org.davesag.generica.servlet.filter
Class AccessControlFilter

java.lang.Object
  extended byorg.davesag.generica.servlet.filter.AccessControlFilter
All Implemented Interfaces:
Filter

public class AccessControlFilter
extends Object
implements Filter

The AccessControlFilter checks that there is a currently logged in user. If the current user is not logged in forward control to the login page, as specified by the config init parameter "loginPage". You may also pass a parameter "userClass" in order to control access to parts of the site based on the class of user found in the session.

This method will remember the page the user was trying to get to and pass that info on to the login action once they have successfully logged in via the session attribute Constants.ORIGINAL_LOGIN_REQUEST.

Since:
Generica 1.0
Version:
CVS Revision $Id: AccessControlFilter.java,v 1.13 2004/03/30 13:00:42 davesag Exp $
Author:
Dave Sag http://www.davesag.com
See Also:
LoginAction

Constructor Summary
AccessControlFilter()
           
 
Method Summary
 void destroy()
          Just nulls out the instance variables.
 void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
          Checks for the user key in the current session.
 void init(FilterConfig config)
          Initialise the filter with the params from the web.xml file.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AccessControlFilter

public AccessControlFilter()
Method Detail

init

public void init(FilterConfig config)
          throws ServletException
Initialise the filter with the params from the web.xml file. The params are "loginPage" - required, and "userClass" - optional.

Specified by:
init in interface Filter
Parameters:
config - The FilterConfig.
Throws:
ServletException - if the init params were wrong.

destroy

public void destroy()
Just nulls out the instance variables.

Specified by:
destroy in interface Filter

doFilter

public void doFilter(ServletRequest request,
                     ServletResponse response,
                     FilterChain chain)
              throws IOException,
                     ServletException
Checks for the user key in the current session. If it's there then checks the class of the user against the userClass provided and bounces to the login page if the correct user type is not logged in.

Specified by:
doFilter in interface Filter
Parameters:
request - The ServletRequest
response - The ServletResponse
chain - The FilterChain
Throws:
IOException - if some IO problem happens.
ServletException - if some any other kind of problem happens.


Dave Sag Generica API version 0.5.9 - (prerelease) Copyright 2003 - 2004 Dave Sag.