/** * Check if the current URL is protected and the current session doesn't contain a user object. If * this is the case perform a login. * * <p>The doFilter method of the Filter is called by the container each time a request/response * pair is passed through the chain due to a client request for a resource at the end of the * chain. * * @throws IOException * @throws ServletException */ @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = new IgnoreCharacterEncodingHttpRequestWrapper((HttpServletRequest) request); HttpServletResponse httpResponse = (HttpServletResponse) response; AuthorizationRequestData rdo = initializeRequestDataObject(httpRequest); try { if (isPublicAccess(rdo, httpRequest)) { proceedWithFilterChain(chain, httpRequest, httpResponse); } else { handleProtectedUrlAndChangePwdCase(chain, httpRequest, httpResponse, rdo); } } catch (ServletException e) { // relogin is not possible in this case, // no SAML response to extract userid and generate password. if (authSettings.isServiceProvider()) { throw e; } if (e.getCause() instanceof ViewExpiredException) { // if we were logged in but a logout occurs from a different // browser tab, we get this exception - so redirect to the // same page to stay on it (Bug 7552) final StringBuffer url = new StringBuffer(rdo.getRelativePath() == null ? "" : rdo.getRelativePath()); reLogginUserIfRequired(httpRequest, httpResponse, rdo, url); sendRedirect(httpRequest, httpResponse, url.toString()); } else { throw e; } } }
private void appendParam(StringBuffer url, String param, String value, String encoding) { if (url.indexOf("?") > -1) url.append('&'); else url.append('?'); url.append(param); url.append("="); try { url.append(URLEncoder.encode(value, encoding)); } catch (UnsupportedEncodingException e) { throw new SaaSSystemException(e); } }