package com.standardset.web.filter; import org.apache.log4j.Category; import javax.servlet.Filter; import javax.servlet.FilterConfig; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import javax.servlet.http.HttpServletRequestWrapper; import java.util.Collection; import java.util.LinkedList; import java.util.StringTokenizer; import java.io.IOException; import java.security.Principal; public class PrincipalFilter implements Filter { private final static Category log = Category.getInstance(PrincipalFilter.class); private final static String PRINCIPAL = "com.standardset.web.filter.PrincipalFilter.PRINCIPAL"; private static final class PrincipalFilterRequest extends HttpServletRequestWrapper { private Principal principal; public PrincipalFilterRequest(final HttpServletRequest request, final Principal principal) { super(request); this.principal = principal; } public Principal getUserPrincipal() { return principal; } } public void init(FilterConfig cfg) { } public void destroy() { } public void doFilter( ServletRequest req, final ServletResponse res, final FilterChain chain ) throws IOException, ServletException { //Assume we are doing a http request // final HttpServletRequest request = (HttpServletRequest) req; final HttpSession session = request.getSession(false); //If we have a session then continue, otherwise, does not apply // if (session != null) { //Get the principal, if it's not null, then we are logged in // final Principal principal = request.getUserPrincipal(); //If we don't have a principal, see if we have one already stored in the session // if (principal == null) { //If we have one in the session then use it // final Principal sessionPrincipal = (Principal) session.getAttribute(PRINCIPAL); //If we have a principal in the session then use it // if (sessionPrincipal != null) { System.out.println("********************************************* READING FROM PRINCIPAL FROM SESSION"); req = new PrincipalFilterRequest( request, sessionPrincipal ); } } else { System.out.println("****************************************** WRITING PRINCIPAL TO SESSION"); //We have a principal, store it in the session as well // session.setAttribute(PRINCIPAL, principal); } } //Next // chain.doFilter(req, res); } }