Author: julien_viet Date: 2010-03-05 10:23:01 -0500 (Fri, 05 Mar 2010) New Revision: 2006 Added: portal/trunk/component/web/src/main/java/org/exoplatform/web/login/RememberMeFilter.java Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/application/PortalStateManager.java Log: GTNPORTAL-771 : Remember-me functionality: Roles are not added on session creation Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java 2010-03-05 14:37:24 UTC (rev 2005) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java 2010-03-05 15:23:01 UTC (rev 2006) @@ -138,7 +138,7 @@ * @param req the incoming request * @return the token */ - private String getRememberMeTokenCookie(HttpServletRequest req) + public static String getRememberMeTokenCookie(HttpServletRequest req) { Cookie[] cookies = req.getCookies(); if (cookies != null) Added: portal/trunk/component/web/src/main/java/org/exoplatform/web/login/RememberMeFilter.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/login/RememberMeFilter.java (rev 0) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/login/RememberMeFilter.java 2010-03-05 15:23:01 UTC (rev 2006) @@ -0,0 +1,91 @@ +/* + * Copyright (C) 2009 eXo Platform SAS. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.exoplatform.web.login; + +import org.gatein.common.text.FastURLEncoder; + +import javax.servlet.*; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.util.Enumeration; + +/** + * The remember me filter performs a send redirect on a portal private servlet mapping when the current request + * is a GET request, the user is not authenticated and there is a remember me token cookie in the request. + * + * @author <a href="mailto:julien.viet@exoplatform.com">Julien Viet</a> + * @version $Revision$ + */ +public class RememberMeFilter implements Filter +{ + /** . */ + private static final FastURLEncoder CONVERTER = FastURLEncoder.getUTF8Instance(); + + public void init(FilterConfig filterConfig) throws ServletException + { + } + + public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException + { + doFilter((HttpServletRequest)req, (HttpServletResponse)resp, chain); + } + + private void doFilter(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException + { + if (req.getRemoteUser() == null && "GET".equals(req.getMethod())) + { + if (InitiateLoginServlet.getRememberMeTokenCookie(req) != null) + { + StringBuilder builder = new StringBuilder(); + builder.append(req.getContextPath()); + builder.append("/private"); + String pathInfo = req.getPathInfo(); + if (pathInfo != null) + { + builder.append(pathInfo); + } + char sep = '?'; + for (Enumeration<String> e = req.getParameterNames();e.hasMoreElements();) + { + String parameterName = e.nextElement(); + for (String parameteValue : req.getParameterValues(parameterName)) + { + builder.append(sep); + sep = '&'; + builder.append(CONVERTER.encode(parameterName)); + builder.append('='); + builder.append(CONVERTER.encode(parameteValue)); + } + } + String s = builder.toString(); + resp.sendRedirect(s); + return; + } + } + + // + chain.doFilter(req, resp); + } + + public void destroy() + { + } +} Modified: portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml =================================================================== --- portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml 2010-03-05 14:37:24 UTC (rev 2005) +++ portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml 2010-03-05 15:23:01 UTC (rev 2006) @@ -81,19 +81,22 @@ <filter-class>org.exoplatform.web.CacheUserProfileFilter</filter-class> </filter> + <filter> + <filter-name>RememberMeFilter</filter-name> + <filter-class>org.exoplatform.web.login.RememberMeFilter</filter-class> + </filter> + <filter> <filter-name>ClusteredSSOFilter</filter-name> <filter-class>org.exoplatform.web.login.ClusteredSSOFilter</filter-class> </filter> -<!-- - <filter> - <filter-name>UserGroupFilter</filter-name> - <filter-class>org.exoplatform.portal.filter.UserGroupFilter</filter-class> - </filter> ---> + <filter-mapping> + <filter-name>RememberMeFilter</filter-name> + <url-pattern>/public/*</url-pattern> + </filter-mapping> - <filter-mapping> + <filter-mapping> <filter-name>ClusteredSSOFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> @@ -144,9 +147,9 @@ </filter-mapping> <filter-mapping> - <filter-name>ThreadLocalSessionProviderInitializedFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> + <filter-name>RestEncodingFilter</filter-name> + <url-pattern>/rest/*</url-pattern> + </filter-mapping> <!-- ================================================================== --> <!-- LISTENER --> Modified: portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/application/PortalStateManager.java =================================================================== --- portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/application/PortalStateManager.java 2010-03-05 14:37:24 UTC (rev 2005) +++ portal/trunk/webui/portal/src/main/java/org/exoplatform/portal/application/PortalStateManager.java 2010-03-05 15:23:01 UTC (rev 2006) @@ -119,16 +119,19 @@ UIApplication uiapp = context.getUIApplication(); // - HttpSession session = getSession(context); + if (uiapp != null) + { + HttpSession session = getSession(context); - // At this point if it returns null it means that it was not possible to create a session - // because the session might be invalidated and the response is already commited to the client. - // That situation happens during a logout that invalidates the HttpSession - if (session != null) - { - String key = getKey(context); - log.debug("Storing application " + key); - session.setAttribute(APPLICATION_ATTRIBUTE_PREFIX + key, new ApplicationState(uiapp, context.getRemoteUser())); + // At this point if it returns null it means that it was not possible to create a session + // because the session might be invalidated and the response is already commited to the client. + // That situation happens during a logout that invalidates the HttpSession + if (session != null) + { + String key = getKey(context); + log.debug("Storing application " + key); + session.setAttribute(APPLICATION_ATTRIBUTE_PREFIX + key, new ApplicationState(uiapp, context.getRemoteUser())); + } } }