All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPointCustom Maven / Gradle / Ivy

Go to download 

package org.springframework.security.web.authentication;

import java.io.IOException;
import java.io.UnsupportedEncodingException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.util.RedirectUrlBuilder;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import org.springframework.web.util.UriComponentsBuilder;
import org.springframework.web.util.UriUtils;
import org.springframework.web.util.WebUtils;

public class LoginUrlAuthenticationEntryPointCustom extends LoginUrlAuthenticationEntryPoint {
  protected final Log logger = LogFactory.getLog(getClass());

  private String targetUrlParameter;
  private boolean contextRelative;

  public LoginUrlAuthenticationEntryPointCustom(String loginFormUrl) {
    super(loginFormUrl);
  }

  @Override
  public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
    if (logger.isTraceEnabled()) {
      logger.trace(authException.getMessage(), authException);
    }
    else if (logger.isWarnEnabled()) {
      logger.warn(authException.getMessage());
    }
    super.commence(request, response, authException);
  }

  /**
   * @see org.springframework.web.bind.ServletRequestUtils#getStringParameters(javax.servlet.ServletRequest, String)
   * @see org.springframework.web.filter.ForwardedHeaderFilter.ForwardedHeaderRequestWrapper#getForwardedPrefix(javax.servlet.ServletRequest)
   */
  @Override
  protected String buildRedirectUrlToLoginPage(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) {
    String loginForm = determineUrlToUseForThisRequest(request, response, authException);

    if (UrlUtils.isAbsoluteUrl(loginForm)) {
      return loginForm;
    }

    int serverPort = getPortResolver().getServerPort(request);
    String scheme = request.getScheme();

    RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder();

    urlBuilder.setScheme(scheme);
    urlBuilder.setServerName(request.getServerName());
    urlBuilder.setPort(serverPort);
    if (!this.contextRelative) {
      urlBuilder.setContextPath(request.getContextPath());
    }
    urlBuilder.setPathInfo(loginForm);

    if (this.targetUrlParameter != null) {
      UriComponentsBuilder builder = ServletUriComponentsBuilder.fromRequest(request);
      String targetUrlParameter = builder.build().getQueryParams().getFirst(this.targetUrlParameter);
      if (StringUtils.hasText(targetUrlParameter)) {
        builder = UriComponentsBuilder.fromUriString(targetUrlParameter);
      }
      else {
        builder.scheme(null).host(null).port(null);
      }

      String encoding = request.getCharacterEncoding();
      if (encoding == null) {
        encoding = WebUtils.DEFAULT_CHARACTER_ENCODING;
      }

      String targetUrl = builder.build().toUriString();
      try {
        targetUrl = UriUtils.encode(UriUtils.decode(targetUrl, encoding), encoding);
      }
      catch (UnsupportedEncodingException e) {
        if (logger.isWarnEnabled()) {
          logger.warn(e.getMessage(), e);
        }
      }
      urlBuilder.setQuery(this.targetUrlParameter + '=' + targetUrl);
    }

    if (isForceHttps() && "http".equals(scheme)) {
      Integer httpsPort = getPortMapper().lookupHttpsPort(Integer.valueOf(serverPort));

      if (httpsPort != null) {
        // Overwrite scheme and port in the redirect URL
        urlBuilder.setScheme("https");
        urlBuilder.setPort(httpsPort.intValue());
      }
      else {
        logger.warn("Unable to redirect to HTTPS as no port mapping found for HTTP port " + serverPort);
      }
    }
    return urlBuilder.getUrl();
  }

  @Override
  protected String buildHttpsRedirectUrlForRequest(HttpServletRequest request) throws IOException, ServletException {
    int serverPort = getPortResolver().getServerPort(request);
    Integer httpsPort = getPortMapper().lookupHttpsPort(Integer.valueOf(serverPort));

    if (httpsPort != null) {
      RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder();
      urlBuilder.setScheme("https");
      urlBuilder.setServerName(request.getServerName());
      urlBuilder.setPort(httpsPort.intValue());
      if (!this.contextRelative) {
        urlBuilder.setContextPath(request.getContextPath());
      }
      urlBuilder.setServletPath(request.getServletPath());
      urlBuilder.setPathInfo(request.getPathInfo());
      urlBuilder.setQuery(request.getQueryString());
      return urlBuilder.getUrl();
    }
    // Fall through to server-side forward with warning message
    logger.warn("Unable to redirect to HTTPS as no port mapping found for HTTP port " + serverPort);
    return null;
  }

  public void setContextRelative(boolean contextRelative) {
    this.contextRelative = contextRelative;
  }

  public void setTargetUrlParameter(String targetUrlParameter) {
    if (targetUrlParameter != null) {
      Assert.hasText(targetUrlParameter, "targetUrlParameter cannot be empty");
    }
    this.targetUrlParameter = targetUrlParameter;
  }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy