cas HttpServletRequestWrapperFilter-白红宇

cas HttpServletRequestWrapperFilter

阅读量：6828 次

发布时间：2019-06-26

本文共 3708 字，大约阅读时间需要 12 分钟。

HttpServletRequestWrapperFilter

作用其实很简单就是在HttpServletRequest对象在包装一次，让其支持getUserPrincipal，getRemoteUser方法来获取登录的用户信息。

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {       //从session或者request中取得AttributePrincipal，其实Assertion的一个principal属性        AttributePrincipal principal = this.retrievePrincipalFromSessionOrRequest(servletRequest);       //对request进行包装，并处理后面的过滤器，使其后面的过滤器或者servlert能够在reqeust能够在request.getRemoteUser()或者request.getUserPrincipal        filterChain.doFilter(new HttpServletRequestWrapperFilter.CasHttpServletRequestWrapper((HttpServletRequest)servletRequest, principal), servletResponse);    }    protected AttributePrincipal retrievePrincipalFromSessionOrRequest(ServletRequest servletRequest) {        HttpServletRequest request = (HttpServletRequest)servletRequest;        HttpSession session = request.getSession(false);        Assertion assertion = (Assertion)((Assertion)(session == null?request.getAttribute("_const_cas_assertion_"):session.getAttribute("_const_cas_assertion_")));        return assertion == null?null:assertion.getPrincipal();    }

实现起来也比较简单，这个里面使用一个内部类CasHttpServletRequestWrapper，其继承HttpServletRequestWrapper，    通过给定Assertion对象中取得AttributePrincipal对象来组装CasHttpServletRequestWrapper。

final class CasHttpServletRequestWrapper extends HttpServletRequestWrapper {        private final AttributePrincipal principal;        CasHttpServletRequestWrapper(HttpServletRequest request, AttributePrincipal principal) {            super(request);            this.principal = principal;        }        public Principal getUserPrincipal() {            return this.principal;        }        public String getRemoteUser() {            return this.principal != null?this.principal.getName():null;        }        public boolean isUserInRole(String role) {            if(CommonUtils.isBlank(role)) {                HttpServletRequestWrapperFilter.this.logger.debug("No valid role provided.  Returning false.");                return false;            } else if(this.principal == null) {                HttpServletRequestWrapperFilter.this.logger.debug("No Principal in Request.  Returning false.");                return false;            } else if(CommonUtils.isBlank(HttpServletRequestWrapperFilter.this.roleAttribute)) {                HttpServletRequestWrapperFilter.this.logger.debug("No Role Attribute Configured. Returning false.");                return false;            } else {                Object value = this.principal.getAttributes().get(HttpServletRequestWrapperFilter.this.roleAttribute);                if(value instanceof Collection) {                    Iterator isMember = ((Collection)value).iterator();                    while(isMember.hasNext()) {                        Object o = isMember.next();                        if(this.rolesEqual(role, o)) {                            HttpServletRequestWrapperFilter.this.logger.debug("User [{}] is in role [{}]: true", this.getRemoteUser(), role);                            return true;                        }                    }                }                boolean isMember1 = this.rolesEqual(role, value);                HttpServletRequestWrapperFilter.this.logger.debug("User [{}] is in role [{}]: {}", new Object[]{this.getRemoteUser(), role, Boolean.valueOf(isMember1)});                return isMember1;            }        }        private boolean rolesEqual(String given, Object candidate) {            return HttpServletRequestWrapperFilter.this.ignoreCase?given.equalsIgnoreCase(candidate.toString()):given.equals(candidate);        }    }

转载于:https://www.cnblogs.com/ssgao/p/8817316.html

你可能感兴趣的文章

Struts2 中action之间的跳转(分享)

查看>>

HDU4707:Pet(DFS)

查看>>