The cast below filters a url path as well as cheque if there's a logged inwards user.
package com.czetsuya.listener; import java.io.IOException; import javax.enterprise.inject.Instance; import javax.inject.Inject; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.picketlink.Identity; @WebFilter(urlPatterns = RealmProtectionFilter.REALM_BASE_URI + "/*") world cast RealmProtectionFilter implements Filter { world static concluding String REALM_BASE_URI = "/pages/secured"; @Inject mortal Instance identityInstance; mortal Identity getIdentity() { provide this.identityInstance.get(); } @Override world void destroy() { } @Override world void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; boolean isAuthorized = getIdentity().isLoggedIn(); if (isAuthorized) { chain.doFilter(httpRequest, httpResponse); } else { forwardAccessDeniedPage(httpRequest, httpResponse); } } mortal void forwardAccessDeniedPage(HttpServletRequest httpRequest, HttpServletResponse httpResponse) throws ServletException, IOException { httpRequest.getServletContext() .getRequestDispatcher("/error/accessDenied.jsf") .forward(httpRequest, httpResponse); } @Override world void init(FilterConfig filterConfig) throws ServletException { } } The url /pages/secured is validated, if no nosotros redirect to /error/accessDenied.jsf.
0 komentar:
Please comment if there are any that need to be asked.