package security.filter; import java.io.IOException; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.AuthenticationException; import org.springframework.security.util.AntUrlPathMatcher; import org.springframework.security.util.RegexUrlPathMatcher; import org.springframework.security.util.UrlMatcher; import project.web.admin.systemuser.AdminCustomerController; /** * *

Title: 重载 security URL重定向

*/ public class AuthenticationProcessingFilterEntryPoint extends org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint { private static final Logger logger=LoggerFactory.getLogger(AuthenticationProcessingFilterEntryPoint.class); String[] roles = null; String urlMatcherPathType = System.getProperty("security.url.matcher.path.type"); boolean init = false; /** * Performs the redirect (or forward) to the login form URL. */ public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; String redirectUrl = null; if (isServerSideRedirect()) { if (isForceHttps() && "http".equals(request.getScheme())) { redirectUrl = buildHttpsRedirectUrlForRequest(httpRequest); } if (redirectUrl == null) { String loginForm = determineUrlToUseForThisRequest(httpRequest, httpResponse, authException); if (logger.isDebugEnabled()) { logger.debug("Server side forward to: " + loginForm); } RequestDispatcher dispatcher = httpRequest.getRequestDispatcher(loginForm); dispatcher.forward(request, response); return; } } else { // 是否跳转 boolean whetherRedirect = true; // request是否跳转值 String redirectValue = httpRequest.getParameter("redirect"); if (redirectValue != null && "false".equalsIgnoreCase(redirectValue)) { whetherRedirect = false; } String verifyUrl = httpRequest.getRequestURI(); if (roles != null) { for (int i = 0; i < roles.length; i++) { if (isUrlMatch(roles[i], verifyUrl, urlMatcherPathType, true)) { whetherRedirect = false; break; } } } if (whetherRedirect) { redirectUrl = buildRedirectUrlToLoginPage(httpRequest, httpResponse, authException); } else { httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authentication Failed: " + authException.getMessage()); return; } } httpResponse.sendRedirect(httpResponse.encodeRedirectURL(redirectUrl)); } private boolean isUrlMatch(String rule, String verifyUrl, String urlMatcherPathType, boolean lowercaseComparisons) { UrlMatcher urlMatcher; if ("Regex".equals(urlMatcherPathType)) { urlMatcher = new RegexUrlPathMatcher(); if (lowercaseComparisons) { ((RegexUrlPathMatcher) urlMatcher).setRequiresLowerCaseUrl(true); } else { ((RegexUrlPathMatcher) urlMatcher).setRequiresLowerCaseUrl(false); } return urlMatcher.pathMatchesUrl(rule, verifyUrl); } else if ("Ant".equals(urlMatcherPathType)) { urlMatcher = new AntUrlPathMatcher(); if (lowercaseComparisons) { ((AntUrlPathMatcher) urlMatcher).setRequiresLowerCaseUrl(true); } else { ((AntUrlPathMatcher) urlMatcher).setRequiresLowerCaseUrl(false); } return urlMatcher.pathMatchesUrl(rule, verifyUrl); } return false; } }