Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /*
- * To change this template, choose Tools | Templates
- * and open the template in the editor.
- */
- package wad.accesscontrol;
- import java.io.IOException;
- import javax.servlet.Filter;
- import javax.servlet.FilterChain;
- import javax.servlet.FilterConfig;
- import javax.servlet.ServletException;
- import javax.servlet.ServletRequest;
- import javax.servlet.ServletResponse;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- /**
- *
- * @author jonne
- */
- public class AccessControlFilter implements Filter {
- private FilterConfig filterConfig;
- @Override
- public void init(FilterConfig fc) throws ServletException {
- this.filterConfig = fc;
- }
- @Override
- public void doFilter(ServletRequest sr, ServletResponse sr1, FilterChain fc) throws IOException, ServletException {
- HttpServletRequest httpRequest = (HttpServletRequest) sr;
- HttpServletResponse httpResponse = (HttpServletResponse) sr1;
- String url = httpRequest.getRequestURI();
- if(url.contains("login")) {
- String username = (String)httpRequest.getParameter("username");
- String password = (String)httpRequest.getParameter("password");
- if(username != null && password != null && username.equals("username") && password.equals("password")) {
- httpRequest.getSession().setAttribute("authenticated", (Boolean)true);
- httpResponse.sendRedirect(httpRequest.getContextPath()+"/app/secret");
- }
- }
- else {
- if(httpRequest.getSession().getAttribute("authenticated") == null) {
- httpResponse.sendRedirect(httpRequest.getContextPath()+"/denied.jsp");
- }
- else {
- fc.doFilter(httpRequest, httpResponse);
- }
- }
- }
- @Override
- public void destroy() {
- }
- }
Add Comment
Please, Sign In to add comment
