Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public class AccessControlFilter implements javax.servlet.Filter{
- @Override
- public void init(FilterConfig fc) throws ServletException {
- throw new UnsupportedOperationException("Not supported yet.");
- }
- @Override
- public void doFilter(ServletRequest sr, ServletResponse sr1, FilterChain fc) throws IOException, ServletException {
- HttpServletRequest request = (HttpServletRequest) sr;
- HttpServletResponse response = (HttpServletResponse) sr1;
- if (request.getRequestURI().contains("login")) {
- String username = request.getParameter("username");
- String password = request.getParameter("password");
- if (username.equals("username") && password.equals("password")) {
- request.getSession().setAttribute("authenticated", true);
- response.sendRedirect(request.getContextPath()+"/app/secret");
- return;
- }
- else {
- response.sendRedirect(request.getContextPath()+"/denied.jsp");
- return;
- }
- }
- else {
- if (request.getSession().getAttribute("authenticated") == null) {
- response.sendRedirect(request.getContextPath()+"/denied.jsp");
- return;
- }
- fc.doFilter(request, response);
- }
- }
- @Override
- public void destroy() {
- throw new UnsupportedOperationException("Not supported yet.");
- }
- }
Add Comment
Please, Sign In to add comment