1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package info.magnolia.cms.security.auth.login;
35
36 import info.magnolia.cms.filters.AbstractMgnlFilter;
37 import info.magnolia.context.MgnlContext;
38 import info.magnolia.logging.AuditLoggingUtil;
39
40 import java.io.IOException;
41 import java.util.ArrayList;
42 import java.util.Collection;
43
44 import javax.servlet.FilterChain;
45 import javax.servlet.ServletException;
46 import javax.servlet.http.HttpServletRequest;
47 import javax.servlet.http.HttpServletResponse;
48
49 import org.slf4j.Logger;
50 import org.slf4j.LoggerFactory;
51
52
53
54
55
56 public class LoginFilter extends AbstractMgnlFilter {
57
58 private static final Logger log = LoggerFactory.getLogger(LoginFilter.class);
59
60 private Collection<LoginHandler> loginHandlers = new ArrayList<LoginHandler>();
61
62 public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
63 for (LoginHandler handler : this.getLoginHandlers()) {
64 LoginResult loginResult = handler.handle(request, response);
65 LoginResult.setCurrentLoginResult(loginResult);
66 if (loginResult.getStatus() == LoginResult.STATUS_IN_PROCESS) {
67
68
69 return;
70 } else if (loginResult.getStatus() == LoginResult.STATUS_SUCCEEDED) {
71 if(request.getSession(false) != null){
72 request.getSession().invalidate();
73 }
74 MgnlContext.login(loginResult.getUser());
75 AuditLoggingUtil.log(loginResult, request);
76
77 break;
78 } else {
79
80 AuditLoggingUtil.log(loginResult, request);
81 }
82
83 }
84
85 chain.doFilter(request, response);
86 }
87
88 public Collection<LoginHandler> getLoginHandlers() {
89 return loginHandlers;
90 }
91
92 public void setLoginHandlers(Collection<LoginHandler> loginHandlers) {
93 this.loginHandlers = loginHandlers;
94 }
95
96 public void addLoginHandlers(LoginHandler handler) {
97 this.loginHandlers.add(handler);
98 }
99
100
101
102 }