Class SecurePortalBeforeControllerHandler
- java.lang.Object
-
- de.hybris.platform.secureportaladdon.interceptors.SecurePortalBeforeControllerHandler
-
- All Implemented Interfaces:
BeforeControllerHandler
public class SecurePortalBeforeControllerHandler extends java.lang.Object implements BeforeControllerHandler
Intercepts incoming requests to check if the current site will require authentication or not. The site can be secured through the Backoffice by accessing the list of web sites and modifying the attribute requiresAuthentication.
-
-
Constructor Summary
Constructors Constructor Description SecurePortalBeforeControllerHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description booleanbeforeController(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.web.method.HandlerMethod handler)Called before the DispatcherServlet calls the controller.protected java.lang.StringgetRedirectUrl(java.lang.String mapping, boolean secured, java.lang.String otherParameters)protected java.lang.StringgetRedirectUrlIfAuthenticated(java.lang.String otherParameters)protected SessionServicegetSessionService()protected javax.servlet.http.HttpServletRequesthackRefererHeader(javax.servlet.http.HttpServletRequest request)Method to handle the case that the referer of the request is empty.protected booleanisNotLoginRequest(javax.servlet.http.HttpServletRequest request)protected booleanisPreview()Checks if we are in preview mode by checking the presence of a cmsTicketId in session.protected booleanisSiteSecured()protected booleanisUriPartOfSet(javax.servlet.http.HttpServletRequest request, java.util.Set<java.lang.String> inputSet)protected voidmaintainFlashAttributes(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)Maintains flash attributes to prevent data such as global messages to be lost when you are redirected to the login pageprotected voidredirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String targetUrl)voidsetCheckoutLoginUri(java.lang.String checkoutLoginUri)voidsetCmsSiteService(CMSSiteService cmsSiteService)voidsetControlUris(java.util.Set<java.lang.String> controlUris)voidsetDefaultLoginUri(java.lang.String defaultLoginUri)voidsetRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy)voidsetRequestProcessor(SecurePortalRequestProcessor requestProcessor)voidsetSessionService(SessionService sessionService)voidsetSiteBaseUrlResolutionService(SiteBaseUrlResolutionService siteBaseUrlResolutionService)voidsetUnsecuredUris(java.util.Set<java.lang.String> unsecuredUris)voidsetUserService(UserService userService)
-
-
-
Method Detail
-
setCheckoutLoginUri
public void setCheckoutLoginUri(java.lang.String checkoutLoginUri)
-
setDefaultLoginUri
public void setDefaultLoginUri(java.lang.String defaultLoginUri)
-
setRedirectStrategy
public void setRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy)
-
setSiteBaseUrlResolutionService
public void setSiteBaseUrlResolutionService(SiteBaseUrlResolutionService siteBaseUrlResolutionService)
-
setUnsecuredUris
public void setUnsecuredUris(java.util.Set<java.lang.String> unsecuredUris)
-
setControlUris
public void setControlUris(java.util.Set<java.lang.String> controlUris)
-
setCmsSiteService
public void setCmsSiteService(CMSSiteService cmsSiteService)
-
setUserService
public void setUserService(UserService userService)
-
setRequestProcessor
public void setRequestProcessor(SecurePortalRequestProcessor requestProcessor)
-
getSessionService
protected SessionService getSessionService()
-
setSessionService
public void setSessionService(SessionService sessionService)
-
maintainFlashAttributes
protected void maintainFlashAttributes(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)Maintains flash attributes to prevent data such as global messages to be lost when you are redirected to the login page- Parameters:
request- Standard HTTP requestresponse- Standard HTTP response
-
beforeController
public boolean beforeController(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.web.method.HandlerMethod handler) throws java.lang.ExceptionDescription copied from interface:BeforeControllerHandlerCalled before the DispatcherServlet calls the controller.- Specified by:
beforeControllerin interfaceBeforeControllerHandler- Parameters:
request- current HTTP requestresponse- current HTTP response- Returns:
trueif the execution chain should proceed with the next interceptor or the handler itself. Else, DispatcherServlet assumes that this interceptor has already dealt with the response itself.- Throws:
java.lang.Exception- in case of errors
-
isNotLoginRequest
protected boolean isNotLoginRequest(javax.servlet.http.HttpServletRequest request)
-
isUriPartOfSet
protected boolean isUriPartOfSet(javax.servlet.http.HttpServletRequest request, java.util.Set<java.lang.String> inputSet)
-
isSiteSecured
protected boolean isSiteSecured()
-
redirect
protected void redirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String targetUrl)
-
getRedirectUrl
protected java.lang.String getRedirectUrl(java.lang.String mapping, boolean secured, java.lang.String otherParameters)
-
getRedirectUrlIfAuthenticated
protected java.lang.String getRedirectUrlIfAuthenticated(java.lang.String otherParameters)
-
hackRefererHeader
protected javax.servlet.http.HttpServletRequest hackRefererHeader(javax.servlet.http.HttpServletRequest request)
Method to handle the case that the referer of the request is empty. The execution of this method could be switched off from project.properties.
-
isPreview
protected boolean isPreview()
Checks if we are in preview mode by checking the presence of a cmsTicketId in session.- Returns:
- true if in preview mode
-
-