dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #13763
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 4498: implemented MappedRedirectStrategy, for redirecting from one path to another (mainly for use with...
------------------------------------------------------------
revno: 4498
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2011-09-02 10:15:40 +0200
message:
implemented MappedRedirectStrategy, for redirecting from one path to another (mainly for use with ajax requests that messes with target url of spring security)
added:
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java
modified:
dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== added file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java 2011-09-02 08:15:40 +0000
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2004-2010, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package org.hisp.dhis.security;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.web.DefaultRedirectStrategy;
+
+/**
+ * @author mortenoh
+ */
+public class MappedRedirectStrategy
+ extends DefaultRedirectStrategy
+{
+ // -------------------------------------------------------------------------
+ // Dependencies
+ // -------------------------------------------------------------------------
+
+ private Map<String, String> redirectMap = new HashMap<String, String>();
+
+ public Map<String, String> getRedirectMap()
+ {
+ return redirectMap;
+ }
+
+ public void setRedirectMap( Map<String, String> redirectMap )
+ {
+ this.redirectMap = redirectMap;
+ }
+
+ // -------------------------------------------------------------------------
+ // DefaultRedirectStrategy implementation
+ // -------------------------------------------------------------------------
+
+ @Override
+ public void sendRedirect( HttpServletRequest request, HttpServletResponse response, String url )
+ throws IOException
+ {
+ System.out.println("Default url " + url);
+
+ for ( String key : redirectMap.keySet() )
+ {
+ if ( url.indexOf( key ) != -1 )
+ {
+ url = url.replaceFirst( key, redirectMap.get( key ) );
+ System.out.println("Rewritten url " + url);
+ }
+ }
+
+ super.sendRedirect( request, response, url );
+ }
+}
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2011-06-23 14:44:17 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2011-09-02 08:15:40 +0000
@@ -8,6 +8,23 @@
<sec:global-method-security jsr250-annotations="disabled" pre-post-annotations="disabled"
secured-annotations="disabled" />
+ <bean id="mappedRedirectStrategy" class="org.hisp.dhis.security.MappedRedirectStrategy">
+ <property name="redirectMap">
+ <map>
+ <entry>
+ <key>
+ <value>/dhis-web-commons-stream/ping.action</value>
+ </key>
+ <value>/</value>
+ </entry>
+ </map>
+ </property>
+ </bean>
+
+ <bean id="defaultAuthenticationSuccessHandler" class="org.hisp.dhis.security.DefaultAuthenticationSuccessHandler">
+ <property name="redirectStrategy" ref="mappedRedirectStrategy" />
+ </bean>
+
<sec:http access-decision-manager-ref="accessDecisionManager" use-expressions="true" realm="DHIS2">
<sec:form-login default-target-url="/" always-use-default-target="false"
login-processing-url="/dhis-web-commons-security/login.action" authentication-failure-url="/dhis-web-commons/security/loginfailed.html"
@@ -27,8 +44,6 @@
<sec:custom-filter ref="automaticAccessFilter" before="LOGOUT_FILTER" />
</sec:http>
- <bean id="defaultAuthenticationSuccessHandler" class="org.hisp.dhis.security.DefaultAuthenticationSuccessHandler" />
-
<!-- Security : Action -->
<bean id="restrictOrganisationUnitsAction" class="org.hisp.dhis.security.action.RestrictOrganisationUnitsAction"
scope="prototype">
