public void doFilter(
final ServletRequest request, final ServletResponse response, FilterChain chain)
throws IOException, ServletException {
GenericResponseWrapper wrapper = new GenericResponseWrapper((HttpServletResponse) response);
chain.doFilter(request, wrapper);
}
// required doFilter method
// redirects users trying to access restricted part of site when not logged in
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws java.io.IOException, javax.servlet.ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession();
String loggedIn = (String) session.getAttribute("loggedIn");
if (loggedIn == null) res.sendRedirect("../pleaselogin.html");
else if (loggedIn == "yes") chain.doFilter(request, response);
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// session属于http范畴,所以要将ServletRequest转换成httpServletRequest
try {
HttpServletRequest req = (HttpServletRequest) request;
HttpSession session = req.getSession();
if (session.getAttribute("username") != null) {
chain.doFilter(request, response);
} else {
request.getRequestDispatcher("error.jsp").forward(request, response);
}
} catch (RuntimeException e) {
e.printStackTrace();
}
}
public void doFilter(ServletRequest request0, ServletResponse response0, FilterChain filterChain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) request0;
HttpServletResponse response = (HttpServletResponse) response0;
if (request.getRequestURI().endsWith(requesturl)) {
boolean isAjax = "XMLHttpRequest".equals(request.getHeader("X-Requested-With"));
request.getSession().invalidate();
if (isAjax) {
Response<String> kv = new Response<String>();
kv.setReturncode("00000000");
kv.setReturnmsg("登出成功");
outputJson(response, kv);
} else {
response.sendRedirect(request.getContextPath() + successurl);
}
return;
}
filterChain.doFilter(request, response);
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// 权限判断
StringBuffer sb = new StringBuffer();
String actionType = null;
String queryString = null;
String userid = null;
String isCanAccess = "1";
HttpServletRequest hrequest = (HttpServletRequest) request;
String strContext = hrequest.getContextPath();
if (request instanceof HttpServletRequest) {
// 获取用户信息
userid = (String) hrequest.getSession().getAttribute("AuthorizedUserID");
strContext = hrequest.getContextPath();
queryString = hrequest.getQueryString(); // 整个参数串
actionType = hrequest.getParameter("actionType"); // 一般操作
if (actionType == null) {
actionType = hrequest.getParameter("formSN"); // 针对查询的操作
if (actionType != null) {
actionType = "formSN=" + actionType;
}
} else {
actionType = "actionType=" + actionType;
}
}
if (actionType != null) { // 如果参数不为空,则判断权限,通过存储过程判断
DBConnectionManager dbManager = new DBConnectionManager();
CallableStatement cstmt = null;
Connection conn = null;
try {
conn = dbManager.getConnection();
String query = "{call pkg_security.userAccessFunction(?,?,?,?)}";
cstmt = conn.prepareCall(query);
cstmt.registerOutParameter(1, OracleTypes.VARCHAR);
cstmt.setString(2, userid);
cstmt.setString(3, actionType == null ? null : actionType.trim());
cstmt.setString(4, queryString == null ? null : queryString.trim());
cstmt.execute();
isCanAccess = cstmt.getString(1);
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (cstmt != null) {
cstmt.close();
}
} catch (Exception ex) {
if (conn != null)
try {
conn.close();
} catch (SQLException e1) {
e1.printStackTrace();
}
}
if (conn != null)
try {
conn.close();
} catch (SQLException e1) {
e1.printStackTrace();
}
}
}
// 如果没有权限,定位到提示页面。
if (!isCanAccess.equals("1")) {
HttpServletResponse out = (HttpServletResponse) response;
out.sendRedirect(strContext + "/common/erroraccess.jsp");
return;
} else {
// 汉字问题
HttpServletRequest httpRequest = (HttpServletRequest) request;
httpRequest.setCharacterEncoding(encoding);
// chain.doFilter(request, response);
// 压缩传输
HttpServletResponse httpResponse = (HttpServletResponse) response;
String uri = httpRequest.getRequestURI();
String transferEncoding = getGZIPEncoding((HttpServletRequest) request);
if (transferEncoding == null) {
setResponseHeader(httpResponse, uri, transferEncoding);
chain.doFilter(request, response);
} else {
if (!uri.endsWith("dd.xml")) // 不处理的有哪些??????
{
chain.doFilter(request, response);
} else {
System.out.println("FrameworkFilter:: Filter handle dd.xml");
setResponseHeader(httpResponse, uri, transferEncoding);
httpResponse.setHeader("Content-Encoding", transferEncoding);
GZIPEncodableResponse wrappedResponse =
new GZIPEncodableResponse((HttpServletResponse) response);
chain.doFilter(request, wrappedResponse);
wrappedResponse.flush();
}
}
}
// Pass control on to the next filter
// chain.doFilter(request, response);
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws ServletException, IOException {
chain.doFilter(request, response);
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
// create input/output dir patterns
String contextPath = httpRequest.getContextPath();
if (this.inDirPattern == null) {
// NOTE: Have to do this here because the context path is not
// available in init().
this.inDirPattern =
Pattern.compile("^" + escape(contextPath) + escape(this.inDirName) + "/(.*)");
this.outDirPattern =
Pattern.compile("^" + escape(contextPath) + "/help/[a-z]{2}(?:_[A-Z]{2})?/.*");
if (ZimbraLog.webclient.isDebugEnabled()) {
ZimbraLog.webclient.debug("### indir pattern: " + this.inDirPattern.pattern());
ZimbraLog.webclient.debug("### outdir pattern: " + this.outDirPattern.pattern());
}
}
// check to see if we need to redirect this request
String requestUri = httpRequest.getRequestURI();
if (this.outDirPattern.matcher(requestUri).matches()) {
// allow it to go through
chain.doFilter(request, response);
return;
}
// make list of potential locales to check
Locale preferredLocale = getLocale(httpRequest);
String language = preferredLocale.getLanguage();
String country = preferredLocale.getCountry();
Locale[] locales = {preferredLocale, country != null ? new Locale(language) : null, Locale.US};
if (ZimbraLog.webclient.isDebugEnabled()) {
for (Locale locale : locales) {
ZimbraLog.webclient.debug("locale: " + locale);
}
}
// find out which version of the requested file exists
Locale actualLocale = preferredLocale;
Matcher matcher = this.inDirPattern.matcher(requestUri);
if (!matcher.matches()) {
httpResponse.sendError(
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Help URL doesn't match input pattern.");
return;
}
if (ZimbraLog.webclient.isDebugEnabled()) {
ZimbraLog.webclient.debug("### filename: " + matcher.group(1));
}
String filename = decode(matcher.group(1)).replace('/', File.separatorChar);
if (ZimbraLog.webclient.isDebugEnabled()) {
ZimbraLog.webclient.debug("### filename: " + filename);
}
File baseDir = new File(this.context.getRealPath("/"));
if (ZimbraLog.webclient.isDebugEnabled()) {
ZimbraLog.webclient.debug("### basedir: " + baseDir);
}
for (Locale locale : locales) {
if (locale == null) continue;
File file =
new File(
baseDir,
this.outDirName.replaceAll("\\{locale\\}", locale.toString())
+ File.separatorChar
+ filename);
if (file.exists()) {
actualLocale = locale;
break;
}
}
// redirect
String redirectUrl =
contextPath
+ this.outDirName.replaceAll("\\{locale\\}", actualLocale.toString())
+ "/"
+ filename;
if (ZimbraLog.webclient.isDebugEnabled()) {
ZimbraLog.webclient.debug("redirecting to: " + redirectUrl);
}
httpResponse.sendRedirect(redirectUrl);
}
