dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 12726: Impl option for avoiding redirect when doing cookie based authentication request only

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Wed, 16 Oct 2013 13:44:33 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 12726
committer: Lars Helge Øverland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2013-10-16 15:43:31 +0200
message:
  Impl option for avoiding redirect when doing cookie based authentication request only
modified:
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CustomAuthenticationFilter.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java	2013-09-02 06:55:31 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/MappedRedirectStrategy.java	2013-10-16 13:43:31 +0000
@@ -40,6 +40,8 @@
 import java.util.HashMap;
 import java.util.Map;
 
+import static org.hisp.dhis.security.filter.CustomAuthenticationFilter.*;
+
 /**
  * @author mortenoh
  */
@@ -81,6 +83,10 @@
     {
         Device device = deviceResolver.resolveDevice( request );
 
+        // ---------------------------------------------------------------------
+        // Ignore certain ajax requests
+        // ---------------------------------------------------------------------
+
         for ( String key : redirectMap.keySet() )
         {
             if ( url.indexOf( key ) != -1 )
@@ -89,7 +95,11 @@
             }
         }
 
-        String mobileVersion = (String) request.getAttribute( "mobileVersion" );
+        // ---------------------------------------------------------------------
+        // Redirect to mobile start pages
+        // ---------------------------------------------------------------------
+
+        String mobileVersion = (String) request.getAttribute( PARAM_MOBILE_VERSION );
         mobileVersion = mobileVersion == null ? "desktop" : mobileVersion;
 
         if ( (device.isMobile() || device.isTablet()) && mobileVersion.equals( "basic" ) )
@@ -105,6 +115,17 @@
             url = getRootPath( request ) + "/";
         }
 
+        // ---------------------------------------------------------------------
+        // Check if redirect should be skipped - for cookie authentication only
+        // ---------------------------------------------------------------------
+
+        String authOnly = (String) request.getAttribute( PARAM_AUTH_ONLY );
+        
+        if ( "true".equals( authOnly ) )
+        {
+            return;
+        }
+
         log.debug( "Redirecting to " + url );
 
         super.sendRedirect( request, response, url );

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CustomAuthenticationFilter.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CustomAuthenticationFilter.java	2013-08-23 16:05:01 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/filter/CustomAuthenticationFilter.java	2013-10-16 13:43:31 +0000
@@ -37,6 +37,9 @@
 public class CustomAuthenticationFilter
     implements Filter
 {
+    public static final String PARAM_MOBILE_VERSION = "mobileVersion";
+    public static final String PARAM_AUTH_ONLY = "authOnly";
+    
     @Override
     public void init( FilterConfig filterConfig ) throws ServletException
     {
@@ -45,13 +48,19 @@
     @Override
     public void doFilter( ServletRequest request, ServletResponse response, FilterChain filterChain ) throws IOException, ServletException
     {
-        String mobileVersion = request.getParameter( "mobileVersion" );
-
+        String mobileVersion = request.getParameter( PARAM_MOBILE_VERSION );
+        String authOnly = request.getParameter( PARAM_AUTH_ONLY );
+        
         if ( mobileVersion != null )
         {
-            request.setAttribute( "mobileVersion", mobileVersion );
+            request.setAttribute( PARAM_MOBILE_VERSION, mobileVersion );
         }
 
+        if ( authOnly != null )
+        {
+            request.setAttribute( PARAM_AUTH_ONLY, authOnly );
+        }
+        
         filterChain.doFilter( request, response );
     }