public void doFilter(
ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpSession session = request.getSession();
Authorization auth = AuthorizationManager.getAuthorization(session);
if (log.isDebugEnabled()) {
log.debug("session auth=" + auth);
}
// 如果从session中无法取得,则从cookie中取
if (auth == null) {
Cookie cookie = Util.getCookie(request, Constants.AUTH_USER_COOKIE);
Cookie autoLogin = Util.getCookie(request, Constants.AUTOLOGIN_COOKIE);
if (log.isDebugEnabled()) {
log.debug("cookie=" + cookie);
log.debug("autoLogin="******"utf8"));
LoginModel model = new LoginModel();
model.setAutoLogin(Boolean.parseBoolean(autoLogin.getValue()));
model.setUsername(username_password[0]);
model.setPassword(username_password[1]);
model.setIp(request.getRemoteAddr());
try {
AuthorizationManager.saveAuthorization(session, userService.loginWithoutValidCode(model));
} catch (BBSException e) {
guestLogin(session);
log.warn(e);
}
} else {
guestLogin(session);
}
}
chain.doFilter(servletRequest, servletResponse);
}
private void guestLogin(HttpSession session) {
AuthorizationManager.saveAuthorization(session, new Guest());
}