private void doFilterInternal(
HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
final String servletPath = RequestUtils.getServletPathFromRequest(request);
// add no cache header to web app request
RequestUtils.addNoCacheToWebAppRequest(servletPath, response);
String method = request.getMethod();
if ((servletPath == null || "/".equals(servletPath) || servletPath.length() == 0)
&& "get".equalsIgnoreCase(method)) {
// We were called with an empty path - redirect to the app main page
response.sendRedirect(HttpUtils.ANGULAR_WEBAPP + "/");
return;
}
// Reuse the authentication if it exists
Authentication authentication = RequestUtils.getAuthentication(request);
boolean isAuthenticated = authentication != null && authentication.isAuthenticated();
// Make sure this is called only once
boolean reAuthRequired = reAuthenticationRequired(request, authentication);
if (reAuthRequired) {
/**
* A re-authentication is required but we might still have data that needs to be invalidated
* (like the Wicket session)
*/
Map<String, LogoutHandler> logoutHandlers =
ContextHelper.get().beansForType(LogoutHandler.class);
for (LogoutHandler logoutHandler : logoutHandlers.values()) {
logoutHandler.logout(request, response, authentication);
}
}
boolean authenticationRequired = !isAuthenticated || reAuthRequired;
SecurityContext securityContext = SecurityContextHolder.getContext();
if (authenticationRequired) {
if (authFilter.acceptFilter(request)) {
authenticateAndExecute(request, response, chain, securityContext);
} else {
useAnonymousIfPossible(request, response, chain, securityContext);
}
} else {
log.debug("Using authentication {} from Http session.", authentication);
useAuthentication(request, response, chain, authentication, securityContext);
}
}
