| commit | author | age | ||
| b1f20a | 1 | /* |
| U | 2 | WebBox - Dein Server. |
| 3 | Copyright (C) 2017 Ulrich Hilger, http://uhilger.de | |
| 4 | ||
| 5 | This program is free software: you can redistribute it and/or modify | |
| 6 | it under the terms of the GNU Affero General Public License as | |
| 7 | published by the Free Software Foundation, either version 3 of the | |
| 8 | License, or (at your option) any later version. | |
| 9 | ||
| 10 | This program is distributed in the hope that it will be useful, | |
| 11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 13 | GNU Affero General Public License for more details. | |
| 14 | ||
| 15 | You should have received a copy of the GNU Affero General Public License | |
| 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 17 | */ | |
| 18 | package de.uhilger.wbx.web; | |
| 19 | ||
| 20 | import java.io.IOException; | |
| 21 | import java.security.Principal; | |
| 22 | import java.util.logging.Logger; | |
| 23 | import javax.servlet.Filter; | |
| 24 | import javax.servlet.FilterChain; | |
| 25 | import javax.servlet.FilterConfig; | |
| 26 | import javax.servlet.ServletException; | |
| 27 | import javax.servlet.ServletRequest; | |
| 28 | import javax.servlet.ServletResponse; | |
| 29 | import javax.servlet.http.HttpServletRequest; | |
| 30 | ||
| 31 | /** | |
| 32 | * | |
| 33 | * @author ulrich | |
| 34 | */ | |
| 35 | public class HomeFilter implements Filter { | |
| 36 | ||
| 37 | private static final Logger logger = Logger.getLogger(HomeFilter.class.getName()); | |
| 38 | ||
| 39 | private static final String HOME_CTX = "/home"; | |
| 40 | ||
| 41 | @Override | |
| 42 | public void init(FilterConfig filterConfig) throws ServletException { | |
| 43 | // ... | |
| fcc098 | 44 | logger.fine(" initialisiert."); |
| b1f20a | 45 | } |
| U | 46 | |
| 47 | /* | |
| 48 | Dieser Filter laesst nur Anfragen durch, die in username | |
| 49 | denselben Eintrag haben wie der Name des angemeldeten Benutzers. | |
| 50 | ||
| 51 | http]://example.com/home/username/test.txt | |
| 52 | */ | |
| 53 | @Override | |
| 54 | public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { | |
| 55 | ||
| 56 | if (request instanceof HttpServletRequest) { | |
| 57 | HttpServletRequest hr = (HttpServletRequest) request; | |
| 58 | ||
| 59 | logger.fine("requestURL: " + hr.getRequestURL().toString()); | |
| 60 | logger.fine("ContextPath: " + hr.getContextPath()); | |
| 61 | logger.fine("ServletPath: " + hr.getServletPath()); | |
| 62 | logger.fine("PathInfo: " + hr.getPathInfo()); | |
| 63 | ||
| 64 | String userName = getUserName(hr); | |
| 65 | if (userName != null) { | |
| 66 | String servletPath = hr.getServletPath(); | |
| 67 | if (servletPath != null && servletPath.length() > 0) { | |
| c00e0a | 68 | String urlStr = servletPath.substring(1); |
| b1f20a | 69 | logger.fine("urlStr: " + urlStr); |
| c00e0a | 70 | if (urlStr.startsWith(userName)) { |
| b1f20a | 71 | logger.fine("User " + userName + " matches URL and may pass."); |
| U | 72 | chain.doFilter(request, response); |
| 73 | } else { | |
| 74 | logger.fine("You may not see that content."); | |
| 75 | } | |
| 76 | } | |
| 77 | } else { | |
| 78 | logger.fine("You need to log in to see this content."); | |
| 79 | } | |
| 80 | } | |
| 81 | } | |
| 82 | ||
| 83 | private String getUserName(HttpServletRequest hr) { | |
| 84 | String userName = null; | |
| 85 | Object p = hr.getUserPrincipal(); | |
| 86 | if (p instanceof Principal) { | |
| 87 | userName = ((Principal) p).getName(); | |
| 88 | } | |
| 89 | return userName; | |
| 90 | } | |
| 91 | ||
| 92 | @Override | |
| 93 | public void destroy() { | |
| 94 | // ... | |
| 95 | } | |
| 96 | } | |
