/**
   * Check if the current URL is protected and the current session doesn't contain a user object. If
   * this is the case perform a login.
   *
   * <p>The doFilter method of the Filter is called by the container each time a request/response
   * pair is passed through the chain due to a client request for a resource at the end of the
   * chain.
   *
   * @throws IOException
   * @throws ServletException
   */
  @Override
  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
      throws IOException, ServletException {

    HttpServletRequest httpRequest =
        new IgnoreCharacterEncodingHttpRequestWrapper((HttpServletRequest) request);
    HttpServletResponse httpResponse = (HttpServletResponse) response;
    AuthorizationRequestData rdo = initializeRequestDataObject(httpRequest);

    try {
      if (isPublicAccess(rdo, httpRequest)) {
        proceedWithFilterChain(chain, httpRequest, httpResponse);
      } else {
        handleProtectedUrlAndChangePwdCase(chain, httpRequest, httpResponse, rdo);
      }
    } catch (ServletException e) {

      // relogin is not possible in this case,
      // no SAML response to extract userid and generate password.
      if (authSettings.isServiceProvider()) {
        throw e;
      }

      if (e.getCause() instanceof ViewExpiredException) {
        // if we were logged in but a logout occurs from a different
        // browser tab, we get this exception - so redirect to the
        // same page to stay on it (Bug 7552)
        final StringBuffer url =
            new StringBuffer(rdo.getRelativePath() == null ? "" : rdo.getRelativePath());
        reLogginUserIfRequired(httpRequest, httpResponse, rdo, url);
        sendRedirect(httpRequest, httpResponse, url.toString());
      } else {
        throw e;
      }
    }
  }
 private void appendParam(StringBuffer url, String param, String value, String encoding) {
   if (url.indexOf("?") > -1) url.append('&');
   else url.append('?');
   url.append(param);
   url.append("=");
   try {
     url.append(URLEncoder.encode(value, encoding));
   } catch (UnsupportedEncodingException e) {
     throw new SaaSSystemException(e);
   }
 }