NIHVIVO-1944 Add logging statements, reformat. Make redirectToInsufficientAuthorizationPage() public, so it can be accessed from ConfirmLoginStatus.java
This commit is contained in:
jeb228
parent
25abfe0f32
commit
b5f4714057
1 changed files with 31 additions and 17 deletions
|
|
@ -92,38 +92,49 @@ public class VitroHttpServlet extends HttpServlet {
|
|||
HttpServletResponse response) {
|
||||
LogoutRedirector.recordRestrictedPageUri(request);
|
||||
if (LoginStatusBean.getBean(request).isLoggedIn()) {
|
||||
log.trace("Logged in. No minimum level.");
|
||||
return true;
|
||||
} else {
|
||||
log.trace("Not logged in. No minimum level.");
|
||||
redirectToLoginPage(request, response);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* If not logged in at the required level, redirect them to the appropriate page.
|
||||
* If not logged in at the required level, redirect them to the appropriate
|
||||
* page.
|
||||
*/
|
||||
public static boolean checkLoginStatus(HttpServletRequest request,
|
||||
HttpServletResponse response, int minimumLevel) {
|
||||
LogoutRedirector.recordRestrictedPageUri(request);
|
||||
if (LoginStatusBean.getBean(request).isLoggedInAtLeast(minimumLevel)) {
|
||||
LoginStatusBean statusBean = LoginStatusBean.getBean(request);
|
||||
if (statusBean.isLoggedInAtLeast(minimumLevel)) {
|
||||
log.trace("Security level " + statusBean.getSecurityLevel()
|
||||
+ " is sufficient for minimum of " + minimumLevel);
|
||||
return true;
|
||||
} else if (LoginStatusBean.getBean(request).isLoggedIn()) {
|
||||
} else if (statusBean.isLoggedIn()) {
|
||||
log.trace("Security level " + statusBean.getSecurityLevel()
|
||||
+ " is insufficient for minimum of " + minimumLevel);
|
||||
redirectToInsufficientAuthorizationPage(request, response);
|
||||
return false;
|
||||
} else {
|
||||
log.trace("Not logged in; not sufficient for minimum of "
|
||||
+ minimumLevel);
|
||||
redirectToLoginPage(request, response);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Logged in, but with insufficent authorization. Send them to the
|
||||
* home page with a message. They won't be coming back.
|
||||
* Logged in, but with insufficent authorization. Send them to the home page
|
||||
* with a message. They won't be coming back.
|
||||
*/
|
||||
private static void redirectToInsufficientAuthorizationPage(
|
||||
public static void redirectToInsufficientAuthorizationPage(
|
||||
HttpServletRequest request, HttpServletResponse response) {
|
||||
try {
|
||||
DisplayMessage.setMessage(request, INSUFFICIENT_AUTHORIZATION_MESSAGE);
|
||||
DisplayMessage.setMessage(request,
|
||||
INSUFFICIENT_AUTHORIZATION_MESSAGE);
|
||||
response.sendRedirect(request.getContextPath());
|
||||
} catch (IOException e) {
|
||||
log.error("Could not redirect to show insufficient authorization.");
|
||||
|
|
@ -137,7 +148,8 @@ public class VitroHttpServlet extends HttpServlet {
|
|||
public static void redirectToLoginPage(HttpServletRequest request,
|
||||
HttpServletResponse response) {
|
||||
String returnUrl = assembleUrlToReturnHere(request);
|
||||
String loginUrlWithReturn = assembleLoginUrlWithReturn(request, returnUrl);
|
||||
String loginUrlWithReturn = assembleLoginUrlWithReturn(request,
|
||||
returnUrl);
|
||||
|
||||
try {
|
||||
response.sendRedirect(loginUrlWithReturn);
|
||||
|
|
@ -155,8 +167,8 @@ public class VitroHttpServlet extends HttpServlet {
|
|||
}
|
||||
}
|
||||
|
||||
private static String assembleLoginUrlWithReturn(HttpServletRequest request,
|
||||
String afterLoginUrl) {
|
||||
private static String assembleLoginUrlWithReturn(
|
||||
HttpServletRequest request, String afterLoginUrl) {
|
||||
String encodedAfterLoginUrl = afterLoginUrl;
|
||||
try {
|
||||
encodedAfterLoginUrl = URLEncoder.encode(afterLoginUrl, "UTF-8");
|
||||
|
|
@ -168,7 +180,8 @@ public class VitroHttpServlet extends HttpServlet {
|
|||
}
|
||||
|
||||
/**
|
||||
* If logging is set to the TRACE level, dump the HTTP headers on the request.
|
||||
* If logging is set to the TRACE level, dump the HTTP headers on the
|
||||
* request.
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
@Override
|
||||
|
|
@ -177,7 +190,8 @@ public class VitroHttpServlet extends HttpServlet {
|
|||
if (log.isTraceEnabled()) {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
Enumeration<String> names = request.getHeaderNames();
|
||||
log.trace("----------------------request:" + request.getRequestURL());
|
||||
log.trace("----------------------request:"
|
||||
+ request.getRequestURL());
|
||||
while (names.hasMoreElements()) {
|
||||
String name = names.nextElement();
|
||||
if (!BORING_HEADERS.contains(name)) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue