回到顶部


HttpServletRequestWrapperFilter

作用其实很简单就是 在HttpServletRequest对象在包装一次,让其支持getUserPrincipal,getRemoteUser方法来获取登录的用户信息。

  public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
       //从session或者request中取得AttributePrincipal,其实Assertion的一个principal属性
        AttributePrincipal principal = this.retrievePrincipalFromSessionOrRequest(servletRequest);
       //对request进行包装,并处理后面的过滤器,使其后面的过滤器或者servlert能够在reqeust能够在request.getRemoteUser()或者request.getUserPrincipal
        filterChain.doFilter(new HttpServletRequestWrapperFilter.CasHttpServletRequestWrapper((HttpServletRequest)servletRequest, principal), servletResponse);
    }

    protected AttributePrincipal retrievePrincipalFromSessionOrRequest(ServletRequest servletRequest) {
        HttpServletRequest request = (HttpServletRequest)servletRequest;
        HttpSession session = request.getSession(false);
        Assertion assertion = (Assertion)((Assertion)(session == null?request.getAttribute("_const_cas_assertion_"):session.getAttribute("_const_cas_assertion_")));
        return assertion == null?null:assertion.getPrincipal();
    }
    实现起来也比较简单,这个里面使用一个内部类CasHttpServletRequestWrapper,其继承HttpServletRequestWrapper,
    通过给定Assertion对象中取得AttributePrincipal对象来组装CasHttpServletRequestWrapper。
    final class CasHttpServletRequestWrapper extends HttpServletRequestWrapper {
        private final AttributePrincipal principal;
        CasHttpServletRequestWrapper(HttpServletRequest request, AttributePrincipal principal) {
            super(request);
            this.principal = principal;
        }
        public Principal getUserPrincipal() {
            return this.principal;
        }
        public String getRemoteUser() {
            return this.principal != null?this.principal.getName():null;
        }
        public boolean isUserInRole(String role) {
            if(CommonUtils.isBlank(role)) {
                HttpServletRequestWrapperFilter.this.logger.debug("No valid role provided.  Returning false.");
                return false;
            } else if(this.principal == null) {
                HttpServletRequestWrapperFilter.this.logger.debug("No Principal in Request.  Returning false.");
                return false;
            } else if(CommonUtils.isBlank(HttpServletRequestWrapperFilter.this.roleAttribute)) {
                HttpServletRequestWrapperFilter.this.logger.debug("No Role Attribute Configured. Returning false.");
                return false;
            } else {
                Object value = this.principal.getAttributes().get(HttpServletRequestWrapperFilter.this.roleAttribute);
                if(value instanceof Collection) {
                    Iterator isMember = ((Collection)value).iterator();

                    while(isMember.hasNext()) {
                        Object o = isMember.next();
                        if(this.rolesEqual(role, o)) {
                            HttpServletRequestWrapperFilter.this.logger.debug("User [{}] is in role [{}]: true", this.getRemoteUser(), role);
                            return true;
                        }
                    }
                }
                boolean isMember1 = this.rolesEqual(role, value);
                HttpServletRequestWrapperFilter.this.logger.debug("User [{}] is in role [{}]: {}", new Object[]{this.getRemoteUser(), role, Boolean.valueOf(isMember1)});
                return isMember1;
            }
        }
        private boolean rolesEqual(String given, Object candidate) {
            return HttpServletRequestWrapperFilter.this.ignoreCase?given.equalsIgnoreCase(candidate.toString()):given.equals(candidate);
        }
    }
posted on 2018-04-13 05:55  ssgao  阅读(1016)  评论(2编辑  收藏  举报