public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
      throws IOException, ServletException {

    String authToken = ((HttpServletRequest) request).getHeader("x-auth-token");

    if ((null != authToken)
        && !authToken.trim().equals("")
        && !authToken.trim().equalsIgnoreCase("null")) {
      String strToken = authToken;
      System.out.println("Token: " + strToken);

      if (tokenServiceImpl.validate(strToken)) {
        System.out.println("valid token found");

        User user = tokenServiceImpl.getUserFromToken(strToken);

        UsernamePasswordAuthenticationToken authentication =
            new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword());
        authentication.setDetails(
            new WebAuthenticationDetailsSource().buildDetails((HttpServletRequest) request));
        SecurityContextHolder.getContext()
            .setAuthentication(authManager.authenticate(authentication));
      } else {
        System.out.println("invalid token");
      }
    } else {
      System.out.println("no token found");
    }

    // continue thru the filter chain
    chain.doFilter(request, response);
  }
コード例 #2
0
  @RequestMapping(value = "/login", method = RequestMethod.POST)
  public ModelMap login(@RequestBody User user, HttpServletResponse response) {

    ModelMap map = new ModelMap();

    try {
      User dbUser = userServiceImpl.getUser(user.getUsername(), user.getPassword());

      if (dbUser != null) {
        String token = tokenServiceImpl.getToken(dbUser);

        if (null != token && !token.equals("")) {
          map.addAttribute("success", true);
          response.setHeader("x-auth-token", token);
        } else {
          map.addAttribute("error", true);
        }
      }
    } catch (ApplicationException e) {
      map.addAttribute("error", true);
    }

    return map;
  }