[seam-commits] Seam SVN: r8650 - in trunk/src/main/org/jboss/seam: web and 1 other directory.

seam-commits at lists.jboss.org seam-commits at lists.jboss.org
Sun Aug 10 12:32:05 EDT 2008 

Author: dan.j.allen
Date: 2008-08-10 12:32:05 -0400 (Sun, 10 Aug 2008)
New Revision: 8650

Added:
   trunk/src/main/org/jboss/seam/web/IdentityFilter.java
   trunk/src/main/org/jboss/seam/web/IdentityRequestWrapper.java
Modified:
   trunk/src/main/org/jboss/seam/web-2.1.xsd
Log:
JBSEAM-3249


Added: trunk/src/main/org/jboss/seam/web/IdentityFilter.java
===================================================================
--- trunk/src/main/org/jboss/seam/web/IdentityFilter.java	                        (rev 0)
+++ trunk/src/main/org/jboss/seam/web/IdentityFilter.java	2008-08-10 16:32:05 UTC (rev 8650)
@@ -0,0 +1,40 @@
+package org.jboss.seam.web;
+
+import java.io.IOException;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import org.jboss.seam.ScopeType;
+import org.jboss.seam.annotations.Install;
+import org.jboss.seam.annotations.Name;
+import org.jboss.seam.annotations.Scope;
+import org.jboss.seam.annotations.intercept.BypassInterceptors;
+import org.jboss.seam.annotations.web.Filter;
+
+/**
+ * A filter that provides integration between Servlet Security and the Seam
+ * identity component. This integration is accomplished by wrapping the
+ * HttpServletRequest with an HttpServletRequestWrapper implementation that
+ * delegates security-related calls to the Seam identity component.
+ *
+ * @author Dan Allen
+ */
+ at Scope(ScopeType.APPLICATION)
+ at Name("org.jboss.seam.web.identityFilter")
+ at Install(precedence = Install.BUILT_IN, dependencies = "org.jboss.seam.security.identity")
+ at BypassInterceptors
+ at Filter(within = {"org.jboss.seam.web.multipartFilter"})
+public class IdentityFilter extends AbstractFilter {
+
+   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+      throws IOException, ServletException {
+      if (!(request instanceof HttpServletRequest)) {
+         throw new ServletException("This filter can only process HttpServletRequest requests");
+      }
+
+      HttpServletRequest httpRequest = (HttpServletRequest) request;
+      chain.doFilter(new IdentityRequestWrapper(httpRequest), response);
+   }
+}

Added: trunk/src/main/org/jboss/seam/web/IdentityRequestWrapper.java
===================================================================
--- trunk/src/main/org/jboss/seam/web/IdentityRequestWrapper.java	                        (rev 0)
+++ trunk/src/main/org/jboss/seam/web/IdentityRequestWrapper.java	2008-08-10 16:32:05 UTC (rev 8650)
@@ -0,0 +1,39 @@
+package org.jboss.seam.web;
+
+import java.security.Principal;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import org.jboss.seam.Seam;
+import org.jboss.seam.security.Identity;
+
+/**
+ * An HttpServletRequestWrapper implementation that provides integration
+ * between Servlet Security and the Seam identity component.
+ *
+ * @author Dan Allen
+ */
+class IdentityRequestWrapper extends HttpServletRequestWrapper {
+
+   private Identity identity;
+
+   public IdentityRequestWrapper(HttpServletRequest request) {
+      super(request);
+      identity = (Identity) request.getSession().
+         getAttribute(Seam.getComponentName(Identity.class));
+   }
+
+   @Override
+   public String getRemoteUser() {
+      return getUserPrincipal() != null ? getUserPrincipal().getName() : null;
+   }
+
+   @Override
+   public Principal getUserPrincipal() {
+      return Identity.isSecurityEnabled() ? identity.getPrincipal() : null;
+   }
+
+   @Override
+   public boolean isUserInRole(String role) {
+      return getUserPrincipal() != null ? identity.hasRole(role) : false;
+   }
+}

Modified: trunk/src/main/org/jboss/seam/web-2.1.xsd
===================================================================
--- trunk/src/main/org/jboss/seam/web-2.1.xsd	2008-08-10 16:31:18 UTC (rev 8649)
+++ trunk/src/main/org/jboss/seam/web-2.1.xsd	2008-08-10 16:32:05 UTC (rev 8650)
@@ -4,6 +4,16 @@
     xmlns:components="http://jboss.com/products/seam/components" attributeFormDefault="unqualified">
     <xs:import namespace="http://jboss.com/products/seam/components" schemaLocation="components-2.1.xsd"/>
 
+    <xs:element name="identity-filter">
+        <xs:annotation>
+            <xs:documentation>This filter provides integration between Servlet Security and the identity component.</xs:documentation>
+        </xs:annotation>
+        <xs:complexType mixed="true">
+            <xs:attributeGroup ref="components:attlist.component"/>
+            <xs:attributeGroup ref="web:attlist.filter"/>
+        </xs:complexType>
+    </xs:element>
+
     <xs:element name="multipart-filter">
         <xs:annotation>
             <xs:documentation>

More information about the seam-commits mailing list