litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-1944 Add logging statements, reformat. Make redirectToInsufficientAuthorizationPage() public, so it can be accessed from ConfirmLoginStatus.java

Browse source
This commit is contained in:
jeb228 2011-01-28 16:52:15 +00:00
parent 25abfe0f32
commit b5f4714057
1 changed files with 31 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

38
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/VitroHttpServlet.java
View file

@ -92,38 +92,49 @@ public class VitroHttpServlet extends HttpServlet {
HttpServletResponse response) { HttpServletResponse response) {
LogoutRedirector.recordRestrictedPageUri(request); LogoutRedirector.recordRestrictedPageUri(request);
if (LoginStatusBean.getBean(request).isLoggedIn()) { if (LoginStatusBean.getBean(request).isLoggedIn()) {
log.trace("Logged in. No minimum level.");
return true; return true;
} else { } else {
log.trace("Not logged in. No minimum level.");
redirectToLoginPage(request, response); redirectToLoginPage(request, response);
return false; return false;
} }
} }
/** /**
* If not logged in at the required level, redirect them to the appropriate page. * If not logged in at the required level, redirect them to the appropriate
* page.
*/ */
public static boolean checkLoginStatus(HttpServletRequest request, public static boolean checkLoginStatus(HttpServletRequest request,
HttpServletResponse response, int minimumLevel) { HttpServletResponse response, int minimumLevel) {
LogoutRedirector.recordRestrictedPageUri(request); LogoutRedirector.recordRestrictedPageUri(request);
if (LoginStatusBean.getBean(request).isLoggedInAtLeast(minimumLevel)) { LoginStatusBean statusBean = LoginStatusBean.getBean(request);
if (statusBean.isLoggedInAtLeast(minimumLevel)) {
log.trace("Security level " + statusBean.getSecurityLevel()
+ " is sufficient for minimum of " + minimumLevel);
return true; return true;
} else if (LoginStatusBean.getBean(request).isLoggedIn()) { } else if (statusBean.isLoggedIn()) {
log.trace("Security level " + statusBean.getSecurityLevel()
+ " is insufficient for minimum of " + minimumLevel);
redirectToInsufficientAuthorizationPage(request, response); redirectToInsufficientAuthorizationPage(request, response);
return false; return false;
} else { } else {
log.trace("Not logged in; not sufficient for minimum of "
+ minimumLevel);
redirectToLoginPage(request, response); redirectToLoginPage(request, response);
return false; return false;
} }
} }
/** /**
* Logged in, but with insufficent authorization. Send them to the * Logged in, but with insufficent authorization. Send them to the home page
* home page with a message. They won't be coming back. * with a message. They won't be coming back.
*/ */
private static void redirectToInsufficientAuthorizationPage( public static void redirectToInsufficientAuthorizationPage(
HttpServletRequest request, HttpServletResponse response) { HttpServletRequest request, HttpServletResponse response) {
try { try {
DisplayMessage.setMessage(request, INSUFFICIENT_AUTHORIZATION_MESSAGE); DisplayMessage.setMessage(request,
INSUFFICIENT_AUTHORIZATION_MESSAGE);
response.sendRedirect(request.getContextPath()); response.sendRedirect(request.getContextPath());
} catch (IOException e) { } catch (IOException e) {
log.error("Could not redirect to show insufficient authorization."); log.error("Could not redirect to show insufficient authorization.");
@ -137,7 +148,8 @@ public class VitroHttpServlet extends HttpServlet {
public static void redirectToLoginPage(HttpServletRequest request, public static void redirectToLoginPage(HttpServletRequest request,
HttpServletResponse response) { HttpServletResponse response) {
String returnUrl = assembleUrlToReturnHere(request); String returnUrl = assembleUrlToReturnHere(request);
String loginUrlWithReturn = assembleLoginUrlWithReturn(request, returnUrl); String loginUrlWithReturn = assembleLoginUrlWithReturn(request,
returnUrl);
try { try {
response.sendRedirect(loginUrlWithReturn); response.sendRedirect(loginUrlWithReturn);
@ -155,8 +167,8 @@ public class VitroHttpServlet extends HttpServlet {
} }
} }
private static String assembleLoginUrlWithReturn(HttpServletRequest request, private static String assembleLoginUrlWithReturn(
String afterLoginUrl) { HttpServletRequest request, String afterLoginUrl) {
String encodedAfterLoginUrl = afterLoginUrl; String encodedAfterLoginUrl = afterLoginUrl;
try { try {
encodedAfterLoginUrl = URLEncoder.encode(afterLoginUrl, "UTF-8"); encodedAfterLoginUrl = URLEncoder.encode(afterLoginUrl, "UTF-8");
@ -168,7 +180,8 @@ public class VitroHttpServlet extends HttpServlet {
} }
/** /**
* If logging is set to the TRACE level, dump the HTTP headers on the request. * If logging is set to the TRACE level, dump the HTTP headers on the
* request.
*/ */
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
@Override @Override
@ -177,7 +190,8 @@ public class VitroHttpServlet extends HttpServlet {
if (log.isTraceEnabled()) { if (log.isTraceEnabled()) {
HttpServletRequest request = (HttpServletRequest) req; HttpServletRequest request = (HttpServletRequest) req;
Enumeration<String> names = request.getHeaderNames(); Enumeration<String> names = request.getHeaderNames();
log.trace("----------------------request:" + request.getRequestURL()); log.trace("----------------------request:"
+ request.getRequestURL());
while (names.hasMoreElements()) { while (names.hasMoreElements()) {
String name = names.nextElement(); String name = names.nextElement();
if (!BORING_HEADERS.contains(name)) { if (!BORING_HEADERS.contains(name)) {