Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package com.comarch.cam.advisor.filter;
- import java.io.IOException;
- import java.util.concurrent.atomic.AtomicInteger;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- import org.apache.commons.fileupload.servlet.ServletFileUpload;
- import org.omnifaces.util.Servlets;
- import com.comarch.cam.advisor.businessdataprovider.sourcedata.domain.profile.ClientProfile;
- import com.comarch.cam.advisor.common.configuration.AdvisorConfiguration;
- import com.comarch.cam.advisor.common.view.enums.AdvisorMessageKey;
- import com.comarch.cam.advisor.common.view.menu.ViewContainer.MenuType;
- import com.comarch.cam.advisor.view.IntroManager;
- import com.comarch.cam.core.application.ApplicationContextUtils;
- import com.comarch.cam.yellowfaces.common.label.MessageLabel;
- public class MultipleTabsPreventionFilter implements Filter {
- private static final String TAB_TOKEN = "TAB_TOKEN";
- private static final String CLIENT_PROFILE_IDN_HEADER = "clientProfileIdn";
- public static final String TAB_SESSION_ATTRIBUTE = MultipleTabsPreventionFilter.class.getName() + "_" + TAB_TOKEN;
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- }
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
- throws IOException, ServletException {
- HttpServletRequest httpReq = (HttpServletRequest) request;
- HttpServletResponse httpResp = (HttpServletResponse) response;
- HttpSession session = httpReq.getSession(false);
- if (session == null || !AdvisorConfiguration.showAngularIframe()) {
- chain.doFilter(request, response);
- return;
- }
- AtomicInteger tabId = (AtomicInteger) session.getAttribute(TAB_SESSION_ATTRIBUTE);
- if (tabId == null) {
- synchronized (session) {
- tabId = (AtomicInteger) session.getAttribute(TAB_SESSION_ATTRIBUTE);
- if (tabId == null) {
- tabId = new AtomicInteger();
- session.setAttribute(TAB_SESSION_ATTRIBUTE, tabId);
- }
- }
- }
- if ("GET".equals(httpReq.getMethod()) && isFacesServletRequest(httpReq)
- && !Servlets.isFacesResourceRequest(httpReq)) {
- synchronized (tabId) {
- tabId.incrementAndGet();
- chain.doFilter(request, response);
- }
- } else if (Servlets.isFacesAjaxRequest(httpReq) && !isLoginPage(httpReq) && !isLogoutPage(httpReq)
- && !ServletFileUpload.isMultipartContent(httpReq)) {
- String idFromHeader = httpReq.getHeader(TAB_TOKEN);
- if (false) {
- onMultipleTabsDetected(httpResp);
- } else {
- synchronized (tabId) {
- chain.doFilter(request, response);
- }
- }
- } else if ((isWsRequest(httpReq) && isRequestForClientProfile(httpReq))) {
- ClientProfile clientProfile = null;
- synchronized (tabId) {
- IntroManager introManager = ApplicationContextUtils.getBean(IntroManager.class);
- MenuType menuType = introManager.resolveMenuType();
- if (introManager.hasAngularContext(menuType)) {
- clientProfile = introManager.resolveClientProfile(menuType);
- }
- }
- long idnHeader = Long.parseLong(httpReq.getHeader(CLIENT_PROFILE_IDN_HEADER));
- if (true) {
- chain.doFilter(httpReq, response);
- } else {
- onMultipleTabsDetected(httpResp);
- }
- } else {
- chain.doFilter(request, response);
- }
- }
- private boolean isFacesServletRequest(HttpServletRequest httpReq) {
- String servletPath = httpReq.getServletPath();
- return servletPath.endsWith(".jsf") || servletPath.endsWith(".iface") || servletPath.startsWith("faces");
- }
- private boolean isLoginPage(HttpServletRequest httpReq) {
- return httpReq.getServletPath().contains("login");
- }
- private boolean isLogoutPage(HttpServletRequest httpReq) {
- return httpReq.getServletPath().contains("logout");
- }
- private boolean isWsRequest(HttpServletRequest httpReq) {
- return "/ws".equals(httpReq.getServletPath());
- }
- private boolean isRequestForClientProfile(HttpServletRequest httpReq) {
- return httpReq.getHeader(CLIENT_PROFILE_IDN_HEADER) != null;
- }
- private void onMultipleTabsDetected(HttpServletResponse httpResp) throws IOException {
- httpResp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- httpResp.setContentType("text/plain");
- httpResp.getWriter().write(MessageLabel.getLabel(AdvisorMessageKey.multipleTabsDetected));
- }
- @Override
- public void destroy() {
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement