01: /* ***** BEGIN LICENSE BLOCK *****
02: * Version: MPL 1.1
03: * The contents of this file are subject to the Mozilla Public License Version
04: * 1.1 (the "License"); you may not use this file except in compliance with
05: * the License. You may obtain a copy of the License at
06: * http://www.mozilla.org/MPL/
07: *
08: * Software distributed under the License is distributed on an "AS IS" basis,
09: * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
10: * for the specific language governing rights and limitations under the
11: * License.
12: *
13: * The Original Code is Riot.
14: *
15: * The Initial Developer of the Original Code is
16: * Neteye GmbH.
17: * Portions created by the Initial Developer are Copyright (C) 2006
18: * the Initial Developer. All Rights Reserved.
19: *
20: * Contributor(s):
21: * Felix Gnass [fgnass at neteye dot de]
22: *
23: * ***** END LICENSE BLOCK ***** */
24: package org.riotfamily.riot.security.session;
25:
26: import java.io.IOException;
27:
28: import javax.servlet.ServletException;
29: import javax.servlet.http.HttpServletRequest;
30: import javax.servlet.http.HttpServletResponse;
31:
32: import org.riotfamily.common.web.filter.FilterPlugin;
33: import org.riotfamily.common.web.filter.PluginChain;
34: import org.riotfamily.riot.security.auth.RiotUser;
35:
36: /**
37: * Servlet filter that binds the authenticated user (if present) to the
38: * current thread.
39: *
40: * @see AccessController
41: */
42: public final class AccessControlFilterPlugin extends FilterPlugin {
43: public static final int ORDER = 0;
44:
45: public int getOrder() {
46: return ORDER;
47: }
48:
49: public void setOrder(int order) {
50: throw new UnsupportedOperationException();
51: }
52:
53: public void doFilter(HttpServletRequest request,
54: HttpServletResponse response, PluginChain pluginChain)
55: throws IOException, ServletException {
56:
57: try {
58: RiotUser user = LoginManager.getUser(request);
59: SecurityContext.bindUserToCurrentThread(user);
60: pluginChain.doFilter(request, response);
61: } finally {
62: SecurityContext.resetUser();
63: }
64: }
65: }
|