private void redirectToLogin(
HttpServletRequest request, HttpServletResponse response, VDC currentVDC)
throws IOException, ServletException {
String vdcParam = "?redirect=true";
PageDef loginPage = pageDefService.findByName(PageDefServiceLocal.LOGIN_PAGE);
if (currentVDC != null) {
vdcParam += "&vdcId=" + currentVDC.getId();
}
response.sendRedirect(request.getContextPath() + "/faces" + loginPage.getPath() + vdcParam);
}
/**
* @param request The servlet request we are processing
* @param result The servlet response we are creating
* @param chain The filter chain we are processing
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String requestPath = httpRequest.getPathInfo();
VDC currentVDC = vdcService.getVDCFromRequest(httpRequest);
if (requestPath != null && requestPath.endsWith(".jsp")) {
String redirectURL = httpRequest.getContextPath();
if (currentVDC != null) {
redirectURL += "/dv/" + currentVDC.getAlias();
}
httpResponse.sendRedirect(redirectURL + "/faces/NotFoundPage.xhtml");
return;
}
PageDef pageDef = pageDefService.findByPath(requestPath);
// check for invalid study Id or study versionNumber
// for right now, do this with a sendRedirect, though we should try to figure out a solution
// with a forward isntead; that way the user can fix the issue in the URL and easily try again
if (isViewStudyPage(pageDef) || isEditStudyPage(pageDef) || isVersionDiffPage(pageDef)) {
Long studyId = determineStudyId(pageDef, httpRequest);
if (isVersionDiffPage(pageDef)) {
Long[] versionDiffNumbers = VDCRequestBean.parseVersionNumberList(httpRequest);
if (versionDiffNumbers == null || studyId == null) {
String redirectURL = httpRequest.getContextPath();
if (currentVDC != null) {
redirectURL += "/dv/" + currentVDC.getAlias();
}
httpResponse.sendRedirect(redirectURL + "/faces/NotFoundPage.xhtml");
return;
} else {
try {
// Get the studyVersions to test that the versionNumbers exist for this study.
// If they don't exist, an EJBException will be thrown.
StudyVersion sv1 = studyService.getStudyVersion(studyId, versionDiffNumbers[0]);
StudyVersion sv2 = studyService.getStudyVersion(studyId, versionDiffNumbers[1]);
} catch (EJBException e) {
if (e.getCause() instanceof IllegalArgumentException) {
String redirectURL = httpRequest.getContextPath();
if (currentVDC != null) {
redirectURL += "/dv/" + currentVDC.getAlias();
}
httpResponse.sendRedirect(redirectURL + "/faces/IdDoesNotExistPage.xhtml");
return;
} else {
throw e;
}
}
}
} else if (studyId != null) {
try {
String versionNumberParam = httpRequest.getParameter("versionNumber");
if (versionNumberParam != null) {
Long versionNumber = new Long(versionNumberParam);
StudyVersion sv = studyService.getStudyVersion(studyId, versionNumber);
} else {
// Get the study to make sure that the studyId exists.
// If it doesn't exist, and EJBException will be thrown.
Study study = studyService.getStudy(studyId);
}
} catch (EJBException e) {
if (e.getCause() instanceof IllegalArgumentException) {
String redirectURL = httpRequest.getContextPath();
if (currentVDC != null) {
redirectURL += "/dv/" + currentVDC.getAlias();
}
httpResponse.sendRedirect(redirectURL + "/faces/IdDoesNotExistPage.xhtml");
return;
} else {
throw e;
}
} catch (NumberFormatException e) {
String redirectURL = httpRequest.getContextPath();
if (currentVDC != null) {
redirectURL += "/dv/" + currentVDC.getAlias();
}
httpResponse.sendRedirect(redirectURL + "/faces/NotFoundPage.xhtml");
return;
}
}
}
setOriginalUrl(httpRequest, httpResponse, currentVDC);
LoginBean loginBean = getLoginBean(request);
UserGroup ipUserGroup = null;
if (loginBean == null) {
ipUserGroup = getIpGroup(httpRequest);
} else {
HttpSession session = ((HttpServletRequest) request).getSession(false);
}
String loginURI = (String) httpRequest.getSession().getAttribute("LOGIN_REDIRECT");
if (loginURI != null) {
httpRequest.getSession().removeAttribute("LOGIN_REDIRECT");
httpResponse.sendRedirect(loginURI);
} else {
boolean authorized = false;
if (isRolePage(pageDef, httpRequest)) {
if (isUserAuthorizedForRolePage(pageDef, httpRequest, loginBean)) {
authorized = true;
}
} else if (isUserAuthorizedForNonRolePage(pageDef, httpRequest, loginBean, ipUserGroup)) {
authorized = true;
}
if (!authorized) {
if (loginBean == null) {
redirectToLogin(httpRequest, httpResponse, currentVDC);
} else {
PageDef redirectPageDef =
pageDefService.findByName(PageDefServiceLocal.UNAUTHORIZED_PAGE);
httpResponse.sendRedirect(
httpRequest.getContextPath() + "/faces" + redirectPageDef.getPath());
}
} else {
if (isCheckLockPage(pageDef) && studyLockedMessage(pageDef, httpRequest) != null) {
PageDef redirectPageDef = pageDefService.findByName(PageDefServiceLocal.STUDYLOCKED_PAGE);
httpResponse.sendRedirect(
httpRequest.getContextPath()
+ "/faces"
+ redirectPageDef.getPath()
+ "?message="
+ studyLockedMessage(pageDef, httpRequest));
} else {
try {
chain.doFilter(request, response);
} catch (Throwable t) {
//
// If an exception is thrown somewhere down the filter chain,
// we still want to execute our after processing, and then
// rethrow the problem after that.
//
t.printStackTrace();
}
}
}
}
}