1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.cms.security.auth.login;
35
36 import info.magnolia.cms.filters.AbstractMgnlFilter;
37 import info.magnolia.context.MgnlContext;
38 import info.magnolia.logging.AuditLoggingUtil;
39
40 import java.io.IOException;
41 import java.util.ArrayList;
42 import java.util.Collection;
43
44 import javax.servlet.FilterChain;
45 import javax.servlet.ServletException;
46 import javax.servlet.http.HttpServletRequest;
47 import javax.servlet.http.HttpServletResponse;
48
49 import org.slf4j.Logger;
50 import org.slf4j.LoggerFactory;
51
52
53
54
55
56 public class LoginFilter extends AbstractMgnlFilter {
57
58 private static final Logger log = LoggerFactory.getLogger(LoginFilter.class);
59
60 private Collection<LoginHandler> loginHandlers = new ArrayList<LoginHandler>();
61
62 public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
63 for (LoginHandler handler : this.getLoginHandlers()) {
64 LoginResult loginResult = handler.handle(request, response);
65 LoginResult.setCurrentLoginResult(loginResult);
66 if (loginResult.getStatus() == LoginResult.STATUS_IN_PROCESS) {
67
68
69 return;
70 } else if (loginResult.getStatus() == LoginResult.STATUS_SUCCEEDED) {
71 if(request.getSession(false) != null){
72 request.getSession().invalidate();
73 }
74 MgnlContext.login(loginResult.getUser());
75
76 break;
77 }
78 AuditLoggingUtil.log(loginResult, request);
79
80 }
81
82 chain.doFilter(request, response);
83 }
84
85 public Collection<LoginHandler> getLoginHandlers() {
86 return loginHandlers;
87 }
88
89 public void setLoginHandlers(Collection<LoginHandler> loginHandlers) {
90 this.loginHandlers = loginHandlers;
91 }
92
93 public void addLoginHandlers(LoginHandler handler) {
94 this.loginHandlers.add(handler);
95 }
96
97
98
99 }