001/* 002 * (C) Copyright 2012 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * bjalon 018 */ 019package org.nuxeo.ecm.mobile.handler; 020 021import java.security.Principal; 022import java.util.Map; 023 024import javax.servlet.http.HttpServletRequest; 025 026import org.apache.commons.logging.Log; 027import org.apache.commons.logging.LogFactory; 028import org.nuxeo.ecm.platform.ui.web.auth.CachableUserIdentificationInfo; 029import org.nuxeo.ecm.platform.usermanager.UserManager; 030import org.nuxeo.runtime.api.Framework; 031import static org.nuxeo.ecm.platform.ui.web.auth.NXAuthConstants.USERIDENT_KEY; 032 033/** 034 * @author <a href="mailto:bjalon@nuxeo.com">Benjamin JALON</a> 035 * @since 5.5 036 */ 037public class AnonymousRequestHandler implements RequestHandler { 038 039 private static final Log log = LogFactory.getLog(AnonymousRequestHandler.class); 040 041 @Override 042 public boolean isRequestRedirectedToApplicationLoginForm(HttpServletRequest request) { 043 // same logic 044 return this.isRequestRedirectedToApplication(request); 045 } 046 047 @Override 048 public boolean isRequestRedirectedToApplication(HttpServletRequest request) { 049 HttpServletRequest httpRequest = (HttpServletRequest) request; 050 051 String username = getUsernameFromRequest(httpRequest); 052 053 if (username == null) { 054 log.debug("No principal found in session, request not selected"); 055 return false; 056 } 057 058 String anonymousUsername = getAnonymousUsername(); 059 060 if (anonymousUsername.equals(username)) { 061 return true; 062 } 063 064 return false; 065 } 066 067 protected String getUsernameFromRequest(HttpServletRequest request) { 068 Principal principal = request.getUserPrincipal(); 069 String result = null; 070 071 if (principal != null) { 072 result = principal.getName(); 073 } else { 074 Object att = request.getSession().getAttribute(USERIDENT_KEY); 075 if (att == null || !(att instanceof CachableUserIdentificationInfo)) { 076 log.debug("No identity found in session, Application not selected"); 077 return null; 078 } 079 080 principal = ((CachableUserIdentificationInfo) att).getPrincipal(); 081 result = principal.getName(); 082 } 083 log.debug("username fetched in session: " + result); 084 return result; 085 086 } 087 088 protected String getAnonymousUsername() { 089 return Framework.getService(UserManager.class).getAnonymousUserId(); 090 } 091 092 @Override 093 public RequestHandler init(Map<String, String> properties) { 094 return this; 095 } 096 097}