[Jboss-svn-commits] JBL Code SVN: r1081 - trunk/forge/portal-extensions/forge-portal-attr/src/java/org/jboss/forge/portal

[<jbo...@li...>]

Author: soh...@jb...
Date: 2005-09-12 11:10:07 -0400 (Mon, 12 Sep 2005)
New Revision: 1081

Added:
   trunk/forge/portal-extensions/forge-portal-attr/src/java/org/jboss/forge/portal/SSLProcessor.java
Log:
JBLAB-383-Need a SSL Processor for splitting the site up into ssl and non-ssl portions

Added: trunk/forge/portal-extensions/forge-portal-attr/src/java/org/jboss/forge/portal/SSLProcessor.java
===================================================================
--- trunk/forge/portal-extensions/forge-portal-attr/src/java/org/jboss/forge/portal/SSLProcessor.java	2005-09-12 15:09:12 UTC (rev 1080)
+++ trunk/forge/portal-extensions/forge-portal-attr/src/java/org/jboss/forge/portal/SSLProcessor.java	2005-09-12 15:10:07 UTC (rev 1081)
@@ -0,0 +1,129 @@
+package org.jboss.forge.portal;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.forge.common.HttpUtils;
+
+public class SSLProcessor implements Filter 
+{
+	public void init(FilterConfig config) throws ServletException 
+	{		
+	}
+	
+	public void doFilter(ServletRequest request, 
+			ServletResponse response, FilterChain chain) 
+	throws IOException, ServletException 
+	{
+		if (request instanceof HttpServletRequest && response instanceof HttpServletResponse) 
+		{
+			HttpServletRequest httpRequest = (HttpServletRequest) request;
+			HttpServletResponse httpResponse = (HttpServletResponse)response;
+			String requestURL = httpRequest.getRequestURL().toString();
+			String queryString = httpRequest.getQueryString();
+			if(queryString!=null && queryString.trim().length()>0)
+			{
+				requestURL += ("?" + queryString);
+			}
+			
+			//store the server ports, ssl and non-ssl
+			this.storePorts(httpRequest);
+						
+			if(httpRequest.isSecure())
+			{
+				//check to see if a switch from ssl-mode to non-ssl-mode is needed
+				if(this.isSwitchFromSSLNeeded(requestURL))
+				{
+					Integer plainPort = (Integer)httpRequest.getSession().getAttribute("http");
+					String relativeURL = HttpUtils.getRelativeURL(requestURL);
+					String plainURL = HttpUtils.
+					getPlainURL(httpRequest,plainPort.intValue());
+															
+					//perform the switch from ssl to regular mode
+					String url = plainURL + "/" + relativeURL;
+					httpResponse.setContentType("text/html");
+					httpResponse.sendRedirect(url);
+					return;
+				}				
+			}
+			else
+			{
+				//check to see if a switch from non-ssl-mode to ssl-mode is needed
+				if(this.isSwitchToSSLNeeded(requestURL))
+				{
+					Integer sslPort = (Integer)httpRequest.getSession().getAttribute("https");
+					String relativeURL = HttpUtils.getRelativeURL(requestURL);
+					String sslURL = HttpUtils.
+					getSecureURL(httpRequest,sslPort.intValue());
+															
+					//perform the switch from regular to ssl-mode
+					String url = sslURL + "/" + relativeURL;
+					httpResponse.setContentType("text/html");
+					httpResponse.sendRedirect(url);
+					return;
+				}
+			}
+		}				
+		//if I get here, process the request further
+		chain.doFilter(request, response);
+	}
+	
+	public void destroy() 
+	{		
+	}
+	
+	private boolean isSwitchFromSSLNeeded(String requestURL)
+	{
+		boolean switchNeeded = false;
+		
+		//these conditions need to be extracted out into an xml config file
+		//instead of hardcoding the values. 
+		//The implemenation will work for now
+		if(requestURL.indexOf("authsec")==-1 &&
+		   requestURL.indexOf("j_security_check")==-1 &&
+		   requestURL.indexOf("ctrl:id=page.default.login")==-1 &&
+		   requestURL.indexOf("ctrl:id=window.default.LoginWindow")==-1				   
+		)
+		{			
+			switchNeeded = true;
+		}
+		return switchNeeded;
+	}
+	
+	private boolean isSwitchToSSLNeeded(String requestURL)
+	{
+		boolean switchNeeded = false;
+		
+		//these conditions need to be extracted out into an xml config file
+		//instead of hardcoding the values. 
+		//The implemenation will work for now
+		
+		return switchNeeded;
+	}
+	
+	private void storePorts(HttpServletRequest request)
+	{
+		Integer sslPort = (Integer)request.getSession().getAttribute("https");
+		Integer plainPort = (Integer)request.getSession().getAttribute("http");		
+		if(sslPort==null || plainPort==null)
+		{
+			Integer port = new Integer(request.getServerPort());
+			if(request.isSecure())
+			{
+				request.getSession().setAttribute("https",port);
+			}
+			else
+			{
+				request.getSession().setAttribute("http",port);
+			}
+		}
+	}
+}