[Yanel-commits] rev 47492 -
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet
michi at wyona.com
michi at wyona.com
Tue Feb 9 13:46:38 CET 2010
Author: michi
Date: 2010-02-09 13:46:38 +0100 (Tue, 09 Feb 2010)
New Revision: 47492
Modified:
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
Log:
logout redirect 301 cache problem fixed
Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java 2010-02-09 09:33:30 UTC (rev 47491)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/YanelServlet.java 2010-02-09 12:46:38 UTC (rev 47492)
@@ -1019,6 +1019,8 @@
/**
* Check authorization and if not authorized then authenticate. Return null if authorization granted, otherwise return 401 and appropriate response such that client can provide credentials for authentication
+ *
+ * @return Null if access is granted and an authentication response if access is denied
*/
private HttpServletResponse doAccessControl(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
@@ -1048,11 +1050,23 @@
}
- if(!authorized) {
+ if (authorized) {
+ if (identity != null && identity.getUsername() != null) {
+ if (identity.getUsername() != null) {
+ log.warn("DEBUG: Access for user '" + identity.getUsername() + "' granted: " + getRequestURLQS(request, null, false));
+ //response.setHeader("Cache-control", "no-cache"); // INFO: Do not cache content for users which are signed in (Also see http://bugzilla.wyona.com/cgi-bin/bugzilla/show_bug.cgi?id=6465), but we currently do not use this because of performance reasons and because we have found another workaround re logout (see doLogout())
+ } else {
+ log.warn("DEBUG: Access for anonymous user (aka WORLD) granted: " + getRequestURLQS(request, null, false));
+ }
+ } else {
+ log.warn("DEBUG: Access for anonymous user (aka WORLD) granted: " + getRequestURLQS(request, null, false));
+ }
+ return null; // INFO: Return null in order to indicate that access is granted
+ } else {
+ log.warn("Access denied: " + getRequestURLQS(request, null, false));
+
// TODO: Implement HTTP BASIC/DIGEST response (see above)
- log.info("Access denied: " + getRequestURLQS(request, null, false));
-
if(!request.isSecure()) {
if(sslPort != null) {
log.info("Redirect to SSL ...");
@@ -1118,9 +1132,6 @@
return response;
}
- } else {
- log.info("Access granted: " + getRequestURLQS(request, null, false));
- return null;
}
}
@@ -1376,18 +1387,15 @@
}
if (log.isDebugEnabled()) log.debug("Regular Logout Successful!");
- //return null;
URL url = new URL(getRequestURLQS(request, null, false).toString());
- String urlWithoutLogoutQS = url.toString().substring(0, url.toString().lastIndexOf("?"));
- log.warn("Redirect to original request: " + urlWithoutLogoutQS);
-
- //response.sendRedirect(url.toString()); // 302
// TODO: Just remove logout part from query string! (http://127.0.0.1:8080/yanel/test/use-cases/index.xhtml?yanel.resource.usecase=checkout&yanel.usecase=logout)
- // TODO: Alternative solution: http://bugzilla.wyona.com/cgi-bin/bugzilla/show_bug.cgi?id=6465
+ //String urlWithoutLogoutQS = url.toString().substring(0, url.toString().lastIndexOf("?"));
+ // INFO: Append timestamp in order to workaround 301 redirect cache problem (Also see http://bugzilla.wyona.com/cgi-bin/bugzilla/show_bug.cgi?id=6465)
+ String urlWithoutLogoutQS = url.toString().substring(0, url.toString().lastIndexOf("?")) + "?yanel.refresh=" + new Date().getTime();
+ log.warn("DEBUG: Redirect to original request: " + urlWithoutLogoutQS);
+
response.setHeader("Location", urlWithoutLogoutQS.toString());
- //response.setHeader("Location", url.toString());
response.setStatus(javax.servlet.http.HttpServletResponse.SC_MOVED_PERMANENTLY); // 301
- //response.setStatus(javax.servlet.http.HttpServletResponse.SC_TEMPORARY_REDIRECT); // 302
return response;
} catch (Exception e) {
log.error(e.getMessage(), e);
@@ -1571,9 +1579,9 @@
}
/**
- * Gets the identity from the session associated with the given request or via the 'Authorization' HTTP header in the case of BASIC or DIGEST
+ * Gets the identity from the session associated with the given request (associated with a realm) or via the 'Authorization' HTTP header in the case of BASIC or DIGEST
* @param request Client/Servlet request
- * @param map
+ * @param map Map in order to determine realm
* @return Identity if one exist, or otherwise an empty identity
*/
static Identity getIdentity(HttpServletRequest request, Map map) throws Exception {
More information about the Yanel-commits
mailing list