10-Sep-04 (Created: 10-Sep-04) | More in 'Howto-Advanced'

Source code of LoginValidator 

package com.ai.servlets;

import com.ai.application.utils.*;
import com.ai.application.interfaces.*;
import javax.servlet.http.*;
import java.util.*;
import com.ai.servletutils.*;

/**
 * How does this work
 * if you are logged in allow to forward
 * If it is a public url allow to go forward
 * otherwise
 * redirec to a login page
 */
public class LoginValidator extends DefaultHttpEvents implements IInitializable
{
   private String m_loginPageURL = null;
   public void initialize(String requestName)
   {
      m_loginPageURL = AppObjects.getValue(requestName + ".loginPageURL",null);
      AppObjects.log("Info:LoginPageURL:" + m_loginPageURL);
   }
   public boolean beginRequest(HttpServletRequest request, HttpServletResponse response) throws AspireServletException
   {
      try
      {
         HttpSession session = request.getSession(false);
         if (isLoggedIn(session))
         {
            //Session is logged in
            //Allow this request to go through
            return true;
         }
         //Not logged in
         AppObjects.log("Warn:LV: Not logged in");
         if (ServletUtils.isAPublicURL(request,response))
         {
            //public url, allow it to go through
            AppObjects.log("Info:LV: This is a public url");
            return true;
         }
         //Private url and not logged in
         AppObjects.log("Info:LV: This is a private url, and you are not logged in");

         //Redirect to the user
         redirectToLoginPage(request,response,m_loginPageURL);

         //ask the requet to discontinue
         return false;
      }
      catch(com.ai.aspire.authentication.AuthorizationException x)
      {
         throw new AspireServletException("Error:Error with deciding a public url",x);
      }
   }//eof-function

/*******************************************************************************
 * redirectUserToMainPage
 *******************************************************************************
 */
      private void redirectToLoginPage(HttpServletRequest request,
            HttpServletResponse response,
            String loginPageURL)
            throws AspireServletException
      {
         if (loginPageURL == null)
         {
            throw new AspireServletException("Error:LV: LoginPageURL is null. It should be specified");
         }
         String targetURI = request.getRequestURI();
         AppObjects.log("Info:LV:target uri:" + targetURI);

         Hashtable t = new Hashtable();
         t.put("aspire_login_targeturi",targetURI);
         t.put("aspirecontext",request.getContextPath().substring(1));

         String newURL = ServletUtils.getSubstitutedURL(loginPageURL,t);

         AppObjects.log("Info:LV: Redirecting to " + newURL);

         try
         {
            response.sendRedirect(response.encodeRedirectUrl(newURL));
         }
         catch(java.io.IOException x)
         {
            throw new AspireServletException("Error:LV: could not redirect using encode redirect",x);
         }
         return;
      }

/*******************************************************************************
 * isLoggedIn
 *******************************************************************************
 */
   private boolean isLoggedIn(HttpSession session)
   {
      if (session == null)
         return false;
      //session is good
      String loggedInStatus = (String)session.getAttribute(AspireConstants.ASPIRE_LOGGEDIN_STATUS_KEY);
      if (loggedInStatus == null)
      {
         return false;
      }
      //Logged in status availabe
      if (loggedInStatus.equals("false"))
      {
         return false;
      }
      return true;
   }
}//eof-class