Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fixed a bug with the security extension configuration which broke sec…
…urity of some urls
- Loading branch information
Jesse Eichar
committed
Oct 29, 2012
1 parent
d1f91ae
commit 7a5e789
Showing
4 changed files
with
47 additions
and
2 deletions.
There are no files selected for viewing
44 changes: 44 additions & 0 deletions
44
jeeves/src/main/java/jeeves/config/springutil/GeonetworkFilterSecurityInterceptor.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package jeeves.config.springutil; | ||
|
||
import java.io.IOException; | ||
|
||
import javax.servlet.ServletException; | ||
|
||
import org.springframework.security.access.intercept.InterceptorStatusToken; | ||
import org.springframework.security.web.FilterInvocation; | ||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; | ||
|
||
/** | ||
* This class is used in spring configuration to allow custom applications to add security mappings | ||
* to the spring configuration without having to edit the main mappings file. The primary reason for | ||
* this need is to keep the application specific concerns separated. This allows an application to | ||
* easier merge changes from the core system. | ||
* | ||
* This class is needed because the {@link FilterSecurityInterceptor} puts an attribute on the | ||
* request so only 1 {@link FilterSecurityInterceptor} will be consulted per request. This class | ||
* is essentially the same but sets a different attribute. | ||
* | ||
* @author jeichar | ||
* | ||
*/ | ||
public class GeonetworkFilterSecurityInterceptor extends FilterSecurityInterceptor { | ||
private static final String GN_FILTER_APPLIED = "__geonetwork_spring_security_filterSecurityInterceptor_filterApplied"; | ||
public void invoke(FilterInvocation fi) throws IOException, ServletException { | ||
if ((fi.getRequest() != null) && (fi.getRequest().getAttribute(GN_FILTER_APPLIED) != null)) { | ||
// filter already applied to this request and user wants us to observe | ||
// once-per-request handling, so don't re-do security checking | ||
fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); | ||
} else { | ||
// first time this request being called, so perform security checking | ||
if (fi.getRequest() != null) { | ||
fi.getRequest().setAttribute(GN_FILTER_APPLIED, Boolean.TRUE); | ||
} | ||
|
||
InterceptorStatusToken token = super.beforeInvocation(fi); | ||
|
||
fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); | ||
|
||
super.afterInvocation(token, null); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters