001/* 002 * (C) Copyright 2006-2010 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Thierry Delprat 018 */ 019package org.nuxeo.apidoc.filter; 020 021import java.io.IOException; 022import java.util.Date; 023import java.util.Locale; 024import java.util.TimeZone; 025 026import javax.servlet.FilterChain; 027import javax.servlet.ServletException; 028import javax.servlet.ServletRequest; 029import javax.servlet.ServletResponse; 030import javax.servlet.http.HttpServletRequest; 031import javax.servlet.http.HttpServletResponse; 032 033import org.apache.commons.lang3.time.FastDateFormat; 034import org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator; 035import org.nuxeo.runtime.api.Framework; 036 037public class CacheAndAuthFilter extends BaseApiDocFilter { 038 039 // formatted http Expires: Thu, 01 Dec 1994 16:00:00 GMT 040 public static final FastDateFormat HTTP_EXPIRES_DATE_FORMAT = FastDateFormat.getInstance( 041 "EEE, dd MMM yyyy HH:mm:ss z", TimeZone.getTimeZone("GMT"), Locale.US); 042 043 protected Boolean forceAnonymous; 044 045 protected boolean forceAnonymous() { 046 if (forceAnonymous == null) { 047 forceAnonymous = Boolean.valueOf(Framework.isBooleanPropertyTrue("org.nuxeo.apidoc.forceanonymous")); 048 } 049 return forceAnonymous.booleanValue(); 050 } 051 052 @Override 053 protected void internalDoFilter(ServletRequest request, ServletResponse response, FilterChain chain) 054 throws IOException, ServletException { 055 056 HttpServletRequest httpRequest = (HttpServletRequest) request; 057 HttpServletResponse httpResponse = (HttpServletResponse) response; 058 059 boolean activateCaching = false; 060 String anonymousHeader = httpRequest.getHeader("X-NUXEO-ANONYMOUS-ACCESS"); 061 if ("true".equals(anonymousHeader) || forceAnonymous()) { 062 // activate cache 063 activateCaching = true; 064 } else { 065 // deactivate anonymous login 066 httpRequest.setAttribute(AnonymousAuthenticator.BLOCK_ANONYMOUS_LOGIN_KEY, Boolean.TRUE); 067 } 068 069 if (activateCaching) { 070 addCacheHeader(httpResponse, false, "600"); 071 } 072 073 chain.doFilter(httpRequest, httpResponse); 074 075 } 076 077 public static void addCacheHeader(HttpServletResponse httpResponse, boolean isPrivate, String cacheTime) { 078 if (isPrivate) { 079 httpResponse.addHeader("Cache-Control", "private, max-age=" + cacheTime); 080 } else { 081 httpResponse.addHeader("Cache-Control", "public, max-age=" + cacheTime); 082 } 083 084 // Generating expires using current date and adding cache time. 085 // we are using the format Expires: Thu, 01 Dec 1994 16:00:00 GMT 086 Date date = new Date(); 087 long newDate = date.getTime() + Long.parseLong(cacheTime) * 1000; 088 date.setTime(newDate); 089 090 httpResponse.setHeader("Expires", HTTP_EXPIRES_DATE_FORMAT.format(date)); 091 } 092 093}