Invalidate the current session, but only at the end of the request to ensure the J2EE server does not recreates a new one which is left unused if no request occurs afterward.
        Parameters:
        request - the current HttpServletRequest

      • sessionInvalidationRequested

        public static boolean sessionInvalidationRequested​(javax.servlet.http.HttpServletRequest request)
        Check if an invalidation of the current session has been requested
        Parameters:
        request - the current HttpServletRequest
        Returns:
        true if the invalidateSessionOnRequestEnd(HttpServletRequest) was invoked, false otherwise

      • invalidateSessionIfRequested

        protected void invalidateSessionIfRequested​(javax.servlet.http.HttpServletRequest request,
                                            javax.servlet.http.HttpServletResponse response)

      • checkChannelAvailability

        protected boolean checkChannelAvailability​(javax.servlet.http.HttpServletRequest request,
                                           javax.servlet.http.HttpServletResponse response,
                                           javax.servlet.FilterChain chain)
                                    throws javax.servlet.ServletException,
                                           java.io.IOException
        Check if the channel is available and redirect to the proper JSP on error.
        Parameters:
        request - the current HttpServletRequest
        response - the current HttpServletResponse
        chain - the current FilterChain
        Returns:
        true if a redirect occurred or if the chaining process is being manage by this function, and nothing should be done above.
        Throws:
        java.io.IOException - IOException which can be thrown during treatment
        javax.servlet.ServletException - ServletException which can be thrown during treatment

      • storeThreadRequest

        protected void storeThreadRequest​(javax.servlet.http.HttpServletRequest request)
        Store the current HttpServletRequest in a ThreadLocal later accessible through Channel.getCurrentServletRequest()
        Parameters:
        request - the current HttpServletRequest

      • storeThreadResponse

        protected void storeThreadResponse​(javax.servlet.http.HttpServletResponse response)
        Store the current HttpServletResponse in a ThreadLocal later accessible through Channel.getCurrentServletResponse()
        Parameters:
        response - the current HttpServletResponse

      • storeBrowserInformation

        protected void storeBrowserInformation​(javax.servlet.http.HttpServletRequest request)
        Store browser in current HttpSession to be later accessible by JcmsContext and JcmsSessionTracker.
        Parameters:
        request - the current HttpServletRequest

      • isValidJSyncFileAccess

        protected boolean isValidJSyncFileAccess​(javax.servlet.http.HttpServletRequest request,
                                         javax.servlet.http.HttpServletResponse response)
        Check if the request is a JSync file access.
        Parameters:
        request - the current HttpServletRequest
        response - the current HttpServletResponse
        Returns:
        true if the current request contained valid JSync information to allow access.

      • authenticate

        protected boolean authenticate​(javax.servlet.http.HttpServletRequest request,
                               javax.servlet.http.HttpServletResponse response)
                        throws java.io.IOException
        Call the authentication manager to authenticate member.
        Parameters:
        request - the current HttpServletRequest
        response - the current HttpServletResponse
        Returns:
        true if a redirect occurred, false otherwise.
        Throws:
        java.io.IOException - IOException which can be thrown during treatment

      • initMemberRequest

        public static void initMemberRequest​(javax.servlet.http.HttpServletRequest request,
                                     Member loggedMember,
                                     java.lang.String userLang)
        Deprecated.
        use initMemberRequest(HttpServletRequest, Member, Locale)
        Initializes tracking of the given member using JcmsSessionTracker and add request attributes ("loggedMember", "userLang", "userLocale", "userZoneId") used in jsp and in JcmsContext.
        This method is called by do InitFilter and should only be called in other servlet if the authentication mecanism could not be integrated in AuthenticationManager, webdav is one of those.
        Parameters:
        request - the current HttpServletRequest
        loggedMember - the Member currently logged
        userLang - the user language

      • initMemberRequest

        public static void initMemberRequest​(javax.servlet.http.HttpServletRequest request,
                                     Member loggedMember,
                                     java.util.Locale userLocale)
        Deprecated.
        use initMemberRequest(HttpServletRequest, Member, Locale, ZoneId)
        Initializes tracking of the given member using JcmsSessionTracker and add request attributes ("loggedMember", "userLang", "userCountry", "userLocale") used in jsp and in JcmsContext.
        This method is called by do InitFilter and should only be called in other servlet if the authentication mecanism could not be integrated in AuthenticationManager, webdav is one of those.
        Parameters:
        request - the current HttpServletRequest
        loggedMember - the Member currently logged
        userLocale - the Locale of the user for this request

      • initMemberRequest

        public static void initMemberRequest​(javax.servlet.http.HttpServletRequest request,
                                     Member loggedMember,
                                     java.util.Locale userLocale,
                                     java.time.ZoneId userZoneId)
        Initializes tracking of the given member using JcmsSessionTracker and add request attributes ("loggedMember", "userLang", "userCountry", "userLocale") used in jsp and in JcmsContext.
        This method is called by do InitFilter and should only be called in other servlet if the authentication mecanism could not be integrated in AuthenticationManager, webdav is one of those.
        Parameters:
        request - the current HttpServletRequest
        loggedMember - the Member currently logged
        userLocale - the Locale of the user for this request
        userZoneId - the ZoneId of the user for this request
        Since:
        jcms-10.0.1 / JCMS-4865

      • updateUserLanguage

        public static void updateUserLanguage​(javax.servlet.http.HttpServletRequest request,
                                      java.lang.String language)
        Change the language of the specified request using the new specified language
        Parameters:
        request - the current request to change
        language - the new language to apply to the request (null to left untouched)

      • getUserLang

        public static java.lang.String getUserLang​(javax.servlet.http.HttpServletRequest request,
                                           Member loggedMember)
        Deprecated.
        use getUserLocale(HttpServletRequest, Member) instead
        Retrieve the user lang to use for the current request given the currently loggedMember.
        It should only be called by InitFilter and other servlet wishing to add other authentication mecanism not possible through AuthenticationManager such as webdav.
        Parameters:
        request - the current HttpServletRequest
        loggedMember - the Member currently logged
        Returns:
        an ISO-639 language code

      • getUserLocale

        public static java.util.Locale getUserLocale​(javax.servlet.http.HttpServletRequest request,
                                             Member loggedMember)
        Retrieve the Locale to use for the current request given the currently loggedMember.
        It should only be called by InitFilter and other servlet wishing to add other authentication mecanism not possible through AuthenticationManager such as webdav.
        Parameters:
        request - the current HttpServletRequest
        loggedMember - the Member currently logged
        Returns:
        a Locale, never return null
        Since:
        jcms-7.1.0

      • checkLang

        protected static java.lang.String checkLang​(javax.servlet.http.HttpServletRequest request,
                                            java.lang.String lang)
        Check if the given language is a valid choice for the current request. If not, return the default channel language.
        Parameters:
        request - the current HttpServletRequest
        lang - the lang to check
        Returns:
        the computed language

      • getUserZoneId

        public static java.time.ZoneId getUserZoneId​(javax.servlet.http.HttpServletRequest request,
                                             Member loggedMember)
        Retrieve the ZoneId to use for the current request given the currently loggedMember.
        It should only be called by InitFilter and other servlet wishing to add other authentication mecanism not possible through AuthenticationManager such as webdav.
        Parameters:
        request - the current HttpServletRequest
        loggedMember - the Member currently logged
        Returns:
        a ZoneId, never return null
        Since:
        jcms-10.0.1 / JCMS-4865

      • checkSiteAccess

        protected boolean checkSiteAccess​(javax.servlet.http.HttpServletRequest request,
                                  javax.servlet.http.HttpServletResponse response)
                           throws java.io.IOException
        Check basic parameter required by JCMS to allow acces to the site: - Private Site and member not logged - URID Missing - Default Workspace missing - Default Portal missing
        Parameters:
        request - the current HttpServletRequest
        response - the current HttpServletResponse
        Returns:
        true if a redirect occurred, false otherwise.
        Throws:
        java.io.IOException - IOException which can be thrown during treatment

      • isPublicPath

        protected boolean isPublicPath​(java.lang.String path)
        Check if the specified path is allowed to be accessed without authentication when the site is private.
        Parameters:
        path - the resource path
        Returns:
        true if the specified path can always be accessed, false if an authentication is required.

      • blockSiteAccess

        protected boolean blockSiteAccess​(java.lang.String uri,
                                  java.lang.String warningMsg,
                                  java.lang.String[] authJSP,
                                  Member loggedMember,
                                  javax.servlet.http.HttpServletRequest request,
                                  javax.servlet.http.HttpServletResponse response)
                           throws java.io.IOException
        Throws:
        java.io.IOException