Class SecurePortalBeforeControllerHandler
java.lang.Object
de.hybris.platform.b2bacceleratoraddon.interceptors.SecurePortalBeforeControllerHandler
- All Implemented Interfaces:
BeforeControllerHandler
Intercepts incoming requests to check if the current site will require authentication or not. The site can be secured
through the Backoffice by accessing the list of web sites and modifying the attribute requiresAuthentication.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionbooleanbeforeController(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.web.method.HandlerMethod handler) Called before the DispatcherServlet calls the controller.protected StringgetRedirectUrl(String mapping, boolean secured, String otherParameters) protected StringgetRedirectUrlIfAuthenticated(String otherParameters) protected SessionServiceprotected javax.servlet.http.HttpServletRequesthackRefererHeader(javax.servlet.http.HttpServletRequest request) Method to handle the case that the referer of the request is empty.protected booleanhandleAnonymousNotLoginRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String otherRequestParam) protected booleanhandleUriPartOfSet(boolean isUserAnonymous, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String otherRequestParam) protected booleanisNotLoginRequest(javax.servlet.http.HttpServletRequest request) protected booleanChecks if we are in preview mode by checking the presence of a cmsTicketId in session.protected booleanprotected booleanisUriPartOfSet(javax.servlet.http.HttpServletRequest request, Set<String> inputSet) protected booleanprotected voidmaintainFlashAttributes(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Maintains flash attributes to prevent data such as global messages to be lost when you are redirected to the login pageprotected voidredirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String targetUrl) voidsetCheckoutLoginUri(String checkoutLoginUri) voidsetCmsSiteService(CMSSiteService cmsSiteService) voidsetControlUris(Set<String> controlUris) voidsetDefaultLoginUri(String defaultLoginUri) voidsetRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy) voidsetRequestProcessor(SecurePortalRequestProcessor requestProcessor) voidsetSessionService(SessionService sessionService) voidsetSiteBaseUrlResolutionService(SiteBaseUrlResolutionService siteBaseUrlResolutionService) voidsetUnsecuredUris(Set<String> unsecuredUris) voidsetUserService(UserService userService)
-
Constructor Details
-
SecurePortalBeforeControllerHandler
public SecurePortalBeforeControllerHandler()
-
-
Method Details
-
setCheckoutLoginUri
-
setDefaultLoginUri
-
setRedirectStrategy
public void setRedirectStrategy(org.springframework.security.web.RedirectStrategy redirectStrategy) -
setSiteBaseUrlResolutionService
public void setSiteBaseUrlResolutionService(SiteBaseUrlResolutionService siteBaseUrlResolutionService) -
setUnsecuredUris
-
setControlUris
-
setCmsSiteService
-
setUserService
-
setRequestProcessor
-
getSessionService
-
setSessionService
-
maintainFlashAttributes
protected void maintainFlashAttributes(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Maintains flash attributes to prevent data such as global messages to be lost when you are redirected to the login page- Parameters:
request- Standard HTTP requestresponse- Standard HTTP response
-
beforeController
public boolean beforeController(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, org.springframework.web.method.HandlerMethod handler) throws Exception Description copied from interface:BeforeControllerHandlerCalled before the DispatcherServlet calls the controller.- Specified by:
beforeControllerin interfaceBeforeControllerHandler- Parameters:
request- current HTTP requestresponse- current HTTP response- Returns:
trueif the execution chain should proceed with the next interceptor or the handler itself. Else, DispatcherServlet assumes that this interceptor has already dealt with the response itself.- Throws:
Exception- in case of errors
-
isUserSoftLoggedIn
protected boolean isUserSoftLoggedIn() -
handleAnonymousNotLoginRequest
protected boolean handleAnonymousNotLoginRequest(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String otherRequestParam) -
handleUriPartOfSet
protected boolean handleUriPartOfSet(boolean isUserAnonymous, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String otherRequestParam) -
isNotLoginRequest
protected boolean isNotLoginRequest(javax.servlet.http.HttpServletRequest request) -
isUriPartOfSet
-
isSiteSecured
protected boolean isSiteSecured() -
redirect
protected void redirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String targetUrl) -
getRedirectUrl
-
getRedirectUrlIfAuthenticated
-
hackRefererHeader
protected javax.servlet.http.HttpServletRequest hackRefererHeader(javax.servlet.http.HttpServletRequest request) Method to handle the case that the referer of the request is empty. The execution of this method could be switched off from project.properties. -
isPreview
protected boolean isPreview()Checks if we are in preview mode by checking the presence of a cmsTicketId in session.- Returns:
- true if in preview mode
-