Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Home >> All >> info >> crossbar >> [ filtersAndListeners Javadoc ]

Source code: info/crossbar/filtersAndListeners/UserFilter.java


1   /*
2    *  @(#)UserFilter.java $Revision: 1.3 $ $Date: 2003/06/04 04:55:33 $
3    *
4    *  Copyright 2002 by Daniel Kehoe <kehoe@fortuity.com>
5    *  All Rights Reserved
6    *
7    *  Redistribution and use in source and binary forms, with or without
8    *  modification, are permitted provided that the following conditions
9    *  are met:
10   *  1. Redistributions of source code must retain the above copyright
11   *  notice, this list of conditions and the following disclaimer.
12   *  2. Redistributions in binary form must reproduce the above copyright
13   *  notice, this list of conditions and the following disclaimer in the
14   *  documentation and/or other materials provided with the distribution.
15   *
16   *  THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17   *  ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18   *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19   *  ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20   *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21   *  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22   *  OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23   *  HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24   *  LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25   *  OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26   *  SUCH DAMAGE.
27   */
28  package info.crossbar.filtersAndListeners;
29  
30  import java.util.logging.Logger;
31  import java.util.*;
32  
33  import java.io.IOException;
34  
35  import java.sql.SQLException;
36  
37  import javax.servlet.*;
38  import javax.servlet.http.HttpServletRequest;
39  import javax.servlet.http.HttpSession;
40  
41  import info.crossbar.state.App;
42  import info.crossbar.state.User;
43  import info.crossbar.state.ActiveUsers;
44  import info.crossbar.state.Sitemap;
45  
46  /**
47   * UserFilter class for use by <a href="http://www.crossbar.info/">Crossbar</a>
48   *
49   * @author     Daniel Kehoe, <a href="http://www.fortuity.com/">Fortuity Consulting</a>
50   * @version    <a href="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/crossbar/crossbar-sitemap/src/java/info/crossbar/filtersAndListeners/UserFilter.java">View source, revision history</a>
51   * $Revision: 1.3 $ $Date: 2003/06/04 04:55:33 $
52   * <p>
53   * DESCRIPTION:
54   * A filter that detects if a user has logged in and initializes a User 
55   * object when necessary.
56   */
57  public class UserFilter implements javax.servlet.Filter {
58  
59    /**
60     * Set up logging.
61     */
62    private static Logger log = Logger.getLogger(UserFilter.class.getName());
63  
64      protected FilterConfig filterConfig;
65  
66      public void doFilter(ServletRequest req, ServletResponse response, 
67      FilterChain chain) throws IOException, ServletException {
68      // cast ServletRequest to HttpServletRequest:
69      HttpServletRequest request = (HttpServletRequest) req;
70      ActiveUsers users = (ActiveUsers) App.context.getAttribute("activeUsers");
71      if (users == null) {
72        log.info("activeUsers bean not found; instantiating activeUsers");
73        try {
74          users = new ActiveUsers();
75        } catch (SQLException sqe) {
76          log.severe(sqe.getMessage());
77        }
78      }
79      User user = null;
80      HttpSession session = request.getSession();
81      User currentUser = (User) session.getAttribute("user");
82      if (currentUser == null) {
83        /* This happens on the first request of a visit. A session doesn't exist 
84         * so one is created; a User object doesn't exist so one is created (with 
85         * a userID of "guest").
86         */
87        try {
88          user = new User("guest");
89        } catch (SQLException sqe) {
90          log.severe(sqe.getMessage());
91        } 
92        // identify the user with the current session:
93        String sessionID = "guest";
94        if (session.getId() != null) sessionID = session.getId();
95        user.setSessionID(sessionID);
96        // set the User object in the session:
97        session.setAttribute("user", user);
98        // maintain a list of all active Users:
99        users.add(user);
100       App.context.setAttribute("activeUsers", users);
101       log.info("Created user \"" + user.getUserID() + "\" for session #" + session.getId());
102     } else if (request.getRemoteUser() != null
103       && !currentUser.getUserID().equals(request.getRemoteUser())) {
104       /* 
105        * This condition is fulfilled on the first request after a user has logged in.
106        * The User object will have its default "guest" userID which won't match the RemoteUser
107        * HTTP header. This is a key moment when we must instantiate and set everything needed 
108        * for a user that has logged in.
109        */
110       // create a User object:
111       try {
112         user = new User(request.getRemoteUser());
113       } catch (SQLException sqe) {
114         log.severe(sqe.getMessage());
115       } 
116       // instantiate with values obtained from the database:
117       user.load();
118       /* The "guest" may have set some values for the guest User object.
119        * Here's where those values would be carried over. 
120        * For example, you might move a shopping cart from the "guest" object to the new object:
121        * user.addProducts(currentUser.getProducts());
122        */
123        // identify the user with the current session:
124       String sessionID = "guest";
125       if (session.getId() != null) sessionID = session.getId();
126       user.setSessionID(sessionID);
127       // set the User object in the session:
128       session.setAttribute("user", user);
129       // maintain a list of all active Users, swapping user for guest:
130       users.remove("sessionID", session.getId());
131       users.add(user);
132       log.info("User \"" + user.getUserID() 
133         + "\" replaces User \"" + currentUser.getUserID() 
134         + "\" for session #" + session.getId());
135       App.context.setAttribute("activeUsers", users);
136       /* 
137        * Instantiate a new sitemap object so the navigation menu only contains items that 
138        * the user is in a role to see. Use a constructor that takes the request object as 
139        * an argument so the sitemap can look up the user's roles. Then save the new 
140        * sitemap object in the session, replacing the existing one.
141        */
142        try {
143          Sitemap sitemap = new Sitemap(request);
144          session.setAttribute("sitemap", sitemap);
145       } catch (SQLException sqe) {
146         log.warning(sqe.getMessage());
147       } 
148     }
149         // pass the request on:
150         chain.doFilter(req, response);
151     }
152 
153     public void init(FilterConfig filterConfig) throws ServletException {
154         this.filterConfig = filterConfig;
155     }
156 
157   /**
158    * When the session is destroyed (maybe when logging out a user), remove the user from the
159    * list of active users.
160    */
161     public void destroy() {
162     }
163 }
164