HttpServletRequestWrapperFilter
作用其实很简单就是 在HttpServletRequest对象在包装一次,让其支持getUserPrincipal,getRemoteUser方法来获取登录的用户信息。
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//从session或者request中取得AttributePrincipal,其实Assertion的一个principal属性
AttributePrincipal principal = this.retrievePrincipalFromSessionOrRequest(servletRequest);
//对request进行包装,并处理后面的过滤器,使其后面的过滤器或者servlert能够在reqeust能够在request.getRemoteUser()或者request.getUserPrincipal
filterChain.doFilter(new HttpServletRequestWrapperFilter.CasHttpServletRequestWrapper((HttpServletRequest)servletRequest, principal), servletResponse);
}
protected AttributePrincipal retrievePrincipalFromSessionOrRequest(ServletRequest servletRequest) {
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpSession session = request.getSession(false);
Assertion assertion = (Assertion)((Assertion)(session == null?request.getAttribute("_const_cas_assertion_"):session.getAttribute("_const_cas_assertion_")));
return assertion == null?null:assertion.getPrincipal();
}
实现起来也比较简单,这个里面使用一个内部类CasHttpServletRequestWrapper,其继承HttpServletRequestWrapper,
通过给定Assertion对象中取得AttributePrincipal对象来组装CasHttpServletRequestWrapper。
final class CasHttpServletRequestWrapper extends HttpServletRequestWrapper {
private final AttributePrincipal principal;
CasHttpServletRequestWrapper(HttpServletRequest request, AttributePrincipal principal) {
super(request);
this.principal = principal;
}
public Principal getUserPrincipal() {
return this.principal;
}
public String getRemoteUser() {
return this.principal != null?this.principal.getName():null;
}
public boolean isUserInRole(String role) {
if(CommonUtils.isBlank(role)) {
HttpServletRequestWrapperFilter.this.logger.debug("No valid role provided. Returning false.");
return false;
} else if(this.principal == null) {
HttpServletRequestWrapperFilter.this.logger.debug("No Principal in Request. Returning false.");
return false;
} else if(CommonUtils.isBlank(HttpServletRequestWrapperFilter.this.roleAttribute)) {
HttpServletRequestWrapperFilter.this.logger.debug("No Role Attribute Configured. Returning false.");
return false;
} else {
Object value = this.principal.getAttributes().get(HttpServletRequestWrapperFilter.this.roleAttribute);
if(value instanceof Collection) {
Iterator isMember = ((Collection)value).iterator();
while(isMember.hasNext()) {
Object o = isMember.next();
if(this.rolesEqual(role, o)) {
HttpServletRequestWrapperFilter.this.logger.debug("User [{}] is in role [{}]: true", this.getRemoteUser(), role);
return true;
}
}
}
boolean isMember1 = this.rolesEqual(role, value);
HttpServletRequestWrapperFilter.this.logger.debug("User [{}] is in role [{}]: {}", new Object[]{this.getRemoteUser(), role, Boolean.valueOf(isMember1)});
return isMember1;
}
}
private boolean rolesEqual(String given, Object candidate) {
return HttpServletRequestWrapperFilter.this.ignoreCase?given.equalsIgnoreCase(candidate.toString()):given.equals(candidate);
}
}