001/* 002 * (C) Copyright 2012 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * bjalon 016 */ 017package org.nuxeo.ecm.mobile.handler; 018 019import java.security.Principal; 020import java.util.Map; 021 022import javax.servlet.http.HttpServletRequest; 023 024import org.apache.commons.logging.Log; 025import org.apache.commons.logging.LogFactory; 026import org.nuxeo.ecm.platform.ui.web.auth.CachableUserIdentificationInfo; 027import org.nuxeo.ecm.platform.usermanager.UserManager; 028import org.nuxeo.runtime.api.Framework; 029import static org.nuxeo.ecm.platform.ui.web.auth.NXAuthConstants.USERIDENT_KEY; 030 031/** 032 * @author <a href="mailto:bjalon@nuxeo.com">Benjamin JALON</a> 033 * @since 5.5 034 */ 035public class AnonymousRequestHandler implements RequestHandler { 036 037 private static final Log log = LogFactory.getLog(AnonymousRequestHandler.class); 038 039 @Override 040 public boolean isRequestRedirectedToApplicationLoginForm(HttpServletRequest request) { 041 // same logic 042 return this.isRequestRedirectedToApplication(request); 043 } 044 045 @Override 046 public boolean isRequestRedirectedToApplication(HttpServletRequest request) { 047 HttpServletRequest httpRequest = (HttpServletRequest) request; 048 049 String username = getUsernameFromRequest(httpRequest); 050 051 if (username == null) { 052 log.debug("No principal found in session, request not selected"); 053 return false; 054 } 055 056 String anonymousUsername = getAnonymousUsername(); 057 058 if (anonymousUsername.equals(username)) { 059 return true; 060 } 061 062 return false; 063 } 064 065 protected String getUsernameFromRequest(HttpServletRequest request) { 066 Principal principal = request.getUserPrincipal(); 067 String result = null; 068 069 if (principal != null) { 070 result = principal.getName(); 071 } else { 072 Object att = request.getSession().getAttribute(USERIDENT_KEY); 073 if (att == null || !(att instanceof CachableUserIdentificationInfo)) { 074 log.debug("No identity found in session, Application not selected"); 075 return null; 076 } 077 078 principal = ((CachableUserIdentificationInfo) att).getPrincipal(); 079 result = principal.getName(); 080 } 081 log.debug("username fetched in session: " + result); 082 return result; 083 084 } 085 086 protected String getAnonymousUsername() { 087 return Framework.getService(UserManager.class).getAnonymousUserId(); 088 } 089 090 @Override 091 public RequestHandler init(Map<String, String> properties) { 092 return this; 093 } 094 095}