From 715c814a5ae41018c453be36da09c710d9e9f65b Mon Sep 17 00:00:00 2001 From: maxcooper Date: Thu, 15 Aug 2002 09:17:59 +0000 Subject: [PATCH] fixed "I might not be the only filter" issue fixed error page display on WebLogic --- .../org/securityfilter/filter/SecurityFilter.java | 36 ++++++++-------------- 1 file changed, 13 insertions(+), 23 deletions(-) diff --git a/src/share/org/securityfilter/filter/SecurityFilter.java b/src/share/org/securityfilter/filter/SecurityFilter.java index 2817f6f..32b491b 100644 --- a/src/share/org/securityfilter/filter/SecurityFilter.java +++ b/src/share/org/securityfilter/filter/SecurityFilter.java @@ -1,7 +1,7 @@ /* - * $Header: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/filter/SecurityFilter.java,v 1.5 2002/08/14 13:13:23 maxcooper Exp $ - * $Revision: 1.5 $ - * $Date: 2002/08/14 13:13:23 $ + * $Header: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/filter/SecurityFilter.java,v 1.6 2002/08/15 09:17:59 maxcooper Exp $ + * $Revision: 1.6 $ + * $Date: 2002/08/15 09:17:59 $ * * ==================================================================== * The SecurityFilter Software License, Version 1.1 @@ -78,11 +78,12 @@ import java.util.*; * * @author Max Cooper (max@maxcooper.com) * @author Torgeir Veimo (torgeir@pobox.com) - * @version $Revision: 1.5 $ $Date: 2002/08/14 13:13:23 $ + * @version $Revision: 1.6 $ $Date: 2002/08/15 09:17:59 $ */ public class SecurityFilter implements Filter { public static final String SAVED_REQUEST_URL = SecurityFilter.class.getName() + ".SAVED_REQUEST_URL"; public static final String SAVED_REQUEST = SecurityFilter.class.getName() + ".SAVED_REQUEST"; + public static final String ALREADY_PROCESSED = SecurityFilter.class.getName() + ".ALREADY_PROCESSED"; public static final String CONFIG_FILE_KEY = "config"; public static final String DEFAULT_CONFIG_FILE = "/WEB-INF/securityfilter-config.xml"; @@ -121,12 +122,11 @@ public class SecurityFilter implements Filter { HttpServletResponse hRes = (HttpServletResponse) response; SecurityRequestWrapper wrappedRequest; - //System.out.println("\n--- request URL = " + hReq.getRequestURL().toString()); + // if the request has already been processed by the filter, pass it through unchecked + if (request.getAttribute(ALREADY_PROCESSED) == null) { + // set an attribute on this request to indicate that it has already been processed + request.setAttribute(ALREADY_PROCESSED, "true"); - // if the request has already been wrapped by the filter, pass it through unchecked - if (request instanceof SecurityRequestWrapper) { - wrappedRequest = (SecurityRequestWrapper) request; - } else { // get the part of the URL to check for matches String requestURL = getMatchableURL(hReq); @@ -138,7 +138,7 @@ public class SecurityFilter implements Filter { // check if this is a login form submittal if (loginSubmitRE.match(requestURL)) { - processLogin(wrappedRequest, hRes); + processLogin((SecurityRequestWrapper)wrappedRequest, hRes); return; } @@ -177,10 +177,12 @@ public class SecurityFilter implements Filter { } } } + // send wrapped request down the chain + request = wrappedRequest; } // pass the request down the filter chain - chain.doFilter(wrappedRequest, hRes); + chain.doFilter(request, response); } /** @@ -231,11 +233,6 @@ public class SecurityFilter implements Filter { } } Collections.sort(patternList); - //System.out.println("Sorted pattern list:"); - //for (Iterator i = patternList.iterator(); i.hasNext(); ) { - // MatchableURLPattern pattern = (MatchableURLPattern) i.next(); - // System.out.println(pattern.getPattern()); - //} } catch (RESyntaxException rese) { System.err.println("invalid regular expression pattern: " + rese); @@ -299,7 +296,6 @@ public class SecurityFilter implements Filter { HttpServletRequest request, HttpServletResponse response ) throws IOException, ServletException { - //System.out.println("showLogin() called..."); // save this request saveRequestInformation(request); // redirect to login page @@ -318,7 +314,6 @@ public class SecurityFilter implements Filter { SecurityRequestWrapper request, HttpServletResponse response ) throws IOException, ServletException { - //System.out.println("processLogin() called..."); String username = request.getParameter(FORM_USERNAME); String password = request.getParameter(FORM_PASSWORD); Principal principal = realm.authenticate(username, password); @@ -342,7 +337,6 @@ public class SecurityFilter implements Filter { * @param request the current request */ protected String getContinueToURL(HttpServletRequest request) { - //System.out.println("getContinueToURL() called..."); HttpSession session = request.getSession(); String savedURL = (String) session.getAttribute(SAVED_REQUEST_URL); if (savedURL != null) { @@ -358,7 +352,6 @@ public class SecurityFilter implements Filter { * @param request the current request */ protected void saveRequestInformation(HttpServletRequest request) { - //System.out.println("saveRequestInformation() called..."); HttpSession session = request.getSession(); session.setAttribute(SecurityFilter.SAVED_REQUEST_URL, getSaveableURL(request)); session.setAttribute(SecurityFilter.SAVED_REQUEST, new SavedRequest(request)); @@ -372,7 +365,6 @@ public class SecurityFilter implements Filter { * SavedRequest object is returned. */ protected SavedRequest getSavedRequest(HttpServletRequest request) { - //System.out.println("getSavedRequest() called..."); HttpSession session = request.getSession(); String savedURL = (String) session.getAttribute(SecurityFilter.SAVED_REQUEST_URL); if (savedURL != null && savedURL.equals(getSaveableURL(request))) { @@ -398,12 +390,10 @@ public class SecurityFilter implements Filter { private String getMatchableURL(HttpServletRequest request) { // extract the request URL portion that needs to be checked String matchableURL = request.getRequestURI(); - //System.out.println("RequestURI = " + matchableURL); // remove the contextPath matchableURL = matchableURL.substring(request.getContextPath().length()); // use PathInfo if this request didn't match a servlet name String pathInfo = request.getPathInfo(); - //System.out.println("PathInfo = " + pathInfo); if ("/".equals(matchableURL) && pathInfo != null) { matchableURL = pathInfo; } -- 2.11.0