RetryWithHttpsEntryPoint xref

View Javadoc

1   /* Copyright 2004 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.securechannel;
17  
18  import org.acegisecurity.util.PortMapper;
19  import org.acegisecurity.util.PortMapperImpl;
20  import org.acegisecurity.util.PortResolver;
21  import org.acegisecurity.util.PortResolverImpl;
22  
23  import org.apache.commons.logging.Log;
24  import org.apache.commons.logging.LogFactory;
25  
26  import org.springframework.beans.factory.InitializingBean;
27  import org.springframework.util.Assert;
28  
29  import java.io.IOException;
30  
31  import javax.servlet.ServletException;
32  import javax.servlet.ServletRequest;
33  import javax.servlet.ServletResponse;
34  import javax.servlet.http.HttpServletRequest;
35  import javax.servlet.http.HttpServletResponse;
36  
37  
38  /***
39   * Commences a secure channel by retrying the original request using HTTPS.
40   * 
41   * <P>
42   * This entry point should suffice in most circumstances. However, it is not
43   * intended to properly handle HTTP POSTs or other usage where a standard
44   * redirect would cause an issue.
45   * </p>
46   *
47   * @author Ben Alex
48   * @version $Id: RetryWithHttpsEntryPoint.java,v 1.6 2005/11/17 00:55:50 benalex Exp $
49   */
50  public class RetryWithHttpsEntryPoint implements InitializingBean,
51      ChannelEntryPoint {
52      //~ Static fields/initializers =============================================
53  
54      private static final Log logger = LogFactory.getLog(RetryWithHttpsEntryPoint.class);
55  
56      //~ Instance fields ========================================================
57  
58      private PortMapper portMapper = new PortMapperImpl();
59      private PortResolver portResolver = new PortResolverImpl();
60  
61      //~ Methods ================================================================
62  
63      public void setPortMapper(PortMapper portMapper) {
64          this.portMapper = portMapper;
65      }
66  
67      public PortMapper getPortMapper() {
68          return portMapper;
69      }
70  
71      public void setPortResolver(PortResolver portResolver) {
72          this.portResolver = portResolver;
73      }
74  
75      public PortResolver getPortResolver() {
76          return portResolver;
77      }
78  
79      public void afterPropertiesSet() throws Exception {
80          Assert.notNull(portMapper, "portMapper is required");
81          Assert.notNull(portResolver, "portResolver is required");
82      }
83  
84      public void commence(ServletRequest request, ServletResponse response)
85          throws IOException, ServletException {
86          HttpServletRequest req = (HttpServletRequest) request;
87  
88          String pathInfo = req.getPathInfo();
89          String queryString = req.getQueryString();
90          String contextPath = req.getContextPath();
91          String destination = req.getServletPath()
92              + ((pathInfo == null) ? "" : pathInfo)
93              + ((queryString == null) ? "" : ("?" + queryString));
94  
95          String redirectUrl = contextPath;
96  
97          Integer httpPort = new Integer(portResolver.getServerPort(req));
98          Integer httpsPort = portMapper.lookupHttpsPort(httpPort);
99  
100         if (httpsPort != null) {
101             boolean includePort = true;
102 
103             if (httpsPort.intValue() == 443) {
104                 includePort = false;
105             }
106 
107             redirectUrl = "https://" + req.getServerName()
108                 + ((includePort) ? (":" + httpsPort) : "") + contextPath
109                 + destination;
110         }
111 
112         if (logger.isDebugEnabled()) {
113             logger.debug("Redirecting to: " + redirectUrl);
114         }
115 
116         ((HttpServletResponse) response).sendRedirect(((HttpServletResponse) response)
117             .encodeRedirectURL(redirectUrl));
118     }
119 }